what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 50 RSS Feed

Files Date: 2012-10-18 to 2012-10-19

Secunia Security Advisory 50967
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rapid7 has reported two security issues in Novell ZENworks Asset Management, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | bbd63e4999884e1a97ad4cb37964fc7e65a9c461df49875681972139b9f594ef
Secunia Security Advisory 50925
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in radsecproxy, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 9caa4e1062e7e450e36a4c07c9ed02543c4f75fe273b625994698e29bd872ed1
Secunia Security Advisory 51039
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libexif. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, cause a DoS (Denial of Service), and compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 17ddc4f508fc0dc19b920c6dfcb9dd27f1d16d7094264b7b34de26fee29b0a26
Secunia Security Advisory 51014
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge has discovered two vulnerabilities in AContent, which can be exploited by malicious people to bypass certain security restrictions and conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 542c86733c0d23eb13a2e46e2c66951cdb056a3c83f9fa211aa72239ab65c16b
Secunia Security Advisory 50955
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | b54bd0613d19e04b9da701eb085a1c63c32adbbc6e4d7490e5956aa30ef5e985
Secunia Security Advisory 49853
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SEC Consult has reported a vulnerability in ModSecurity, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | d29e680b9d1b35434ff3d030b4166a664a20e11160e40a0c77d9a4570761e0c2
Wordpress Social Discussions 6.1.1 File Inclusion / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Social Discussions plugin version 6.1.1 suffers from local file inclusion, path disclosure, and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | 6933e3b623f1553697b15b2ffeb7d2791b92487442eb60c7da616d9ff9df1f71
WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Slideshow plugin versions 2.1.12 and below suffer from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | da1af48b7e10782660bd99d291eaed392728e957f960e5ad28cedbd89efdf24e
Amateur Photographer's Image Gallery 0.9a XSS / SQL Injection
Posted Oct 18, 2012
Authored by cr4wl3r

Amateur Photographer's Image Gallery version 0.9a suffers from cross site scripting, remote file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure
SHA-256 | 5f9f29a0eb56a1f97678a27b19ab175cb15181cbf062a2ab9a42ed9109a05cc0
BSW Gallery Shell Upload
Posted Oct 18, 2012
Authored by cr4wl3r

BSW Gallery suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | cbe491d9281409a8c67abca0c387d9207d4efea38e9e436208e034927e06a8fb
jCore 1.0pre Cross Site Scripting / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

jCore version 1.0pre suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-4231, CVE-2012-4232
SHA-256 | 6b5298a41aa2820b67dc3beb4a6b02db1aaee7603772138dd6228a587a308157
Subrion CMS 2.2.1 XSS / CSRF / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2012-4771, CVE-2012-4772, CVE-2012-4773
SHA-256 | a3cf7fcdf1b5f6d220a577633d480f22b716b77a1b6f6819efe7e82d7b6fc0dd
ATutor AContent 1.2 XSS / Authentication / SQL Injection
Posted Oct 18, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

ATutor AContent versions 1.2 and below suffer from improper authentication, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2012-5167, CVE-2012-5168, CVE-2012-5169
SHA-256 | f884299c5d9976c978753e2b78b0f47541e45479ec64ddb6f85cd4a678ba506e
Red Hat Security Advisory 2012-1385-01
Posted Oct 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1385-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5089
SHA-256 | 1ab9eba3cd8523c24b7360edb76fb7cd4a74585c7f602268d19072977676e5fd
Red Hat Security Advisory 2012-1384-01
Posted Oct 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1384-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5075, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5089
SHA-256 | 24e419285a203b410a677329f5229678b7380389fb34021417dfb3017977396f
Red Hat Security Advisory 2012-1386-01
Posted Oct 18, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1386-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3216, CVE-2012-4416, CVE-2012-5068, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076, CVE-2012-5077, CVE-2012-5079, CVE-2012-5081, CVE-2012-5084, CVE-2012-5085, CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5089
SHA-256 | 7953072500e60f1a34d886169a7e764d3576d701739377834ad9c9a8a433fabc
Debian Security Advisory 2559-1
Posted Oct 18, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2559-1 - Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841
SHA-256 | c8bf62536ad8e1aa054b95d4326eede5318456337e927cddf2983c064b9c88b3
Ubuntu Security Notice USN-1613-2
Posted Oct 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1613-2 - USN-1613-1 fixed vulnerabilities in Python 2.5. This update provides the corresponding updates for Python 2.4. It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary, local, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2008-5983, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1148, CVE-2008-5983, CVE-2010-1634, CVE-2010-2089, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1148
SHA-256 | 03c1d61f1a7fd46df33c2cd303dd9df766d417bf63c2774bc68e006f265282de
Ubuntu Security Notice USN-1613-1
Posted Oct 18, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1613-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local, python
systems | linux, ubuntu
advisories | CVE-2008-5983, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1148, CVE-2008-5983, CVE-2010-1634, CVE-2010-2089, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1148
SHA-256 | c13b76291797c5dc6f6323302b6fdfb272dd24cd1b617c855c76a194beaf1ed9
Secunia Security Advisory 51031
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OTRS Help Desk, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | b62157ff1c522d43c7202dd0c9ff99c84446694cc08eb708e541fc9a62322623
Secunia Security Advisory 50979
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ReVuln has discovered a vulnerability in Steam, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | feebdf1108d0963e727d034583c7555e409dc56455a3ee42df446b827650275a
Secunia Security Advisory 50963
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | e95b4be051a5a894f508f35c98560abbde8efb031abff9a2fba88f91cdc4af80
Secunia Security Advisory 51034
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in AContent, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | e675efdc82657a8525e3701150b4fede3244caaefd679c358f8434296a66f8cf
Secunia Security Advisory 51013
Posted Oct 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in Subrion CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 8a7b9c873757a31c7ef3b588b537f449cca9690208f485e90db2122ce3d7eac7
Internet Explorer 9 XSS Filter Bypass
Posted Oct 18, 2012
Authored by Jean Pascal Pereira

Internet Explore 9 suffers from a cross site scripting filter bypass vulnerability.

tags | exploit, xss, bypass
SHA-256 | 7efa996042e8eed00bc79381471e8b40fc3c777a09a054edbce6d231f7849cde
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close