Twenty Year Anniversary
Showing 26 - 50 of 61 RSS Feed

Files Date: 2012-06-29 to 2012-06-30

Secunia Security Advisory 49690
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for bcfg2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
MD5 | 7dd26339812a6659c7e3c9f1d1701576
Secunia Security Advisory 49762
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Avaya IP Office Customer Call Reporter, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 3e77d49c0961047474a465e00c465344
Secunia Security Advisory 49760
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for python-crypto. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory, crypto, python
systems | linux, ubuntu
MD5 | 7b00c3e69655825b267d5e2d87b0feea
Secunia Security Advisory 49684
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libspring-2.5-java. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, java
systems | linux, debian
MD5 | 047a6caa55799f6800d6a47d76449b8f
Secunia Security Advisory 49695
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in accountsservice, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
MD5 | 3026d76a9c812f425957b25d632e2a1d
Secunia Security Advisory 49759
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for accountsservice. This fixes a vulnerability, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
systems | linux, ubuntu
MD5 | ba1a1dcf5495007daa1f705c9063afb5
Secunia Security Advisory 49761
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IP.Board, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 210ac39a38be34c5a3b3b8e340e3fc8d
Secunia Security Advisory 49728
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in multiple GE Intelligent Platforms products, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | d671bb9460d939366b739ece6bbc8120
Zero Day Initiative Advisory 12-113
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-113 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational ClearQuest. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the CQOle ActiveX control. A function prototype mismatch in an ActiveX wrapper results in an extra argument to be pushed onto the stack, thereby misaligning the stack offset. When the function returns, it can be made to jump to a memory address provided via the ActiveX method call. This can be leveraged to execute arbitrary code under the context of the user running the browser.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-0708
MD5 | 92da4d2b36703e912f589c31fe6ce12d
Zero Day Initiative Advisory 12-112
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-112 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. If a package with sub opcode 0x4 contains a Parameter Name string NetWeaver will eventually write a \x00 byte onto the stack to mark the end of the string. The location of this null byte is dependent on user supplied data and the resulting stack corruption can lead to remote code execution under the context of the running process.

tags | advisory, remote, arbitrary, code execution
MD5 | d9732d7fb95e9aac09828c38fe9d25c6
Zero Day Initiative Advisory 12-111
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-111 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user supplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process.

tags | advisory, remote, overflow, arbitrary, code execution
MD5 | cd5e11a506e9e6507cceac5a1a8d413b
Zero Day Initiative Advisory 12-110
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-110 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Firefox handles nsDOMAttribute child removal. It is possible to remove a child without setting the removed child pointer to NULL, thus leaving it still accessible as a dangling pointer. Subsequent use of this pointer allows for remote code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-3659
MD5 | 0bf755a99ddd3c9600f547cb099d6dcf
TEMENOS T24 7 Cross Site Scripting
Posted Jun 29, 2012
Authored by Rehan Ahmed | Site rewterz.com

TEMENOS T24 Core Banking Solution System version 7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9ef09ea887f8fedb6c9c5c3657c1d560
Advanced MP3 Player Infusion 2.01 Shell Upload
Posted Jun 29, 2012
Authored by Sammy FORGIT

Advanced MP3 Player Infusion version 2.01 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 0c3acb88bd9551d03ba8fd4d82c8f5a6
JAKCMS 2.2.6 Shell Upload
Posted Jun 29, 2012
Authored by Sammy FORGIT

JAKCMS version 2.2.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 537ddf2f2d9b6fbbd7da2d4839e2ac41
Zero Day Initiative Advisory 12-108
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-108 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the sampleData element the code within QuickTime3GPP.qtx does not properly validate the length of the data within a color sub-field before copying it into a fixed-length buffer on the stack. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code under the context of the user running Quicktime.

tags | advisory, remote, arbitrary
systems | apple
MD5 | 8cffd60a8f068729b403d9657f3c4637
Lidosys CMS SQL Injection / Information Disclosure
Posted Jun 29, 2012
Authored by MustLive

Lidosys CMS suffers from remote SQL injection and information disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | 05c22a185a7e67421c71c965269530df
Zero Day Initiative Advisory 12-109
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-109 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the karaoke XML element the code within QuickTime3GPP.qtx does not properly validate the length of the data within specific sub-fields. By providing specially crafted data, the code can be made to copy too much data into a fixed-length buffer on the stack. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code under the context of the user running Quicktime.

tags | advisory, remote, arbitrary
systems | apple
MD5 | e6d071e869f952635d165154a69dca1c
Zero Day Initiative Advisory 12-107
Posted Jun 29, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-107 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file. Specifically, when handling the style XML element the code within QuickTime3GPP.qtx does not properly validate the length of the data within specific sub-fields. By providing specially crafted data, the code can be made to copy too much into a fixed-length buffer on the stack. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code under the context of the user running Quicktime.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2012-0663
MD5 | 9cc8b6a1fd21a25af1426b84e39daeb6
RADIANT INFOTECH SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

RADIANT INFOTECH suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a3091b5efe790c748ad30d5ae1718f3f
Geosoft Technologies SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

Geosoft Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c09abe3ac6312b5e637c75f5aecbb209
Frog Web Works SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

Frog Web Works suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | d18409edd2ac025539477acacbaf7b9c
Dharmatechnet SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

Dharmatechnet suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 244070b53bc1910c799792f39947ee7f
As'ad Mansour SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

As'ad Mansour suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c9c12a80c6a7376051156ca0e6c7d779
Access Bank Plc SQL Injection
Posted Jun 29, 2012
Authored by Taurus Omar

Access Bank Plc suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 53194cdf58b50cfafba1f04b17f493a8
Page 2 of 3
Back123Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    10 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close