what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

iDEFENSE Security Advisory 2004-03-19.t
Posted Mar 19, 2004
Authored by Larry W. Cashdollar, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.19.04: Exploitation of default file permissions in Borland Interbase can allow local attackers to gain database administrative privileges. The vulnerability specifically exists due to insecure permissions on the admin.ib user database file. Local attackers can add or modify existing accounts to gain administrative privileges.

tags | advisory, local
SHA-256 | b71f1e19f5d04a562354ac69ff0c4e4809b8054067ce74ebf7ae83fa5306c438

Related Files

iDEFENSE Security Advisory 2009-12-08.3
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Indeo32 Codec could allow an attacker to execute arbitrary code in the context of the affected user. iDefense has confirmed that ir32_32.dll version 3.24.15.3, as included in fully patched Windows XP as of October 2008, is vulnerable. All previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary
systems | windows
SHA-256 | 888ecfafd140b35868b4ef6ea7ef78a496f76eb5faa2b5557aec406398d77738
iDEFENSE Security Advisory 2009-12-08.2
Posted Dec 10, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in WordPad version 5.1 for Windows XP SP3 and SP2. Other versions of Windows may also be affected. However, Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-2506
SHA-256 | 4a7ab1715bf7bf9f3e49fd7c137a769d655d1bc36bc533cc4eec0e9fb9cba6a6
iDEFENSE Security Advisory 2009-12-08.1
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Internet Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not appear to be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3672
SHA-256 | 02c288bac610a30750b24e5ac7d76b96ca73822fa4f83a51387d4eb8f92e1474
iDEFENSE Security Advisory 2009-11-10.2
Posted Nov 17, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 11.10.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Excel versions 2007, 2003, and XP. The record that causes the vulnerability is not supported by Excel 2000, so it is not affected by this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3129
SHA-256 | 5f80963ddf2ce93ca1f29af19a4ef71104925c85a3890129ab19e9b97edbffb6
iDEFENSE Security Advisory 2009-11-10.1
Posted Nov 17, 2009
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 11.10.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code with the privileges of the targeted user. This vulnerability occurs when Word parses the File Information Block (FIB) structure inside a Word document. When a malformed FIB structure is processed, a stack buffer overflow will occur which can lead to an exploitable condition. iDefense has confirmed fully patched Microsoft Word 2003 SP3, Microsoft Word XP SP3, Microsoft Word 2000 SP3 are vulnerable. Microsoft Word 2007 SP1 is not affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-3135
SHA-256 | fb02e8e8e484eae0536df20cc974d2730b906f2d936448bc99c5357711be4695
iDEFENSE Security Advisory 2009-10-13.4
Posted Oct 15, 2009
Authored by iDefense Labs, Marsu | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Office could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the msofbtOPT Office Drawing record type. This record is used to provide default values for shape properties. By inserting a specially crafted property ID, it is possible to corrupt heap memory and overwrite an object pointer. iDefense has confirmed the existence of this vulnerability in Office XP SP3.

tags | advisory, remote, arbitrary
advisories | CVE-2009-2528
SHA-256 | 46af8ea0d27e803521a04613c0afa93c64815bbde88e5c32277735b5dbec88c0
iDEFENSE Security Advisory 2009-10-13.3
Posted Oct 15, 2009
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of a heap based buffer overflow vulnerability in Microsoft Corp.'s Windows GDI+ could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing a malformed TIFF file. By supplying incorrect values in a BitsPerSample tag, it is possible to trigger a heap based buffer overflow. iDefense has confirmed the existence of this vulnerability in Windows XP Service Pack 2. Please see the Microsoft bulletin for additional details on affected software.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-2502
SHA-256 | cf6057235dc06deabb97059dcda36a22488060fd8671a6c4fbe352badb98d851
iDEFENSE Security Advisory 2009-10-13.2
Posted Oct 14, 2009
Authored by iDefense Labs, Elazar Broad | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Acrobat and Reader Firefox plugin could allow an attacker to execute arbitrary code with the privileges of the current user. When Adobe Acrobat/Reader is installed, it also installs various browser plugins that allow PDF documents to be viewed in the browser. This vulnerability occurs within the Firefox browser plugin. The Internet Explorer version is not affected. The vulnerability occurs when Firefox attempts to navigate away from a page and unload the PDF viewing plugin. When Firefox calls the plugin's destroy method, the plugin does not properly free its resources. Specifically, a function pointer for the window update routine is not properly freed. This results in uninitialized memory being used when the window is redrawn, which leads to attacker supplied data being executed when the function pointer is dereferenced. iDefense has confirmed the existence of this vulnerability in Acrobat and Reader versions 8.1.3, 8.1.4, 8.1.5, and 8.1.6. Previous versions are also likely affected. Version 9.1.3 and previous 9.x versions are not affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-2991
SHA-256 | 26d2526e5fa4a158dc90e307c84a2c19f9b708a1d9689add295e4f768fab5f65
iDEFENSE Security Advisory 2009-10-13.1
Posted Oct 14, 2009
Authored by iDefense Labs, Dionysus Blazakis | Site idefense.com

