Zero Day Initiative Advisory 11-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within vgx.dll while parsing VML objects from the DOM. Specifically, the faulty code exists while handling imagedata parameters during page deconstruction. By dynamically assigning an attribute to an imagedata object the process can be made to access freed memory. Successful exploitation can lead to code execution under the context of the application.
e2f1a3a67c17f194c6025045c038c7029db3ca08cadcd0779e6653bc302261c0Zero Day Initiative Advisory 11-196 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles HTTP 302 redirects to CDL protocols. When Internet Explorer tries to determine who is responsible for handling the protocol redirect it fails to keep a correct reference counter to a Transaction object which results in a use-after-free vulnerability. This can be leveraged into remote code execution under the context of the current user.
1b80106373d399e571e8963c7684587d924b8b47515440acc04b445a6cd4a1a1Zero Day Initiative Advisory 11-195 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet explorer handles the javascript statement 'selection.empty' during certain onclick events. By causing a particular sequence of events, an attacker can cause a CDisplayObject to be freed while it is still in use. This results in an operation on previously freed memory that can be utilized to achieve remote code execution.
c4549c31717a307d16873d67c9fb3a0dd94acb7857939ab51301a143ecd946f8Zero Day Initiative Advisory 11-194 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles unusual values for the layout-grid-char style property. Specific values may result in the destruction of a tree node that is still in use during the rendering of the HTML page. The resulting use-after-free vulnerability can be leveraged to achieve remote code execution.
e66ab6e34ab6238db402bf9848f12cc239fbc897c52696492d594c2d9caf51e9Zero Day Initiative Advisory 11-193 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles multiple javascript modifications to the document. In certain instances the application will free an object due to a modification and then later access it again when attempting to destroy it. This re-use can lead to code execution under the context of the application.
839e2cd49a21be940524e3a7df7f41bf7c85996c640fd80b762e9820a8b2873dDebian Linux Security Advisory 2260-1 - Two vulnerabilities were discovered in Ruby on Rails, a web application framework.
393e0d36ccbed8ff1c5830a32f65306af4d797f52757615b801f2a287e96475bHP Security Bulletin HPSBMA02627 SSRT090246 2 - A potential vulnerability has been identified with HP OpenView Performance Insight Server. The vulnerability could be exploited remotely to execute arbitrary code. Revision 2 of this advisory.
45c49adfe687d668c11eb1396dd1eaa518786d3e124fcd8beacfef5d478d3738Infopublica Solutions suffers from a remote SQL injection vulnerability.
96883a882fa9a9d86380171a96ad677d61721fa56762bf54a327ccd9d402bfe2vBulletin version 3.x.x with the vBTube version 1.2.9 add-on suffers from multiple cross site scripting vulnerabilities.
e7f22f85242668c8be470d27ff17b6110ad159892ef6a775b8c5c662c0fc2ff9Proof of concept denial of service exploit for Windows Media Player with the K-Lite CODEC pack.
26133347e03447d3d2e2d73f9d6939ab76ee3ad49c5cfc96136f6cbc5bc695f8CubeCart version 2.0.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
988a9c3a3598b0fae75a81847ac6d209b66747f1353950e522e2dca81f228937Secunia Security Advisory - SUSE has issued an update for java-1_6_0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system.
131a226ef1297b6563d6668c7347b71da24ddd8baaf67701e8e3905e62e7a030Secunia Security Advisory - SUSE has issued an update for openssl. This fixes a weakness, which can be exploited by malicious people to disclose potentially sensitive information.
f939068babff2ea4ab3d9c2610a51e0abf8c88c654745a99e0924fbdd4670566Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
8b9b10990d9a832346d777efc7b662dd2cc74b525044cfadac154efd08b7ff19Secunia Security Advisory - A vulnerability has been reported in Microsoft Forefront Threat Management Gateway (TMG) Client, which can be exploited by malicious people to compromise a vulnerable system.
38f22090922eea3a2b322d7efda7cf72e82cb8c837e65d57b04d675550bba548Secunia Security Advisory - Debian has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d2a48b656597dc5ca5ad5cfb6748bcb2255e19f3dbf279df0f6cfd76bfb0eb36Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Editor, which can be exploited by malicious people to disclose potentially sensitive information.
06c6b385010a8992521088a0d65318b74e4defa90bac3a6cb98d8ad6369567a8Secunia Security Advisory - A vulnerability has been reported in Microsoft XML Editor, which can be exploited by malicious people to disclose potentially sensitive information.
06c6b385010a8992521088a0d65318b74e4defa90bac3a6cb98d8ad6369567a8Secunia Security Advisory - A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a user's system.
e6a31972de0731bd05ef967bead43b7ebfde051cbc7cfbb2f617fb22d8963870Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
cab300a8ea4039b53514f0229f2c8099c77c327391d4b527dd94a5a74cb67416Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
6bddfa0b7d706e3fa73ceea169fd82d50897296c2c0677639f9723686b395f4fSecunia Security Advisory - A vulnerability has been reported in Microsoft .NET Framework and Silverlight, which can be exploited by malicious people to compromise a vulnerable system.
d479bf5af75706bbed6beb2200f03d10d1c1a9c4db6f7c1baf97baf25937e4a9Secunia Security Advisory - A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
36db7d3cce47d9aa6c2fc3ba470da61a350abf6a4dd12f39ce79e5dc2259b1f7Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.
cab300a8ea4039b53514f0229f2c8099c77c327391d4b527dd94a5a74cb67416Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
ca3b6b59c869a85659b28992d30be9e08f332acd5af9c44b5a032f1670b65489
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed