exploit the possibilities
Showing 1 - 25 of 85 RSS Feed

Files

Konqueror 4.7.3 Memory Corruption
Posted Oct 31, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

Konqueror version 4.7.3 suffers from a number of memory corruption vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2012-4512, CVE-2012-4513, CVE-2012-4514, CVE-2012-4515
SHA-256 | e553338547e8f9516a41ca14cb1fb5ac3c1728638db05b0a8e2505e5ba2cfb72

Related Files

Gentoo Linux Security Advisory 201406-31
Posted Jun 27, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-31 - Multiple vulnerabilities have been found in Konqueror, the worst of which may allow execution of arbitrary code. Versions less than 4.9.3-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4512, CVE-2012-4513, CVE-2012-4514, CVE-2012-4515
SHA-256 | 1636f80f16d96860865cc10c6c36fa432ab92847a621b4576d877dd92920fa80
QNX Neutrino RTOS 6.5.0 Privilege Escalation
Posted Mar 13, 2014
Authored by Tim Brown | Site nth-dimension.org.uk

QNX Neutrino RTOS version 6.5.0 suffers from multiple privilege escalation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | e5e6ce35d1fa0f2a45836c06a404535d1ffccdb3b08407a60b96bf363dc0bd0a
RIM BlackBerry PlayBook OS 1.0.8.6067 Local File Access
Posted Dec 1, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

The web browser which comes as part of the RIM BlackBerry PlayBook OS can be tricked into disclosing the contents of local files through the planting of a malicious HTML file through the standard download mechanism. It should be noted that in order to exploit this issue, user interaction is required as the user will need to confirm the download of the malicious HTML file.

tags | advisory, web, local
advisories | CVE-2012-5828
SHA-256 | 689b8d28b8e18196499d4e2793fe9980e7a00f2c1dcba64139cd3a89737e5628
Red Hat Security Advisory 2012-1416-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1416-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 101cacfd82c7dac3ea6d3f99a4197eed000e0c42051e56aed16c17208f1c73a8
Red Hat Security Advisory 2012-1418-01
Posted Oct 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1418-01 - The kdelibs packages provide libraries for the K Desktop Environment. Konqueror is a web browser. A heap-based buffer overflow flaw was found in the way the CSS parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs to crash or, potentially, execute arbitrary code with the privileges of the user running the application. A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory.

tags | advisory, web, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-4512, CVE-2012-4513
SHA-256 | 6582863cde9c49a0e0bc85184224c6048197a56271a1b5c82822fe8778621d7f
Perl 5 Memory Corruption
Posted Oct 26, 2012
Authored by Tim Brown | Site nth-dimension.org.uk

The Perl 5 interpreter is vulnerable to a memory corruption vulnerability which results in memory disclosure and potentially arbitrary code execution when large values are supplied to the x operator.

tags | advisory, arbitrary, perl, code execution
advisories | CVE-2012-5195
SHA-256 | 553cb435fb55599355ceae80210dcc60509e0f1a51cae7259ce1394e8ef9ac7b
Mandriva Linux Security Advisory 2011-162
Posted Nov 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-162 - KDE KSSL in kdelibs does not properly handle a NUL character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. The updated packages have been patched to correct these issues.

tags | advisory, web, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2408, CVE-2009-2702, CVE-2011-3365
SHA-256 | 0b381d0e6a6306be9feffb69a83c5e196277a065e827c68c9a869e6303be4f3d
Red Hat Security Advisory 2011-1385-01
Posted Oct 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1385-01 - The kdelibs and kdelibs3 packages provide libraries for the K Desktop Environment. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2011-3365
SHA-256 | 93d3a041d26b448ebf9aa48719ed1b488137fda9ab4c9f89b9db8e97b49be46d
Red Hat Security Advisory 2011-1364-01
Posted Oct 12, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1364-01 - The kdelibs packages provide libraries for the K Desktop Environment. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2011-3365
SHA-256 | 42d57e16e44097171470596df1e3290bdb422e02da5b6b0fb5d50caa9a857888
Qt KSSL URL Spoofing
Posted Oct 7, 2011
Authored by Tim Brown | Site nth-dimension.org.uk

Various Qt applications including KSSL (the KDE class library responsible for SSL negotiation), Rekonq, Arora and Psi IM are vulnerable to UI spoofing due to their use of QLabel objects to render externally controlled security critical information. The primary area of concern at this time relates to the named applications SSL certificate dialogue UI however other similar dialogue boxes may also be vulnerable.

tags | advisory, spoof
advisories | CVE-2011-3365, CVE-2011-3366, CVE-2011-3367
SHA-256 | f1104d7ba2003aa2ac18e3d2d43aeb4860aa6ccd918b4b4b79f4e418e6abe44f
Ark 2.16 Directory Traversal
Posted Oct 7, 2011
Authored by Tim Brown | Site nth-dimension.org.uk

Ark version 2.16 suffers from a directory traversal vulnerability when handling a malformed ZIP file.

tags | exploit
advisories | CVE-2011-2725
SHA-256 | 65500fe3d0754fdf5656832e5ced430dddaaf1e71169286b94df909c93e51efa
Mandriva Linux Security Advisory 2011-075
Posted Apr 20, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-075 - Cross-site scripting vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site.

