exploit the possibilities
Showing 26 - 50 of 100 RSS Feed

Files

Oracle E-Business Suite 12.1.3 XXE Injection
Posted Oct 29, 2015
Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis

Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/copxml servlet.

tags | advisory, xxe
advisories | CVE-2015-4886
MD5 | 9bdd1acc097b3690a708a7ce77004558

Related Files

Debian Security Advisory 2462-2
Posted May 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2462-2 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service. The initial update introduced a regression, which could lead to errors when processing some JPEG files.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798
MD5 | 82d2058d89a2839d7ca2021af788cd8f
Debian Security Advisory 2462-1
Posted Apr 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2462-1 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798
MD5 | 28f7277a0b451d6eaba7090bbb5fa229
Nokia CP Suite Video Manager 7.1.180.64 Denial Of Service
Posted Apr 27, 2012
Authored by Senator of Pirates

Nokia CP Suite Video Manager versions 7.1.180.64 and below denial of service exploit that creates a malicious .mp4 file.

tags | exploit, denial of service
MD5 | 866e1ef009262c65b362fe86846ad9be
Debian Security Advisory 2458-1
Posted Apr 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2458-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-0455, CVE-2012-0456, CVE-2012-0458, CVE-2012-0461, CVE-2012-0467, CVE-2012-0470, CVE-2012-0471, CVE-2012-0477, CVE-2012-0479
MD5 | 2467a978550ebb647f3e57a2d5984046
Red Hat Security Advisory 2012-0519-01
Posted Apr 25, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-4314, CVE-2012-0818
MD5 | 189d8ae1b672374f456cbd82bbd8e382
Secunia Security Advisory 48917
Posted Apr 24, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Suite, vBulletin Forum, and the MAPI plugin for vBulletin.

tags | advisory
MD5 | ec221d5f4ca76e231dc12188fccad14a
Secunia Security Advisory 48892
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle E-Business Suite, which can be exploited by malicious people to manipulate certain data.

tags | advisory
MD5 | 25513951463fce5105b57e66d8a9b43b
Secunia Security Advisory 48871
Posted Apr 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data.

tags | advisory, vulnerability
MD5 | 4a73ac7dc9927660563be89d7b781a06
ClubHACK Magazine Issue 27
Posted Apr 18, 2012
Authored by clubhack | Site chmag.in

ClubHACK Magazine Issue 27 - Topics covered include Sysinternals Suite, The Burning issue in Web Application, and more.

tags | web, magazine
MD5 | f6e9e90effb9cdb605450edbf5c0ab02
Red Hat Security Advisory 2012-0478-01
Posted Apr 13, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 4de037de21a7b4ca59a2da53dfa2ecee
Crystal Office Suite 1.43 Buffer Overflow
Posted Apr 12, 2012
Authored by Julien Ahrens | Site vulnerability-lab.com

Crystal Office Suite version 1.43 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 7d883567a56b639b0c85176c16850cb4
DHTMLX Suite 3.0 SQL Injection / Cross Site Scripting
Posted Apr 12, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

DHTMLX Suite version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 55e35475d1067771621825b92d36662b
Red Hat Security Advisory 2012-0466-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | f439d60b3b34f702a51295d84ff3ff80
Red Hat Security Advisory 2012-0465-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0465-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, overflow, arbitrary, root, perl, protocol
systems | linux, redhat
advisories | CVE-2012-1182
MD5 | 64fedab336fe0cd2aa370314bed7c0b1
LANDesk Lenovo ThinkManagement Console Remote Command Execution
Posted Apr 10, 2012
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the command '-PutUpdateFileCore' as the argument. After execution, the ASP script with the payload is deleted by sending another specially crafted SOAP request to "WSVulnerabilityCore/VulCore.asmx" via a "SetTaskLogByFile" operation.

tags | exploit, asp
advisories | CVE-2012-1195, CVE-2012-1196, OSVDB-79276, OSVDB-79277
MD5 | 7e622d16202980709325aec7154b625c
Drupal Chaos Tool Suite 7.x Cross Site Scripting
Posted Mar 29, 2012
Authored by Kristof De Jaeger | Site drupal.org

The Drupal Chaos Tool Suite module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 135c8772cfe509459f25952d0d99c8d4
Secunia Security Advisory 48616
Posted Mar 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | a2eb7e924729ab95e839a284697b892f
Mandriva Linux Security Advisory 2012-040
Posted Mar 28, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-040 - gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. The updated packages have been patched to correct this issue. The GnuTLS packages for Mandriva Linux 2011 has been upgraded to the 2.12.8 version due to problems with the test suite while building it, additionally a new dependency was added on p11-kit for the PKCS #11 support.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-1573
MD5 | eff5bc41065a2ae7bbc8b34c9df3c8bc
Red Hat Security Advisory 2012-0411-01
Posted Mar 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0411-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. OpenOffice.org embeds a copy of Raptor, which provides parsers for Resource Description Framework files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If OpenOffice.org were to open a specially-crafted file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, remote, arbitrary, local, xxe
systems | linux, redhat
advisories | CVE-2012-0037
MD5 | 361c8d3b31ddb406823eb16d982ef1c4
LANDesk Lenovo ThinkManagement Suite 9.0.3 File Deletion
Posted Mar 20, 2012
Authored by rgod | Site retrogod.altervista.org

LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
advisories | CVE-2012-1196
MD5 | 5bd1f53d535b56bdac715abd0ce779c8
LANDesk Lenovo ThinkManagement Suite 9.0.3 Code Execution
Posted Mar 19, 2012
Authored by rgod | Site retrogod.altervista.org

LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2012-1195
MD5 | 427d81acba32c9ed18437de98ddfe7ec
HP Security Bulletin HPSBUX02741 SSRT100728 2
Posted Mar 7, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02741 SSRT100728 2 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass. The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 2 of this advisory.

tags | advisory, web, denial of service, vulnerability
systems | hpux
advisories | CVE-2006-7243, CVE-2011-4858, CVE-2011-4885, CVE-2012-0022
MD5 | 9b5a2a8b52f327e43c06f530ea0037af
Debian Security Advisory 2427-1
Posted Mar 7, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2427-1 - Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-0247, CVE-2012-0248
MD5 | d01c449765f59ee5f06f148b7c096531
Red Hat Security Advisory 2012-0345-02
Posted Mar 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0345-02 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in "jboss-as/server/[PROFILE]/deploy/properties-service.xml".

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-0022
MD5 | 12c0d0eedbc5e7f69fb65870542445dd
Red Hat Security Advisory 2012-0349-01
Posted Mar 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0349-01 - On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed transition from the Production Phase to the Extended Life Phase: Red Hat Enterprise Linux AS 4, Red Hat Enterprise Linux ES 4, Red Hat Enterprise Linux WS 4, Red Hat Desktop 4, Red Hat Global File System 4, Red Hat Cluster Suite 4.

tags | advisory
systems | linux, redhat
MD5 | b0d30572f277ac1e25219ec0f2f2b4cd
Page 2 of 4
Back1234Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    3 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close