This Metasploit module exploits a buffer overflow in xRadio 0.95b. Using the application to import a specially crafted xrl file, a buffer overflow occurs allowing arbitrary code execution.
29818ef616f922a8dafe08d3b7fc05bbecd247b885f9977dbbbf05e4045d35b1OpenSSL versions up to and including 1.0.1 are affected by a memory corruption vulnerability. asn1_d2i_read_bio in OpenSSL contains multiple integer errors that can cause memory corruption when parsing encoded ASN.1 data. This error can be exploited on systems that parse untrusted data, such as X.509 certificates or RSA public keys.
b2527f3f787a4be179232af6290c80365f3d3b21d504e92bda12f332f8efc586Oracle GlassFish Server version 3.1.1 build 12 suffers from a cross site request forgery vulnerability.
1ab958cd22e7204426b09ede8bb2230718a9c906cf7ed05673dd8784c94bdb4aTeam SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5 and 11.1.0.7 (and previous patchsets) suffer from a session fixation vulnerability.
b23814439d636e11ed6a260aec8c598ed350de8a5024e6065430fd9b1b3534e8Ruxcon 2012 Call For Papers - Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.
967b14c2cc86eb829ac73a7d5559ae16ecaeaee7a00dda16841f0629ce75679aTeam SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the prevPage parameter.
8181e024c40eda634dec94eeab4606fb3db63b7568215c373cb8f48ead738da1Team SHATTER Security Advisory - Oracle Data Server versions 10gR1, 10gR2 (10.2.0.5 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) suffer from incomplete protection of locked accounts.
215843a987ff2f43ea718bc99ea044e6b7625eafbbcbc9548a64806ba5eddf08Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 10.2.0.5, 11.1.0.7, and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.5 (and previous patchsets) suffer from an HTTP response splitting vulnerability in the pageName parameter.
4a9392fef4e6e9384b1634a3dd07200e175b383fcc4c1b78ec8e889706f4392dTeam SHATTER Security Advisory - Oracle Database Server versions 10gR1, 10gR2 (10.2.0.4 and previous patchsets) and 11gR1 (11.1.0.7 and previous patchsets) have an issue where failed authentication attempts using the OCIPasswordChange API are not recorded.
173e01a97b485a5516ae3a72a066b88d84c9785fbf34fde460d39e1a7ee0dcb4Comodo Internet Security versions until 5.9 suffered from a blue screen of death denial of service condition on Microsoft Windows 7 x64 if a 32b PE with a kernel ImageBase is executed.
1e86af280c77354ea561913520978f4b427cfd15a034c0157c849df03bb3da47Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.3 (and previous patchsets) along with Oracle Enterprise Manager Grid Control versions 10.2.0.5 and 11.1.0.1 (and previous patchsets) suffer from a remote SQL injection vulnerability in the searchPage web page.
238c4c370d27fbb4af33c31d9b6b3c6a70be3e90074b5802d357dae06c3c99a4ReadyDesk suffers from a cross site scripting vulnerability.
d933cf2d5240cd1b9fef0c9dff0b3afddcab16f19f6a7204ee5c5a9fe6166cd9Team SHATTER Security Advisory - Oracle Enterprise Manager Database Control versions 11.1.0.7 and 11.2.0.2 (and previous patchsets) along with Oracle Enterprise Manager Grid Control version 10.2.0.4 (and previous patchsets) suffer from a remote SQL injection vulnerability.
aaf728d372e18f22b5e25311a5a3f620eec0564baa23a4ceed2f9a4ee870f4c0ChatBlazer Flash Chat suffers from a cross site scripting vulnerability.
2863706204b0d4e44dce1eef5246375180b128da4fdfce31ea95394d82592837PG-MailingList versions 3.0 and below suffer from a cross site scripting vulnerability.
a9e87d839e6fb56045cb70c7be7d2d1eef1cacb23d8f5c04a3ad122dffc4131bBugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.
cd5bcb16d9fc77f836d09c3e0255fb95fd2cfe29cc6147822f65c77d60475b15VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4VLC version 2.0.1 suffers from a division by zero vulnerability during the handling of mp4 files.
10f07cc24725bca656acafb4767470f9903dd176fb798703ffd1e1ed72195799Wireshark suffers from a call_dissector() NULL pointer dereference denial of service vulnerability. Proof of concept pcap included.
8139489227889d61c55034247a3d493ffe6a2ec4f169b8c36e0554eda132852dEMC Data Protection Advisor (DPA) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service.
e93e8f6daaaf175e61291a89a77cb04b5b8f20c9b8728903f3742f9f8c6eab80Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Enterprise Manager Grid Control, which can be exploited by malicious users and malicious people to disclose potentially sensitive information and manipulate certain data.
a582ae23e10997c0d9b4daf76b0e8efb1bd46136ec1043d0fe26db13b10bf615Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Oracle JRockit, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.
0648456b106e3c6500b7e3c3e6dbaecb42e7c5472647b666c188aa06d9bca516Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to compromise a user's system.
a51319aa9f81116178be2277b28e8eb2bb7e49dd5712eafea85085eb7877f652Secunia Security Advisory - Two vulnerabilities have been reported in Oracle WebCenter Forms Recognition, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
b7838f61a9deb77d2526cccbc98d495f86bee11c0354bbbde8e7705b0f2bdceeSecunia Security Advisory - A vulnerability has been reported in Oracle Identity Manager, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
a50837c4ca1aaebf48c86cbbecf6a448857ef1e17b53afb4ec81cd50b6406837
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed