P5 FNIP-8x16A / FNIP-4xSH versions 1.0.20 and 1.0.11 suffer from cross site request forgery and cross site scripting vulnerabilities.
37dc134c292cda2331964baf8467bdf49fc496b2b3f1b9cc5c262880a403124fNative Instruments Reaktor 5 Player version 5.5.1 suffers from a heap memory corruption vulnerability.
7b44f70c1395ea3407651581d50f32b32dc668d11ab8ea67c4834e359f8d854dNative Instruments Traktor Pro version 1.2.6 suffers from a stack-based buffer overflow vulnerability.
039732df7af4640ef7ebdecd003dd27667315f011853b181f5ab7df45f11378dNative Instruments Kontakt 4 Player version 4.1.3 suffers from an insecure library loading vulnerability.
9c5940362c511ab8f036a55fd9b96f608c9560cac2599908aeb4734035f9c5f7Native Instruments Service Center version 2.2.5 suffers from an insecure library loading vulnerability.
13430ccfa6d476a8f25a1ef557c18c50f7900408f659fddd0bc078b56d6425c1Native Instruments Reaktor 5 Player version 5.5.1 suffers from an insecure library loading vulnerability.
619e0aa69b4d76d97a73033827a930b5b6cd16aef9acde7848ee9538345e9ce1Native Instruments Guitar Rig 4 Player version 4.1.1 suffers from an insecure library loading vulnerability.
bdded2d22da6096b332e47ea680a264ff3ab72052df535b4c74b151367ea260cThe Altova DatabaseSpy 2011 Enterprise Edition suffers from a buffer overflow / memory corruption vulnerability when handling project files (.qprj).
147a401924e74a73b35e7412da0eb4ebc2f544df74ee1b296794ec6609e0edbfTomatoCart version 1.0.1 suffers from a cross site scripting vulnerability.
34e741bd38e2824dc1af50ab1654419bc4ca5aa287742999e631921b7a7d5738Zen Cart version 1.3.9f suffers from a local file inclusion vulnerability.
1534c391faf67821ad61bee524c0d43fd61ae993a4eb8be5ce08324e36eb5d10Zen Cart version 1.3.9f suffers from cross site scripting and remote SQL injection vulnerabilities.
6811536fb36e430ccabea0a3463cb4ea41374cd15cbccabfa4efb64cbccd94bdSoftek Barcode Reader Toolkit version 7.1.4.14 Active-X related buffer overflow proof of concept exploit.
dceb54e1f32d6772544fa6532904219bd3241b6d0353f08dbdff2c9fb43cb1b2Netautor Professional version 5.5.0 suffers from a cross site scripting vulnerability.
4d35da18584fd51077f7bc26dc071c71bec8cc441e649fd98e4a21a589f85a9cTextpattern CMS version 4.2.0 suffers from a cross site scripting vulnerability.
dfd74462ca449e44ea96a803fec91e74f488f325e663ca8a1504db6bf23bdda4MySource Matrix version 3.28.3 suffers from a cross site scripting vulnerability.
0b4022da0c3745024cfcbc130e3a207b832debd2b1888d8ca111d89d5a5154bfLEADTOOLS version 16.5.0.2 suffers from buffer overflow, integer overflow and denial of service vulnerabilities related to Active-X Common Dialogs.
dfa7d8e1d37bb018b4f9c4c73d5ddde7edee027e7ee6c5693155ab62354e1a23Sport Accelerator Suite version 2.0 suffers from a remote SQL injection vulnerability.
6eba3de6d752edf0327713ad11ab93fe42fc85582a378a4f2dd4b9a60a4ee954SmartCode ServerX VNC Server Active-X version 1.1.5.0 suffers from a denial of service vulnerability in scvncsrvx.dll.
b7b28563723da38901481e1b6eb926086c2a9be731100ece4948f14243ae3599Team Johnlong RaidenTunes version 2.1.1 suffers from a cross site scripting vulnerability.
4199949d35c67667cd038d30a7f4e8a72521e296137d729dadf966fb082dfe7aCorel Presentations X5 version 15.0.0.357 (shw) buffer preoccupation proof of concept exploit.
649dafa37afec86f0919292d1d4c3dca78b30faa54d9c1c47c27e68b17f6f2d7Adobe Reader suffers from a remote memory corruption vulnerability that causes the application to crash while processing the malicious .PDF file. The issue is triggered when the reader tries to initialize the CoolType Typography Engine (cooltype.dll). Version 9.3.2 is affected.
0d7c54c4743176112d2aee8ec983b30d5dd0cb155386bcccd9b4ca611ba3cca3When parsing .indd files to the application, Adobe InDesign CS3 version 10.0 crashes instantly overwriting memory registers. Depending on the offset, EBP, EDI, EDX and ESI gets overwritten. This allows for arbitrary code execution and denial of service.
d1ba3f3f81ec58b3c4ec9a5db1aba291e884748a886cdf7a44a4c635fe2b5fa6Shockwave Player versions 11.5.6.606 and below from Adobe suffer from memory consumption / corruption and buffer overflow vulnerabilities that can aid the attacker in causing a denial of service scenario and arbitrary code execution. The vulnerable software fails to sanitize user input when processing .dir files resulting in a crash and overwrite of a few memory registers.
8ec4df5f63f6cfd2422941ca53290e7e3b28c5e09824a064172cf191aa1bea88The AVTECH Software Active-X controller (AVC781Viewer.dll) suffers from buffer overflow, integer overflow and denial of service vulnerabilities.
7f6a0bb853da3f08e8acd4f1eb5daae71f417172a346b56ba78a04140eb6bb19Deimos Kasa versions 2.58 and below suffer from a local integer overflow vulnerability.
80ab77904eacba3dc8c30ad3a714933a70e7c038b12b93dbb3f71e6b1bc649d4ExtCalendar version 2.0 Beta 2 suffers from a cross site scripting vulnerability.
f3ff74b4568f9159c2fd60ec484fe6464f1648d875317b00de9d9708cd6f6a11
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed