exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2011-10-15 to 2011-10-16

Zero Day Initiative Advisory 11-290
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-290 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within mshtml.dll and is a logic bug in the way it handles the 'extra size index' in certain CDispNode classes within the SetExpandedClipRect function. When the 'extra size index' is zero, the code fails to correctly adjust the class instance pointer before and uses the vftable pointer as a flag field. This corrupts the vftable pointer and can lead to remote code execution under the context of the current user. This issue is closely related to CVE-2009-3672.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2001
SHA-256 | 1d40d6b1ba8dfd59633c144649c1581d7ee175acfcca3e3c50b35fcaa6c656a9
Zero Day Initiative Advisory 11-289
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-289 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles calls to the method swapNode(). When a call to swapNode is issued on an node within a document that has two body nodes, Internet Explorer frees an attribute field for one of the body nodes and then later re-uses the freed field during the node swap. This behavior could result in remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2000
SHA-256 | fbfbd2d2afca4f61a064175e15ba52c20edd33a6ce5dbc4b75600c0392c49983
Zero Day Initiative Advisory 11-288
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-288 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 8. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application verifies arguments for a certain operation performed on an element. When parsing one of the operands of a method, the application will pass the argument straight to a method that will use the variant as an index. Due to bypassing the argument check, an aggressor can set the index to point to data outside the bounds of the array. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1999
SHA-256 | 49e5115748956c3af8a74acce2d714b829db1a341cc8fd48b66a19a161e41ffe
Zero Day Initiative Advisory 11-287
Posted Oct 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-287 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the caching implementation of a Select element. When modifying this cache, there are certain methods that do not update the cache correctly. Due to these inconsistencies, one can desynchronize the cache with elements that have been freed. While using these freed elements, the application's perception of type-safety becomes skewed and usage of the object can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1996
SHA-256 | fdaefb0d3ef4ba650c4eed49e97330766ec02cd5c66f50e4795ac2130cfd44b9
Gentoo Linux Security Advisory 201110-12
Posted Oct 15, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-12 - Multiple denial of service vulnerabilities were found in Unbound. Versions less than 1.4.10 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0969, CVE-2011-1922
SHA-256 | acbc990c4724db50df721315fbe9ce8d6afbb94d9cc3ef2ce6cff88c460f20bc
Mandriva Linux Security Advisory 2011-150
Posted Oct 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-150 - Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service or possibly have unspecified other impact via a long line in a response.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-3208
SHA-256 | 5e0f011b503708fa29fd1e15a76130866cbc07147d7f96216c38d618f2d858f4
AV Arcade Pro 5.4.3 Cookie Manipulation
Posted Oct 15, 2011
Authored by indoushka

AV Arcade Pro version 5.4.3 suffers from an insecure cookie vulnerability that allows for access bypass.

tags | exploit, insecure cookie handling
SHA-256 | 85caebbc8302080405aaba7b14f4d050846bcc4ebc8f6a18d8cc7afc3983ae10
aSgbookPHP 1.9 Cross Site Scripting
Posted Oct 15, 2011
Authored by indoushka

aSgbookPHP version 1.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fa1a2a00d58496a2268288ec516ff78e9ea410036ba43a047873b29febc8bae7
Perl CGI Shell
Posted Oct 15, 2011
Authored by Marshall Whittaker

This is a Perl CGI backdoor that provides shell-like capability.

tags | tool, shell, cgi, perl, rootkit
systems | unix
SHA-256 | 09fc7f09f2300df12f0b671a4184d8050707a0d7248afe5344459a60b8ed9388
Secunia Security Advisory 46373
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Xerox ColorQube, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 0c7b52344bbf5568c7416ab7e8e452cd57006cafd8cffbd6e91b462a2cf2b126
Secunia Security Advisory 46372
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes two weakness and a vulnerability, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux, suse
SHA-256 | ba6954b698cdc9a7e741fbe45bd1f6aa8895b56a2728b76a49c4238aa35941cb
Secunia Security Advisory 46351
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in ICONICS GENESIS32, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 0303c0f8539041d0f10ae1ccf0fb35475e8b0f2bff75dd5e5d2a4ac2946a326d
Secunia Security Advisory 46361
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for dokuwiki. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
systems | linux, debian
SHA-256 | ea381cc717f03a908ecee64029e76fef840febf24df797ee64d8cd6737e48811
Secunia Security Advisory 46395
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | c3d7b8c3129ae8e35f6a1a2a84f8d577cecf013a56173406f30339a882358bc4
Secunia Security Advisory 46283
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in GenStat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 8a58df3131300e6175ea39289643ac14b9aa52fe81f9b4b03a62c9aad476ad33
Secunia Security Advisory 46267
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Time Returns component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6befea8f1e255992abd9147092b58cc94dddec6682af315c230927c6993e7762
Secunia Security Advisory 46368
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Barter component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | b1fc50d2cec61ab0541e1f2d5823fa50037ce603c1f979e0caaab772afd55310
Secunia Security Advisory 46343
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
SHA-256 | fa01ea8d241ed116bf6c8377b56c0600dab9fcbbd304b3731c4f2208623b6caf
Secunia Security Advisory 46378
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in JAKCMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 7f95d0daec097237ccf18abd978a2dfbc54caf67f541fc79922ca7747d50dd08
Secunia Security Advisory 46164
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to conduct script insertion attacks, and by malicious people to disclose potentially sensitive information, conduct HTTP response splitting, cross-site request forgery, and spoofing attacks, and bypass certain security restrictions.

tags | advisory, web, local, spoof, vulnerability, csrf
systems | linux, debian
SHA-256 | c9168ad5c1a3f711af622093ad3db361f2f2519c8206a374406d6cceb1028ee3
Secunia Security Advisory 46342
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for openssl. This fixes multiple vulnerabilities, where one has unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), conduct spoofing attacks, and compromise an application using the library.

tags | advisory, denial of service, spoof, vulnerability
systems | linux, gentoo
SHA-256 | e9a2ecda542c6dcd8472c8b722374ee34dfbbfb0921b3ee535e0f4180fb3b366
Secunia Security Advisory 46276
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in KaiBB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | a2eb4777db3904a7c8ad100d49bab0fe5d8ec7057144ab82eb2b7314f83d704f
Secunia Security Advisory 46338
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported multiple vulnerabilities in atvise webMI2ADS, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | e809ccdacd49dc257da5dae61b9cef04758da0d8ae1838eedc9b1c1344607c37
Secunia Security Advisory 46385
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Onboard Administrator, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 026bbb0dbcbcf789015c1ee7748d56d7ee12ab48184e15d7c8153537445f0bec
Secunia Security Advisory 46367
Posted Oct 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | 754ace2c32d6797a9f898f738349e1f99d3ed48927cdd5dfc0584c2c207eb0fd
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close