what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

OX App Suite 7.10.5 Cross Site Scripting
Posted Mar 21, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-44208, CVE-2021-44209, CVE-2021-44210, CVE-2021-44211, CVE-2021-44212, CVE-2021-44213
SHA-256 | 439326d231827e72e3d0872c060c5c62dddd34691c556c0825bfa59c8c7f1d96

Related Files

Secunia Security Advisory 50168
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
SHA-256 | a8db0f30b9271f122f48329f760cb003e0fa1324a73e9ab0ac9e0d5b7ffcb8a1
Drupal Chaos Tool Suite 6.x / 7.x LFI / XSS
Posted Aug 9, 2012
Authored by Casey | Site drupal.org

Drupal Chaos Tool Suite (ctools) third party module versions 6.x and 7.x suffer from cross site scripting and local file inclusion vulnerabilities.

tags | advisory, local, vulnerability, xss, file inclusion
SHA-256 | 12064a3019b369f44e0d7a14cf85b3ca9fa4586cade8f60da291fa6cfddc03ae
Red Hat Security Advisory 2012-1151-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2668
SHA-256 | b5e58ac02a262a4dec401a753af836111759f4a329334fb8c3c1a2a0b7b62159
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
SHA-256 | 70975b139f142c6b5aa2788169c1656874f10ae8fd42b3b7714b3d1791acff41
Secunia Security Advisory 49999
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matthew Joyce has discovered some vulnerabilities in ConcourseSuite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
SHA-256 | 048a6cd89895dd4d0e3351bc27906ef963207169477b47fcc1219eddb3f3694f
Debian Security Advisory 2520-1
Posted Aug 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2520-1 - Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in OpenOffice.org, an office productivity suite. The issues lies in the XML manifest encryption tag parsing code. Using specially crafted files, an attacker can cause application crash and could cause arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-2665
SHA-256 | 01058fb3e73899f5614de4378a1f281d11b663b075a75d78a87026487124e896
Secunia Security Advisory 50152
Posted Aug 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GBS has acknowledged a vulnerability in multiple iQ.Suite products, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | b6d4ac71ce3089e5e78315d51b8b103d09b1f36a1afa20e4b2fc34122a78b81b
Red Hat Security Advisory 2012-1136-01
Posted Aug 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1136-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way OpenOffice.org processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in an OpenOffice.org application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2665
SHA-256 | b59bd2e586688730a92ac126349c089bef1303f0b4131b5918f5c095da0db017
Red Hat Security Advisory 2012-1135-01
Posted Aug 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1135-01 - LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way LibreOffice processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in a LibreOffice application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2665
SHA-256 | ef5af1d4129c97a023a0cc2e74caaa7ad86b3ab37d19926858984185cae82c3c
Debian Security Advisory 2513-1
Posted Jul 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2513-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1948, CVE-2012-1954, CVE-2012-1967
SHA-256 | ecdacb7db4117e0389ca3b7ac3b6bbf964b7f0e66d078e72b75033ee15856f52
Secunia Security Advisory 49942
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users to manipulate certain data and by malicious people to manipulate certain data and bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | 1df6ed34712f36a018214b51e49d4c7db103899c14a21168b21e566b59b9fc79
Secunia Security Advisory 49671
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Hitachi Command Suite products, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
SHA-256 | 32a01a0d6ef5577b38a8c7cf248b95698cd1b9f7e905603f81e3a19475854b60
Red Hat Security Advisory 2012-0899-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0899-04 - OpenLDAP is an open source suite of LDAP applications and development tools. A denial of service flaw was found in the way the OpenLDAP server daemon processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-crafted LDAP search query that, when processed by slapd, would cause slapd to crash due to an assertion failure. These updated openldap packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2012-1164
SHA-256 | 5bbf4104a0f6737f6233dae01d97d330f3d178b6e09366055e842bbb725e8ef4
HP Security Bulletin HPSBUX02791 SSRT100856
Posted Jun 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02791 SSRT100856 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, arbitrary, php, vulnerability
systems | hpux
advisories | CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311
SHA-256 | 82242c858879c5590d3cc4aa2be0779747605eb91aaebb7622591ecb8aca1651
Debian Security Advisory 2494-1
Posted Jun 14, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2494-1 - It was discovered that ffmpeg, Debian's version of the libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952).

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852
SHA-256 | 4501feb8273e9684718b44e670322a6446313c332368d2d5a2059638c53e4d2a
Secunia Security Advisory 49499
Posted Jun 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in BMC Identity Management Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 9f5d160e78b11276c481ea41549eba5f462a49ebe3546027de24aceb57e803a0
ClanSuite 2.9 Shell Upload
Posted Jun 12, 2012
Authored by Adrien Thierry

ClanSuite version 2.9 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4cddd6e26800a71ebda87657e74dc50f77b7e8201898a675b391e0b6025449b4
Debian Security Advisory 2489-1
Posted Jun 8, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2489-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1937, CVE-2012-1940, CVE-2012-1947
SHA-256 | 69f085e8eee306fbae80d0470ee3fb7b7cd2709170e43ebde8de65d32dbce086
Red Hat Security Advisory 2012-0705-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-1149, CVE-2012-2334
SHA-256 | 6a657f9b42a90e909284ccc79fb9187564b90245173cbab2a1f6851f0a6a3370
libwpd WPXContentListener::_closeTableRow() Memory Overwrite
Posted May 18, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

OpenOffice.org includes the customized libwpd version 0.8.8 library for parsing WordPerfect documents. The used version of the libwpd library suffers from a memory overwrite vulnerability when reading a specially crafted WPD file. Successful exploitation of this vulnerability could result in an arbitrary code execution within the OpenOffice.org software suite.

tags | advisory, arbitrary, code execution
advisories | CVE-2012-2149
SHA-256 | c0fbf3513a8c6f3a2d74cceeb3b60aa04aa8253399451b37f5db876426268ecb
Wonderware Archestra SuiteLink Resource Consumption
Posted May 13, 2012
Authored by Luigi Auriemma | Site aluigi.org

Wonderware Archestra SuiteLink suffers from resource consumption and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | linux
SHA-256 | c34e1df7a3082d619c7c03aab1d1f9f1341e2d5947161396f2bcfcb5128fa599
Mandriva Linux Security Advisory 2012-073
Posted May 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-073 - A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers. The updated packages have been patched to correct this issue.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2012-2333
SHA-256 | 54666cdfa2efbdfef9bc70d2dfc67f9deaea6c7ad3fe4059fb274292752c2164
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
SHA-256 | 8a1ec648cdab00dde0f7ff37efd462d6ad93a16f2b5d89ca92fb566b939516e3
Mandriva Linux Security Advisory 2012-070
Posted May 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-070 - A file existence disclosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.

tags | advisory, remote, local
systems | linux, mandriva
advisories | CVE-2012-1586
SHA-256 | f73e89882b6346ed93095ab15bfe3217fa69a9be28af45eabd68ea7d46a92cfa
Mandriva Linux Security Advisory 2012-069
Posted May 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-069 - A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.

tags | advisory, remote, local
systems | linux, mandriva
advisories | CVE-2012-1586
SHA-256 | b43d6952e069ab1c764cbca75c6c3956e4fbed97ca5cf8d5101e51452823a6f3
Page 1 of 4
Back1234Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close