Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
9752c589cf8a4fa6193a0da4b30ec052bebd69329c47751ea6b8000190afcbd0Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
73653cc4e48cd8775f493d71bed7cc19cae9f894ee3f0b3d9bf2371bd511652dSecunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service).
371cec4ed244d106240b713a55b1bfd6ae88b95f09f1d7b9a6ffbdba7d70a612Secunia Security Advisory - A weakness has been reported in Internet Explorer, which can be exploited by malicious people to trick users into disclosing sensitive information.
fea52c3422d5bf82a46627c6dd90b4bbea84d97ac2d7f2f677f804649130a790Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Visio, which can be exploited by malicious people to compromise a user's system.
c201fb96462f2e097d52c0733d03f3a21a502160f2a2afb3784fbea39fe60f8eSecunia Security Advisory - A vulnerability has been reported in Microsoft Report Viewer, which can be exploited by malicious people to conduct cross-site scripting attacks.
71114d7e21adf8be64f8982d2e7f00c45e50bd58443f5e64e2ce481d9d06bf3dSecunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-maverick. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and to potentially gain escalated privileges, by malicious people to cause a DoS, and by malicious people with physical access to potentially compromise a vulnerable system.
1c8a77441861253c4041da2d39bbd58d4f04f01522e6d7de3c8d41d558cc6d4dSecunia Security Advisory - Two vulnerabilities have been reported in HP Performance Insight, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
69a52b74b73d56780595ca9c3a540bddddd6c302c20b77936c43377d1a4795ffhttpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
ecaf52a0c95324c42fe8cb8fa4e592d16dca934378c7f32de860e82dbf5be348A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee Security-as-a-Service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaws exists within myCIOScn.dll. First, the MyCioScan.Scan.ReportFile parameter exposed via ActiveX can be set to any arbitrary filename including sensitive system files and directories. Secondly, the parameter to the MyCioScan.Scan.Start() method can be carefully crafted as to inject script constructs into the log file written at the end of the AV scan. The combination of these flaws can be leveraged by a remote attacker to execute arbitrary code under the context of the user running the browser.
da25125b8a4c24cdfa0e310ed27a2faa3d170cbf5b6597081722225283f2eb80Google Android versions 2.1 through 2.3 suffer from a focus stealing vulnerability.
0c7b6f09b004e41b9a4a63ffa9beaa30b3a4c08449603a0a3cd4ae0a5d242565LiteServe version 2.81 PASV command denial of service proof of concept exploit.
89b6d6faac955e184cd85ccfc79310989e93b57a0df944fdc49e8e88b5853864A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of McAfee Security-as-a-Service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaws exist within the MyAsUtil5.2.0.603.dll which exposes an ActiveX control. First, XSS can be used to bypass the domain execution policy implemented in MyASUtil.SecureObjectFactory.CreateSecureObject() to create an instance of MyASUtil.InstallInfo. Then, MyASUtil.InstallInfo.RunUserProgram() can be used to execute code on the user's system. Additionally, many other objects and interfaces on the user's system can likely be abused using this general mechanism.
01f49f91d4017e2f88ec6663f52c75acf559fb9b744ab55c835e138c186c6114Sunset Software Services suffers from a remote SQL injection vulnerability.
4e01d4376e6b1592f5c880faacc3b874d7af666e7b988f8cc97f75476cf996faKeydesigns suffers from a remote SQL injection vulnerability.
3a2a7332e3fc2fdfb3f860caa4c34c4da13debf1c148052c514986dc37ece593WebCalendar CVS version 1.2 suffers from multiple cross site request forgery vulnerabilities.
d8cfc989058636dfa0d317c76ea9f02759ab5afb49a5c8c086558e334a3f9220Hugetech suffers from a remote SQL injection vulnerability.
a2712b3321146cfe92eb2f2478e8ce9605c0e18b702c6ed4332be2cfef9d9ba5OpenEMR version 4.0.0 suffers from multiple cross site scripting vulnerabilities.
2b47c11eff768b011349ab9a90156453a83572d89b0a712aff40cad494af8fdcKimla suffers from a remote SQL injection vulnerability.
ecd8cbd87a37cc8214b3b7cd1de636a7afaa82d0276ac81da34bb7edaa85090dDebian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.
bfd57caaec768d351d8f4dfd46f6825fcffeed06abe70a51896f408e20e8568bSEO New York suffers from a remote SQL injection vulnerability.
49ec2ab2728935ebbfc83262fd147e3b3b631b6265e48dade8a6359432129d06
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed