exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 756 RSS Feed

Files Date: 2012-10-01 to 2012-10-31

Microsoft Office Publisher 2010 Proof Of Concept
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Office Publisher 2010 crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
systems | windows
SHA-256 | b2596f036e91036b1d9c5e75fe931fc3789cd3a28a5f811d1c8bdfe17aa40c79
Microsoft Paint 5.1 Memory Corruption
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Paint version 5.1 memory corruption proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | 15e5373002cdf14b6c92cf97696861304cc35f3a4bceeadf2a2995e5a4c4daa2
Red Hat Security Advisory 2012-1407-01
Posted Oct 27, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1407-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, bypass the same-origin policy, or cause Firefox to execute arbitrary code.

tags | advisory, web, arbitrary, xss
systems | linux, redhat
advisories | CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | 54436dae5beb0912b3a2a377f2312001f8c667f6f7718587d2dfcebdb9306761
Microsoft Office Excel 2010 Memory Corruption
Posted Oct 27, 2012
Authored by coolkaveh

Microsoft Office Excel 2010 memory corruption proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | windows
SHA-256 | 0df178e45417b53cde74b1e1ad25ed1e46b1b3da0052271a76eb500b5cd88c18
Arora 0.10.0 Windows Qt 4.5.3 DLL Hijack
Posted Oct 27, 2012
Authored by Metropolis

Arora version 0.10.0 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 3b16421b250afbbb93f4a541254be6b109d4ed90df6048ae29bec103bef5afa1
Secunia Security Advisory 51070
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for webkit. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 91a7ce0445107d5f462fb1551c9fe975a814e7d312267d974704b49c1e584ffd
Secunia Security Advisory 51107
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the FireStorm Professional Real Estate plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 2fdad89e43d8b395cfc5233c5480a9fd0cb9f6798fedec2b60888bbffa564bc4
Secunia Security Advisory 51073
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM InfoSphere Streams, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks.

tags | advisory, spoof, vulnerability, xss
SHA-256 | 385e675397c6877b3aac6b330b9931123d10b66eee684f826709ec815d6c127b
Secunia Security Advisory 51080
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere MQ, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
SHA-256 | ffe404a7b31923783712ca6b3aa1d7ffdf8f8eefb66cabc9cee175cf5a81958e
Secunia Security Advisory 51063
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ERPScan has reported a vulnerability in SAP NetWeaver, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 241360c888678b80bc2b5a39d4847e49f21d843126a1078b894bb106ea7818dc
Secunia Security Advisory 51062
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in RT RTFM Extension, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 81d7aa86c118c3f7298ef8d60b5c4c20347aad16c1f49278e808a083d9fdc779
Secunia Security Advisory 51100
Posted Oct 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Janek Vind has discovered multiple vulnerabilities in the GRAND FlAGallery plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to disclose sensitive information.

tags | advisory, vulnerability, sql injection
SHA-256 | 1fbf169b8dc118f3cad30d489c978f932ba2a941753fb2352d930d1ce15a54d5
Gramophone 0.01b1 Cross Site Scripting
Posted Oct 26, 2012
Authored by G13

Gramophone version 0.01b1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9a5b7f1d75d39c8243db9196336bba6a28809e6f294600da4c464d019c5081b3
Allscripts Homecare Client Local Memory Corruption
Posted Oct 26, 2012
Authored by G13

Allscripts Homecare client versions 6.1.0 and 7.0.1 suffer from a local memory corruption vulnerability.

tags | exploit, local
SHA-256 | e61dd63f1038ddb7e663470bfe50f0750075133ada0a3baaf17a8d05dad3e126
WordPress Easy Webinar Blind SQL Injection
Posted Oct 26, 2012
Authored by Robert Cooper

WordPress Easy Webinar plugin suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 884e037eaaa98050d5cebdeb809fb4c19fbe143bc3984a65c51407480dd6f4e2
Perl 5 Memory Corruption
Posted Oct 26, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

The Perl 5 interpreter is vulnerable to a memory corruption vulnerability which results in memory disclosure and potentially arbitrary code execution when large values are supplied to the x operator.