tags | advisory, remote, web, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2011-1168
SHA-256 | 079730e3c28d1b312e002a75f6f6793e0129c7350c4b27aed7eb0354e4b43a6f
Secunia Security Advisory 44065
Posted Apr 14, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tim Brown has reported a vulnerability in KDE Konqueror, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | f92d4dd11e17d137cc8218a1dd58b4e8767d63c8c087e595d79f291faa815609
Konqueror 4.4.x / 4.5.x / 4.6.x HTML Injection
Posted Apr 12, 2011
Authored by Tim Brown | Site nth-dimension.org.uk

Nth Dimension Security Advisory (NDSA20110321) - Konqueror versions 4.4.x, 4.5.x, and 4.6.x suffer from an HTML injection vulnerability.

tags | exploit
advisories | CVE-2011-1168
SHA-256 | 14701c32ce4712f4d97a1de84cde5b129f9c273f5594ab66798fa5bbe15018db
Konqueror KDE 3.5 Crash Handler
Posted Mar 28, 2011
Authored by KedAns-Dz

Konqueror KDE version 3.5 crash handler denial of service exploit.

tags | exploit, denial of service
SHA-256 | c925629751729e139161cdaf18c373ca974113e64a0afa59b8d223f484d36bf7
QNX Neutrino RTOS Runtime Linker Arbitrary File Creation
Posted Mar 11, 2011
Authored by Tim Brown

The QNX Neutrino RTOS runtime linker allows the creation or overwriting of an arbitrary file. Moreover the technique by which this can be achieved can be triggered even where the binary being executed is setUID and is running as another user. Version 6.5.0 is affected.

tags | advisory, arbitrary
SHA-256 | 7d1751f1d7538142a5f545dae3d6e0f64cbacc7f8b27be5bec111384542a5645
Apache Traffic Server DNS Cache Poisoning
Posted Sep 11, 2010
Authored by Tim Brown | Site nth-dimension.org.uk

The Apache Traffic Server versions 2.1.1 and 2.0.0 suffer from a DNS cache poisoning vulnerability.

tags | advisory
advisories | CVE-2010-2952
SHA-256 | 1dc0e9378f377c2bbcc492f5d1dc879dd8fb8b702f63ec2c802e48c3bdc43d67
Rekonq 0.5 Cross Site Scripting
Posted Aug 19, 2010
Authored by Tim Brown | Site nth-dimension.org.uk

The Rekonq web browser is vulnerable to Javascript injection in a number of components of the user interface. Depending on the exact component affected this can lead to Javascript being executed in a number of contexts which in the worst case could allow an arbitrary web site to be spoofed or even for the Javascript to be executed in the context of an arbitrary context.

tags | exploit, web, arbitrary, spoof, javascript
SHA-256 | b604a1d5db6b3f8fe6875b468e0971c8b0a5c62c937984575dbb59a86d78a575
Mandriva Linux Security Advisory 2010-028
Posted Jan 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-028 - KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \\'\\0\\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, spoof
systems | linux, netbsd, freebsd, openbsd, mandriva
advisories | CVE-2009-2702, CVE-2009-2537, CVE-2009-0689
SHA-256 | bcbed668507255178c552af90eaf168b462be20aa49012dc6e3325cff54e5b26
Mandriva Linux Security Advisory 2010-027
Posted Jan 27, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-027 - KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \\'\\0\\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer. WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, spoof, javascript
systems | linux, netbsd, windows, freebsd, openbsd, apple, osx, mandriva, iphone
advisories | CVE-2009-2702, CVE-2009-1687, CVE-2009-1725, CVE-2009-1690, CVE-2009-1698, CVE-2009-2537, CVE-2009-0689, CVE-2009-0945
SHA-256 | 701ad2e7099f449e19e82471a31b95691ff8ff843d3d5029da766636d5585359
ECMAScript Denial Of Service
Posted Jul 17, 2009
Authored by Thierry Zoller

ECMAScript in IE5, IE6, IE7, IE8, Netscape, Firefox, Safari, Opera, Konqueror, Seamonkey, Wii, PS3, iPhone, iPod, Nokia, Siemens and various other browsers allows for a denial of service condition.

tags | exploit, denial of service
systems | apple, iphone
advisories | CVE-2009-1692
SHA-256 | 0565fa347a433f911f7bc37200f43fcc3f38e665338086d0cdaaf81a0163b693
TekRADIUS Privilege Escalation
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

The TekRADIUS radius server for Windows suffers from a SQL injection vulnerability that allows for privilege escalation. Details provided.

tags | exploit, sql injection
systems | windows
SHA-256 | 04e03394380b7c464a8bd6dabc94060b07b1420c44f813a363aca9d1aa17f13d
NullLogic Groupware Flaws
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

NullLogic Groupware suffers from account compromise, denial of service, and possibly remote code execution vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution
SHA-256 | c36c4bc118817c73caa7e27e4882f82a005ab7e206e99a27d5d2b690d6443b2a
KDE Konqueror 4.1.3 link href Memory Leak Exploit
Posted Jan 14, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

KDE Konqueror version 4.1.3 link href memory leak exploit that causes a denial of service condition.

tags | exploit, denial of service, memory leak
SHA-256 | 52ec44898dc0b279108db1d6176b487e62c9df5937992cc4e645545e44da1e9e
KDE Konqueror 4.1.3 iframe src Memory Leak Exploit
Posted Jan 14, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

KDE Konqueror version 4.1.3 iframe src memory leak exploit that causes a denial of service condition.

tags | exploit, denial of service, memory leak
SHA-256 | e19cb05ec580924d6dc19b3322ecdac3cfb55ab2b8fe843e14f0ec56776d4e01
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close