what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

Sterling Trader Data Processing Buffer Overflow
Posted Dec 13, 2011
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Sterling Trader, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Base.exe when processing network requests (code 176). This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to a certain TCP port. Successful exploitation allows execution of arbitrary code, but requires guessing the TCP port, which is dynamically assigned. Version 7.0.2 is affected.

tags | advisory, overflow, arbitrary, tcp
advisories | CVE-2011-3842
SHA-256 | 4bba5165e1e1a29e14507788d3f4a83164273e1104b6b0be79ccc37695952d76

Related Files

DVR Remote ActiveX Control DVRobot Library Loading
Posted Nov 17, 2011
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.

tags | advisory, remote, web, arbitrary, activex
advisories | CVE-2011-3828
SHA-256 | e641c5041e65c7dcb486319e4f9f229021c6007e19079a2a67952f9abfd2a4b8
Secunia Security Advisory 45453
Posted Nov 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a weakness and multiple vulnerabilities in Support Incident Tracker, which can be exploited by malicious users to disclose sensitive information, conduct SQL injection attacks, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 10fe08a5f4a38cafa63bf94902bdc8390b2b4f4dcdf6fa7a5abc940ed6f6ba40
Secunia Security Advisory 45495
Posted Nov 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in phpList, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 019706c9effcbbe18fc31710c9f8c7fe1c7a0f82d41a115a25c70a30d23a5d72
Secunia Security Advisory 45311
Posted Oct 20, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in KaiBB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | effe2c37af5211978eae9cac67ae06e9b6968c0111d83e5e04ff31957d70aab3
Secunia Security Advisory 44225
Posted Oct 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered three vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 754391f1068eba24371539d6d1d2ae3d5631e06756a2b55ac1a7d439697e519b
Secunia Security Advisory 44310
Posted Oct 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | c161dfe974ee45217dd4e8f9783b0d46b1669f2df5d53e3c90ead167432a4371
Mandriva Linux Security Advisory 2011-149
Posted Oct 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-149 - Multiple vulnerabilities has been discovered and corrected in cyrus-imapd. Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command.

tags | advisory, remote, overflow, arbitrary, vulnerability, imap
systems | linux, mandriva
advisories | CVE-2011-3208, CVE-2011-3372
SHA-256 | 1191292753cdb7c648b6f3c0d5659116f9b45499232eebda2c0efc795d775ec9
Autonomy Keyview Ichitaro Object Reconstruction Logic
Posted Oct 7, 2011
Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a logic error in the Ichitaro speed reader (jtdsr.dll) when attempting to reconstruct higher-level objects and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2011-0339
SHA-256 | d5e75933e09e845ef137f1e214acd3daba62b091b867d3f86c99c49c4fb8a1bd
Autonomy Keyview Ichitaro Text Parsing Buffer Overflow
Posted Oct 7, 2011
Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Ichitaro speed reader (jtdsr.dll) when parsing "Text" chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2011-0338
SHA-256 | d4c58b78a917a3975cccd3fd186aa9b3e2b0fa0d8eb7ac3c3fa3f6db6467cd41
Autonomy Keyview Ichitaro QLST Integer Overflow
Posted Oct 7, 2011
Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2011-0337
SHA-256 | d24cd05a6e4d709be1e57e4e15c52c15b5a2ed2e2c1e3e61fc50b6f372182659
Cyrus IMAPd NTTP Authentication Bypass
Posted Oct 5, 2011
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused by an error in the authentication mechanism of the NNTP server. This can be exploited to bypass the authentication process and execute commands intended for authenticated users only by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. Versions 2.4.10 and 2.4.11 are affected.

tags | advisory
SHA-256 | a527d453cfb32475e8deb8f919bc978fc3f901cd5b277252506bccdd46d12b1f
Secunia Security Advisory 46093
Posted Oct 5, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | f1bf59f6bfac2bff8ddeb1cbb8067795d824879f121f0fdf5150d1287184079e
Novell GroupWise Internet Agent HTTP Interface Buffer Overflow
Posted Sep 27, 2011
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by a boundary error in GroupWise Internet Agent (gwia.exe) within the HTTP interface (port 9850/tcp) when handling requests for certain .css resources. This can be exploited to cause a limited stack-based buffer overflow via a specially crafted, overly long request.

tags | advisory, web, denial of service, overflow, tcp
advisories | CVE-2011-0334
SHA-256 | 0a0e3b9755408f3ac4d24cfc5ddaa02db84cde579ed5eb0e2b98699b9e5ace5f
Novell GroupWise Internet Agent TZNAME Parsing
Posted Sep 27, 2011
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer truncation error in NgwiCalVTimeZoneBody::ParseSelf() within gwwww1.dll when GroupWise Internet Agent parses "TZNAME" variables in VCALENDAR data. This can be exploited to cause a heap-based buffer overflow via a specially crafted e-mail containing an overly long "TZNAME" property value. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2011-0333
SHA-256 | 098e587acb10c0083b88ba844ed01cfbf1ec6d61bdeb69e7e6a4f2b9e4413126
Secunia Security Advisory 45875
Posted Sep 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in GEAR CD DVD Filter Driver, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
SHA-256 | 1bc12ebac4e76f872d6c977c5988e7010049f4cb1a70e58ef47e61d7d22ebd51
InduSoft ISSymbol ActiveX Control Buffer Overflows
Posted Sep 1, 2011
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered multiple buffer overflow vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, overflow, vulnerability, activex
advisories | CVE-2011-0342
SHA-256 | aacb553a1f2dad3eeea2c320ebae5a1a08f238fd12635b3a53e42a3b137a366e
Secunia Security Advisory 44875
Posted Sep 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | e7edd58244049d72a0d14dc8b0beec9ebdc8aebc891aada17bfd7dde837e3a25
Secunia Security Advisory 45042
Posted Aug 4, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Provideo ActiveX controls, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | d1d337f48306b4153d47c0622b9db13c7d3e718f1c1a5a28dbfd25646f6e76bf
Secunia Security Advisory 44885
Posted Aug 3, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in UUSee, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 8d8efe40ea351346b65c426d88ff1217e0eed8fd5d03cdb4e0e7e46a4befa485
Secunia Security Advisory 45041
Posted Jul 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Enano CMS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
SHA-256 | 2bd5b4213851820fe923838c7ed1a75ea94a33a14ff5d72a017c5803e840179b
Secunia Security Advisory 45310
Posted Jul 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a weakness in Enano CMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | b6f5300f48830836a25e26acae25c2f28f0151265be6819d35aab21318cc274e
Secunia Security Advisory 44890
Posted Jun 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in RSLinx, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | bafa3952dd8e9a61adf5307770f48954a672e98135f1a439f3d2956dfd5fc3ef
Secunia Security Advisory 44701
Posted Jun 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a security issue in NNT Change Tracker and Remote Angel, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, remote, local
SHA-256 | 015a7fb682705d0816da847b19abc46ac8a6233e948b42e2d1dbcb6642f06c86
Secunia Security Advisory 43884
Posted Jun 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Avaya IP Office Manager, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 1d514a7c1d4e0ea70a58779d62020d93598460c3fdc1d6ef94b341e57602037e
Secunia Security Advisory 43739
Posted May 6, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in the MuPDF plugin for Firefox, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 20eea0542f76a32f41edc2edf564c1c9e659bc3887ddd18c5d727ab63f7da1ca
Page 2 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close