tags | advisory, arbitrary, perl, code execution
advisories | CVE-2012-5195
SHA-256 | 553cb435fb55599355ceae80210dcc60509e0f1a51cae7259ce1394e8ef9ac7b
Ubuntu Security Notice USN-1619-1
Posted Oct 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1619-1 - Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2012-5077, CVE-2012-5085, CVE-2012-3143, CVE-2012-3159, CVE-2012-5068, CVE-2012-5083, CVE-2012-5084, CVE-2012-5086, CVE-2012-5089, CVE-2012-5074, CVE-2012-5081, CVE-2012-1531, CVE-2012-1532, CVE-2012-1533, CVE-2012-3143, CVE-2012-3159, CVE-2012-3216, CVE-2012-4416, CVE-2012-5067, CVE-2012-5068, CVE-2012-5069, CVE-2012-5070, CVE-2012-5071, CVE-2012-5072, CVE-2012-5073, CVE-2012-5074, CVE-2012-5075, CVE-2012-5076
SHA-256 | 01b5a462284182fc91534e669d352b638efb552e7d0ebbc4836b839b09d8b4ee
Ubuntu Security Notice USN-1620-1
Posted Oct 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1620-1 - Mariusz Mlynski and others discovered several flaws in Firefox that allowed a remote attacker to conduct cross-site scripting (XSS) attacks. Antoine Delignat-Lavaud discovered a flaw in the way Firefox handled the Location object. If a user were tricked into opening a specially crafted page, a remote attacker could exploit this to bypass security protections and perform cross-origin reading of the Location object. Various other issues were also addressed.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2012-4196, CVE-2012-4194, CVE-2012-4195, CVE-2012-4196
SHA-256 | dda37aac7e4f09cf08bbf332ed3e4ea5af41338c9b0d4844e593b51407a8855e
Debian Security Advisory 2568-1
Posted Oct 26, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2568-1 - IT was discovered that RTFM, the FAQ manager for Request Tracker, allows authenticated users to create articles in any class.

tags | advisory
systems | linux, debian
advisories | CVE-2012-4731
SHA-256 | 9adcac62f75ed2cb43a6178756a2a6591f34492c0a947b3c737340c90a27cb2d
Debian Security Advisory 2567-1
Posted Oct 26, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2567-1 - Several vulnerabilities were discovered in Request Tracker, an issue tracking system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-4730, CVE-2012-4732, CVE-2012-4734, CVE-2012-4735, CVE-2012-4884
SHA-256 | fe75ccba30dc437622f4300ae97b720f84a232cc4b02fbbf0e8325a67254945e
WAF-FLE ModSecurity Console 0.6.0rc2
Posted Oct 26, 2012
Authored by Klaubert Herr | Site waf-fle.org

WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.

Changes: This release fixes an issue with new sensor creation.
tags | tool
systems | unix
SHA-256 | 1550bffec9e3d6456c3b17a48dc90408f06301e18f7cfd1ef8ca41662b56f587
NASA Tri-Agency Climate Education (TrACE) 1.0 SQL Injection
Posted Oct 26, 2012
Authored by LiquidWorm | Site zeroscience.mk

The Tri-Agency Climate Education (TrACE) Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaboration around climate education. The application suffers from an SQL Injection vulnerabilities when input is passed to the 'product_id' and 'grade' GET parameters in 'trace_results.php' script which is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Version 1.0 is affected.

tags | exploit, arbitrary, php, vulnerability, sql injection
SHA-256 | e1146a5b942521c7537f27d1e9e6daf8576dafc19293f31ca192b5c83d4684a8
NASA Tri-Agency Climate Education (TrACE) 1.0 XSS
Posted Oct 26, 2012
Authored by LiquidWorm | Site zeroscience.mk

The Tri-Agency Climate Education (TrACE) Catalog provides search and browse access to a catalog of educational products and resources. TrACE focuses on climate education resources that have been developed by initiatives funded through NASA, NOAA, and NSF, comprising a tri-agency collaboration around climate education. The application suffers from a reflected cross site scripting vulnerability when input is passed to the 'product_id', 'pi', 'project_id' and 'funder' GET parameters in 'trace_results.php' script which is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 1.0 is affected.

tags | exploit, arbitrary, php, xss
SHA-256 | a8958302bb602beff4ebb5517ad18454b487ae666d4353e85526aec09144e0a6
Realplayer Watchfolders Long Filepath Overflow
Posted Oct 26, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

Realplayer version 15.0.5.109 is vulnerable to a stack buffer overflow vulnerability in the 'Watch Folders' facility.

tags | advisory, overflow
advisories | CVE-2012-4987
SHA-256 | 4574d497f5b7de99ddcba37f9338d21972b688102da3b115f156e7604e82c00b
Layton Helpbox 4.4.0 Cross Site Scripting
Posted Oct 26, 2012
Authored by Joseph Sheridan | Site reactionpenetrationtesting.co.uk

Layton Helpbox version 4.4.0 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4972
SHA-256 | 3827c1464b24bc29ab3e651ff29501dbfd6b5cd47b535b390f6cad47d2082994
Page 3 of 31
Back12345Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close