the original cloud security
Showing 1 - 25 of 43 RSS Feed

Files Date: 2011-08-18 to 2011-08-19

Debian Security Advisory 2296-1
Posted Aug 18, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2296-1 - Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-0084, CVE-2011-2378, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984
MD5 | 0837930e5c02cb917fe95572c61860da
Zero Day Initiative Advisory 11-272
Posted Aug 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-272 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Flexnet License Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the license server manager which listens on TCP port 27000. There are multiple problems that allow an attacker to influence the saving and loading of log files on the server. By utilizing a directory traversal issue and some file renaming bugs, an attacker can leverage these vulnerabilities would allow the attacker to execute arbitrary code under the user context running the license server manager/vendor daemon.

tags | advisory, remote, arbitrary, tcp, vulnerability
MD5 | dedb8f1588c655e5e2f473d1038363d9
Mandriva Linux Security Advisory 2011-127
Posted Aug 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-127 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-2982, CVE-2011-0084, CVE-2011-2981, CVE-2011-2378, CVE-2011-2984, CVE-2011-2980, CVE-2011-2983
MD5 | 980b6d7757412876142e7222aa6a3643
Ubuntu Security Notice USN-1192-2
Posted Aug 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1192-2 - USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, arbitrary, javascript, vulnerability
systems | linux, ubuntu
MD5 | 08e2b7b451efa090e06679e40c891db7
Ubuntu Security Notice USN-1192-1
Posted Aug 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1192-1 - Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Bert Hubert and Theo Snelleman discovered a vulnerability in the Ogg reader. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2011-0084, CVE-2011-2985, CVE-2011-2987, CVE-2011-2988, CVE-2011-2989, CVE-2011-2990, CVE-2011-2991, CVE-2011-2992, CVE-2011-2993
MD5 | 5ac8fec2484c92f9b1945b5e199e3fa3
Elgg 1.7.10 Cross Site Scripting / SQL Injection
Posted Aug 18, 2011
Authored by Aung Khant | Site yehg.net

Elgg versions 1.7.10 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 3f95d6ee4ef7bb73da39d48fad9ecb1a
Contrexx Shopsystem 2.2 SP3 Blind SQL Injection
Posted Aug 18, 2011
Authored by Penguin

Contrexx Shopsystem versions 2.2 SP3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 488b53d75143e22c2e97f47d2b86ce99
WordPress OdiHost Newsletter 1.0 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress OdiHost Newsletter plugin versions 1.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c9ee5c1cd5971fd4abb5368746bd0999
Bit-7 Informatics SQL Injection
Posted Aug 18, 2011
Authored by Yassin Aboukir

Bit-7 Informatics suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ab59afca52c0aa77ec249861923ab6e3
Skype 5.5.0.113 Cross Site Scripting
Posted Aug 18, 2011
Authored by noptrix | Site nullsecurity.net

Skype versions 5.5.0.113 and below on Windows suffers from HTML and Javascript injection vulnerabilities.

tags | exploit, javascript, vulnerability, xss
systems | windows
MD5 | 92d6553712622f1a94e86a6cff22849e
Zero Day Initiative Advisory 11-271
Posted Aug 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-271 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw results when .setUserData() handlers are used with an object and .appendChild() is called within a handler. Ultimately the import operation resulting from an .appendChild() is not guarded from mutation, and invalid DOM trees can result. Invalid DOM trees can be navigated resulting in dereferencing invalid pointers which can be leveraged to execute arbitrary code in the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2378
MD5 | 498cf809d7e9e8117669e8850fe148ff
WordPress Easy Contact Form Lite 1.0.7 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress Easy Contact Form Lite plugin versions 1.0.7 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e3d4acdd457c74438942d63201c017df
WordPress WP Symposium 0.64 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress WP Symposium plugin versions 0.64 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8f8be0e49396e7ea976e745514ebcace
TheWebASP SQL Injection
Posted Aug 18, 2011
Authored by Robert Cooper

TheWebASP suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 49355073ca02c56cc4fa451581f919a6
Marine SQL Injection
Posted Aug 18, 2011
Authored by Skote Vahshat

Marine suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 90620df130bce80300c0e7beb0654fb9
MantisBT CMS SQL Injection / Cross Site Scripting
Posted Aug 18, 2011
Authored by Net.Edit0r

MantisBT CMS suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 40344d86063c641c9c26b485c9613700
Adaptive Authentication (On-Premise) Session Reuse
Posted Aug 18, 2011
Site emc.com

An issue with Adaptive Authentication (On-Premise) was discovered which in certain circumstances might affect the out-of-the-box available authentication methods. In certain circumstances, when authentication information is compromised, and with the knowledge of additional session information, the authentication information might be reused within an active session.

tags | advisory
advisories | CVE-2011-2733
MD5 | 40e0622ac7ac2bd79e467bd010f5f4b7
WordPress Contus HD FLV Player 1.3 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress Contus HD FLV Player plugin versions 1.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ed3a43e96d3663585bc5f93325b152f1
IC-Discover DNS Mining Tool
Posted Aug 18, 2011
Authored by Andrew Cook

IC-Discover is a fast multi-threaded sub-domain discovery tool written in C.

tags | tool
systems | unix
MD5 | 2e48c7564c1bc81e920fca7b32943275
Zero Day Initiative Advisory 11-270
Posted Aug 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-270 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing SVG text containers. The code within nsSVGGlyphFrame::GetCharNumAtPosition() does not account for user defined getter methods modifying or destroying the parent object. An attacker can abuse this flaw to create a dangling pointer which is referenced during the traversal of the SVG container hierarchy. This can be leveraged to execute arbitrary code within the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0084
MD5 | e82e4609d517fc221495bb64a21281d5
StudioLine Photo Basic 3.70.34.0 Insecure Method
Posted Aug 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

StudioLine Photo Basic version 3.70.34.0 suffers from an active-x control insecure method vulnerability.

tags | exploit, activex
MD5 | a30d86c3fc975113fda85e2e9e668bbd
WordPress File Groups 1.1.2 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress File Groups plugin versions 1.1.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 44aed082b675c9e67de05f97860ab9e6
SoftwareDEP Classified Script 2.5 SQL Injection
Posted Aug 18, 2011
Authored by v3n0m

SoftwareDEP Classified Script version 2.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 899dd9655139257805b07905c239ffc3
Debian Security Advisory 2295-1
Posted Aug 18, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2295-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0084, CVE-2011-2378, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984
MD5 | 2bef295ab50108ee06139d713888765d
Cm2net SQL Injection
Posted Aug 18, 2011
Authored by Skote Vahshat

Cm2net suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 727c5dcb0f109a42603bd47dfd7ecb51
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close