iDefense Security Advisory 10.13.09 - Remote exploitation of an invalid array index vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a U3D file embedded inside of a PDF. U3D is a file format used to represent 3D images. When parsing a U3D file, the parsing code fails to validate a value from the file used as index into a list of objects. This results in an attacker being able to specify an arbitrary value for a function pointer, which leads to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in Reader and Acrobat versions 9.1.3 and 8.1.6. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-2990
SHA-256 | 036e3aa6e99462fba57e81b58b99274ca7837766dda18884ae3b383d0ebe33ff
iDEFENSE Security Advisory 2009-10-07.1
Posted Oct 8, 2009
Authored by iDefense Labs, Rodrigo Rubira Branco | Site idefense.com

iDefense Security Advisory 10.07.09 - Remote exploitation of a stack based buffer overflow vulnerability in IBM Corp.'s AIX could allow an attacker to execute arbitrary code with the privileges of the affected service. rpc.cmsd, more commonly known as the Calendar Manager Service Daemon, is an RPC application used to manage schedules and calendars. It operates over SUN RPC. The vulnerability is triggered when handling a request for remote procedure 21. This function takes two arguments, both of which are XDR strings. When copying the first argument into a stack based buffer, the code does not properly verify its length. This results in a stack based buffer overflow vulnerability. iDefense has confirmed the existence of this vulnerability in AIX versions 5.3 and 5.2.

tags | advisory, remote, overflow, arbitrary
systems | aix
SHA-256 | e622abe9b0845daaab5cfe3b95d2641f11a23e3387e454d48596ac147be98ab7
iDEFENSE Security Advisory 2009-08-25.1
Posted Aug 25, 2009
Authored by iDefense Labs, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 08.11.09 - Remote exploitation of an integer overflow vulnerability in Autonomy's KeyView SDK allows attackers to execute arbitrary code with the privileges of the targeted application. The vulnerability occurs when parsing a Shared String Table (SST) record inside of an Excel file. This record is used to hold a table of strings that are used inside of the document. One of the fields in this record is a 32-bit integer that represents the number of strings in the table. This value is used in a calculation that controls the number of bytes to allocate for a dynamic heap buffer. The value is not properly sanitized, which leads to an integer overflow in the calculation. This results in a heap based buffer overflow vulnerability.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 91a37e71adf284b1c3c01485dd1c4380ba48759365687481f5d2f29106412bf4
iDEFENSE Security Advisory 2009-08-11.2
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 08.11.09 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s ATL/MFC ActiveX code as included in various vendors' ActiveX controls, could allow an attacker to execute arbitrary code within Internet Explorer (IE). iDefense has confirmed the existence of this vulnerability inside Microsoft' ATL and MFC. This vulnerability appears to be limited to MFC version 3.0. Any source code compiled with these libraries may also be vulnerable.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2009-2494
SHA-256 | edf512cb6aeb0c9390b72abd37b17a7b330c0d5d4e8ffa3daeb55ff3ca91c23d
iDEFENSE Security Advisory 2009-07-28.3
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of an information disclosure vulnerability in Microsoft's ATL/MFC ActiveX template, as included in various vendor's ActiveX controls, allows attackers to read memory contents within Internet Explorer. iDefense has confirmed the existence of this vulnerability inside Microsoft's ATL version 9.0. Any source code compiled with these libraries may also be vulnerable. Previous versions may also be affected.

tags | advisory, remote, activex, info disclosure
advisories | CVE-2009-2495
SHA-256 | c267c222d9c34b1a2d7d1db54912e2fbbb444fafe882d61044c1ce0bd64bd46f
iDEFENSE Security Advisory 2009-07-28.2
Posted Aug 23, 2009
Authored by iDefense Labs, Ryan Smith | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of a logic flaw vulnerability in Microsoft Corp.'s ATL/MFC ActiveX code, as included in various vendors' ActiveX controls, could allow attackers to bypass ActiveX security mechanisms. iDefense has confirmed the existence of this vulnerability inside Microsoft's ATL and MFC. Although later versions of the ATL/MFC are less vulnerable, certain conditions can trigger the same exploit pattern.

