Ubuntu Security Notice 1153-1 - Chris Evans discovered that libxml2 incorrectly handled memory allocation. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.
f65e95cdd5c0ef0e96ddf24c1a4d1a49d66b797a383b45a1256199b0788c5232Ubuntu Security Notice 1152-1 - It was discovered that libvirt did not use thread-safe error reporting. A remote attacker could exploit this to cause a denial of service via application crash. Eric Blake discovered that libvirt had an off-by-one error which could be used to reopen disk probing and bypass the fix for CVE-2010-2238. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 11.04. By default, guests are confined by an AppArmor profile which provided partial protection against this flaw. Various other issues were also addressed.
3cbf89bdc62c18839c600f7eb78579d9d936f562297bd8a52e5131244fa6abd7Debian Linux Security Advisory 2261-1 - Joernchen of Phenoelit discovered several vulnerabilities in Redmine, a project management web application.
29042a5e60b6965b5388fc8a1fa00a5c5140b319423dbc0e59c1ac33c4cf8a6fCatalog Builder Ecommerce Software suffers from a remote blind SQL injection vulnerability.
3df96bf5d62f699c6baa24fc854ff38e301e72d6f21d5b4ca4a33470d1ec10f4German AD-Free suffers from a remote SQL injection vulnerability.
2f32c4704950dcf266779f8c67db34ff86684399f3f12c1ae208702d54cbd686This is the Viper auto-rooting script that is written for Linux, SunOS, Mac OS X, and FreeBSD.
5c2ab18173e0e9d1c12ceccdd9635d100e00896d535a7816b65d5b030a8c0d1aZero Day Initiative Advisory 11-222 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
099f54819072a87e2cc9db5276a7a0faf0f5f5328219f10b57c9ad1173f19cc6Zero Day Initiative Advisory 11-221 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used for a loop counter, which will cause heap memory to be overwritten. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
bed58da965543e296a8f4842d92d2faf589d85fc0441977458b685f2bd9ff0d5Core Security Technologies Advisory - The administrative console of IBM WebSphere Application Server is vulnerable to Cross-Site Request Forgery (CSRF) attacks, which can be exploited by remote attackers to force a logged-in administrator to perform unwanted actions on the IBM WebSphere administrative console, by enticing him to visit a malicious web page. Versions 7.0.0.11 and 7.0.0.13 are confirmed vulnerable.
c5935cba98df6fe3be07143a413aa1c7d1b1b171f7643b662db9f9dff22ce27eA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rcsL chunk inside Adobe's RIFF-based Director file format. The code within the dirapi.dll does not properly validate substructure elements before using them to manipulate memory. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
2e9a419ed0169c3cc6d9ce5d2e301542d14e6febbed1409f4b43cadd505ed726A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Lnam chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll does not properly validate certain fields before using them to calculate sizes used for later memory copy operations. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
bbf4794eaa3e7dac2a4e188e4b0d7f002bdca57bfa15469360277fa9c43b6388A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll does not properly parse GIF images. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
c47310fe30f191a9103f8e515efc87c64abc3fda48eef04760d8f44811c9acf7Boybdream Shop suffers from a remote SQL injection vulnerability.
3883c1aaeb4f120c3da6af09888136221af6724ffdeabf928c1e93621a7cdaf9Zero Day Initiative Advisory 11-220 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of the RIFF-based Director (.dir) files. When handling an undocumented substructure, the code within dirapi.dll can be forced to incorrectly calculate a destination pointer if it encounters certain 1-byte opcodes within the .dir file. The assumptions made by the code can allow for malicious values to influence a size parameter that is used to calculate a memory address. This address is then written to with controlled data. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
7ce4bc2e5363a0845511ebbcaf9f91ca8d13fd5a47368fb1908ec0231aa16841BeVivid WMS suffers from remote blind SQL injection vulnerabilities.
15b15b7f28474bb6603bb5e824386ef856f5d961e9818c0d9c7ce5608c1a94abFree Simple CMS version 1.0 suffers from cross site scripting and local file inclusion vulnerabilities.
fac147387be53cf36a5687dfa3256cc2c8681237448aa792693644fe4bd61c25Debian Linux Security Advisory 2262-1 - Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning.
33dd0d3aa4d067d22346332aa4fe2025b28cb4afea079f18872c03c3a7767fe3Ubuntu Security Notice 1151-1 - Stefan Schurtz discovered than Nagios did not properly sanitize its input when processing certain requests, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
dbddcfca89b20def2a2289fede61c28c8b2da56d5deb5a9dbc9249b874d0c56fA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CSWV chunk inside Adobe's RIFF-based Director file format. When handling certain substructures, the code does not properly ensure arithmetic operations will not exceed expected values. By crafting a file with certain values this can be abused to cause memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
571feb1825f4622c650c40c41542ffaf034e7af778679c7b4017b6aa04abb738A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the way Java handles color profiles. When parsing a color profile containing a invalid 'rcs2' tag, the process can be forced to overflow an integer value during an arithmetic operation. The newly calculated value is then used to allocate memory on the heap. By providing specific values it is possible to cause a memory corruption that can lead to remote code being executed under to user running the browser.
8e3be2c1be593c530a4670d03a601ce9798a4842c472af7bed8ad4b21ecff0d3A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CSWV chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll does not properly parse byte arrays. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
748756cafb988b739c34fb1ba4c6edc71ac0e185dcae11850a3d7e074abe01ccSecunia Security Advisory - Two vulnerabilities have been reported in ClearSCADA, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
3de7b3731c95640463d471bdcb599e5dc00b60648c5dc9d415ad37b65b2c4381Secunia Security Advisory - SUSE has issued an update for ConsoleKit. This fixes a weakness, which can be exploited by malicious users to potentially gain escalated privileges.
a2a93f05040fbcbe9d993cb957a9cf317a4e94759512e44531395f7a373918feTechnical Cyber Security Alert 2011-166A - Adobe has released Security Bulletin APSB11-16, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. Adobe has released Security Bulletin APSB11-17, which describes multiple vulnerabilities affecting Adobe Shockwave Player. Adobe has released Security Bulletin APSB11-18, which describes multiple vulnerabilities affecting Adobe Flash Player.
5ce1ca83a89c36ec7ad3ff2e2b0e22e804ded4ca11b0e8a9cb59c0701c3afd17This is a simple perl script called Viper LFI Scanner that enumerates local file inclusion attempts when given a specific target.
4abd76909ca126c20a3849cadff2d7e6ced90e4b1914278a4bd61990ade40679
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed