what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2012-10-24 to 2012-10-25

Microsoft Internet Explorer OnMove Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "onMove" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
SHA-256 | 85f55c391fa51f8db9e2ea2e5872c2b57c06a40ec881bb2bd591e58f9ae0baad
Microsoft Internet Explorer "scrollIntoView" Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "scrollIntoView" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | exploit, remote, web, arbitrary
systems | windows
SHA-256 | f1a197c1783c02ee319890a13237b275d13b69b33b95c58bfe6caca575473a2c
VaM Shop 1.69 Cross Site Scripting / SQL Injection
Posted Oct 24, 2012
Authored by Security Effect

VaM Shop version 1.69 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | e7be6a349fb7fa475b190dbd576c798458ed565900ce8576d69bc1978a55c97e
Microsoft Office Picture Manager 2010 Memory Corruption
Posted Oct 24, 2012
Authored by coolkaveh

Microsoft Office Picture Manager 2010 suffers from a memory corruption vulnerability. Proof of concept exploit included.

tags | exploit, proof of concept
systems | windows
SHA-256 | 59e2da8fc426307586dc012cb58ef77cd9f3f38ce3648cadce0a6cce64d31281
Debian Security Advisory 2564-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2564-1 - gpernot discovered that Tinyproxy, a HTTP proxy, is vulnerable to a denial of service by remote attackers by sending crafted request headers.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2012-3505
SHA-256 | f8b52a6c1fbccca041bc74642d02a10c8223947969343b9bc0b948dd15e669b9
Debian Security Advisory 2563-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2563-1 - Several vulnerabilities were found in ViewVC, a web interface for CVS and Subversion repositories.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2009-5024, CVE-2012-3356, CVE-2012-3357, CVE-2012-4533
SHA-256 | e4bd0ae005283900714ca58befbcec7bd36c373213fee04cdcb1465faaad36bc
Debian Security Advisory 2562-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2562-1 - cups-pk-helper, a PolicyKit helper to configure cups with fine-grained privileges, wraps CUPS function calls in an insecure way. This could lead to uploading sensitive data to a cups resource, or overwriting specific files with the content of a cups resource. The user would have to explicitly approve the action.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4510
SHA-256 | a07205eca2f1e437c1a0f904153e8780529e54a7663a98b1a3ddc4991221fec7
360-FAAR Firewall Analysis Audit And Repair 0.3.3
Posted Oct 24, 2012
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release adds nat capabilities to the Cisco ASA reader. 'static' nat IP IP NM and access-list statements are now added the internal nats table and policy nat rules are identified. Some of the annoying "undefined" variable warnings have been resolved. Various other updates.
tags | tool, perl
systems | unix
SHA-256 | d9fb0acb155f64254f747054284f388236ebe887cd473089b6502874ce95d0d0
HP Security Bulletin HPSBHF02819 SSRT100920
Posted Oct 24, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02819 SSRT100920 - Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2012-3268
SHA-256 | 0d362168a978d021c1ea55ad09ee267e01eb9e8af90e327f4301737cf6d80279
Facing Facts - FCC Whitepaper
Posted Oct 24, 2012
Authored by FTC Staff | Site ftc.gov

Whitepaper called Facing Facts - Best Practices for Common Uses of Facial Recognition Technologies.

tags | paper
SHA-256 | 26081d7cc28821e503db773ab10ada01a3c074fd9c51537d4cda5644ac737bb0
Apple QuickTime Player 7.7.2 Crash
Posted Oct 24, 2012
Authored by coolkaveh

Apple QuickTime Player version 7.7.2 division by zero crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | apple
SHA-256 | ba375ec556d1cd6f889aebee23677f184509045a7fe8fbc2f585850d1cd9743c
Microsoft Office Word 2012 Stack Overflow
Posted Oct 24, 2012
Authored by coolkaveh

Microsoft Office Word 2010 stack overflow / resource exhaustion proof of concept crash exploit.

tags | exploit, overflow, proof of concept
systems | windows
SHA-256 | b46919f3f0419af51d5685e4b2654d4f86a5968c5a626f444383d5263b197e56
Debian Security Advisory 2565-1
Posted Oct 24, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2565-1 - Multiple vulnerabilities have been discovered in Iceweasel, Debian's version of the Mozilla Firefox web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2012-3982, CVE-2012-3986, CVE-2012-3990, CVE-2012-3991, CVE-2012-4179, CVE-2012-4180, CVE-2012-4182, CVE-2012-4186, CVE-2012-4188
SHA-256 | 0b8b43e40ef3698963f4dc163d37bd38a108d72f12cbfd9b187e01c4c977cfdc
Ubuntu Security Notice USN-1615-1
Posted Oct 24, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1615-1 - It was discovered that Python distutils contained a race condition when creating the ~/.pypirc file. A local attacker could exploit this to obtain sensitive information. It was discovered that SimpleXMLRPCServer did not properly validate its input when handling HTTP POST requests. A remote attacker could exploit this to cause a denial of service via excessive CPU utilization. This issue only affected Ubuntu 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, local, python
systems | linux, ubuntu
advisories | CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2012-2135, CVE-2011-4944, CVE-2012-0845, CVE-2012-1150, CVE-2012-2135
SHA-256 | 6a47539f04b7e6027e65586fefcfdc15dce0746a842a2dd746e710d783e4a6c6
Red Hat Security Advisory 2012-1401-01
Posted Oct 24, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1401-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2012-3412
SHA-256 | e54cb3b043d14e4a95ace8ecf411e7ea44937d5b3287c2dbffa908bb9dc58d4f
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close