tags | advisory, remote, activex
advisories | CVE-2009-2493
SHA-256 | d87248b69d8604013d1f30ba472eab8230eac08a11208461df8766f80fcdfc2e
iDEFENSE Security Advisory 2009-08-11.1
Posted Aug 23, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 08.11.09 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp.'s Office Web Components 2000 could allow an attacker to execute arbitrary code with the privileges of the logged on user. When instantiating a Spreadsheet object, it is possible to pass the object a parameter that refers to an Excel file that will be retrieved and then loaded. By using a long string for the parameter, it is possible to case a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Office XP Service Pack 3.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2009-1534
SHA-256 | 7e86dfe50c26093d7d93ca00213f5b882ccab246101ee1b9ba9aba393a3b05fa
iDEFENSE Security Advisory 2009-07-28.1
Posted Aug 10, 2009
Authored by iDefense Labs, Peter Vreugdenhil | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of a use after free vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in Internet Explorer versions 6, 7, and 8. Internet Explorer 5 does not appear to be vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1917
SHA-256 | 917be1ed0bdfbaec473ea16724416deeb91ee19bc0f5a333157bf7af42022f27
iDEFENSE Security Advisory 2009-07-30.1
Posted Aug 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.30.09 - Remote exploitation of an invalid Loader object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in latest Flash Player version 9.0.124.0. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1864
SHA-256 | ba3b6f64ff3c55832b36504c20b948df07e0b8b45de5b882c9729b2d4d636714
iDEFENSE Security Advisory 2009-08-06.1
Posted Aug 7, 2009
Authored by iDefense Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 08.06.09 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc's Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Flash Player 10.0.22.87. Other versions may also be affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-1868
SHA-256 | 68368b358896f89cb63050bdfd03bdbbcba6a8159915a1c1adb36d4cfba763da
iDEFENSE Security Advisory 2009-08-04.2
Posted Aug 7, 2009
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDefense Security Advisory 08.04.09 - Local exploitation of an arbitrary file creation vulnerability in IBM Corp.'s Advanced Interactive eXecutive (AIX) Operating System allows attackers to execute arbitrary code with super-user privileges. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s AIX version 5.3. Other versions may also be affected.

tags | advisory, arbitrary, local
systems | aix
SHA-256 | c2f93a0a5ddb535bfba9a73e58921b94de4aee8dfa76f6dbea11cf4494f746d2
iDEFENSE Security Advisory 2009-08-04.1
Posted Aug 7, 2009
Authored by iDefense Labs, regenrecht | Site idefense.com

iDefense Security Advisory 08.04.09 - Remote exploitation of an integer overflow vulnerability in Sun Microsystems Inc.'s Java Runtime Environment (JRE) could allow an attacker to execute arbitrary code with the privileges of the current user.iDefense has confirmed the existence of this vulnerability in Sun Microsystems Inc.'s JRE version 1.6.0_13 for Windows and Linux. This vulnerability is different than the two previously reported iDefense Exclusives in the Pack200 code.

tags | advisory, java, remote, overflow, arbitrary
systems | linux, windows
SHA-256 | c26709edb9f66c32bb0b9aeb9550bc8c08f95ae8a5c6153f92d2906e79c5a986
iDEFENSE Security Advisory 2009-07-14.2
Posted Jul 17, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.14.09 - Remote exploitation of an arbitrary pointer dereference vulnerability in version 2007 of Microsoft Corp.'s Publisher could allow an attacker to execute arbitrary code as the user running Publisher. This vulnerability exists in PUBCONV.DLL module in Microsoft Publisher 2007. PUBCONV.DLL module is responsible for converting legacy format Publisher files (.pub) created by older version of Publisher into the Publisher 2007 format. A programming error causes that module to dereference the arbitrary attacker-controlled value as the address of a table of function pointers. This vulnerability allows attackers to execute arbitrary code on the victim's system. iDefense confirmed PUBCONV.DLL (version 12.0.6311.5000) in Microsoft Office Publisher 2007 is vulnerable. Microsoft Office Publisher 2000, 2002 and 2003 do not appear to be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-0566
SHA-256 | 60c1056ccf5f7511507f06c0c4df84e293ba9b8bff333b9f8f1e471bb047683f
iDEFENSE Security Advisory 2009-07-14.1
Posted Jul 16, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.14.09 - Remote exploitation of a heap based buffer overflow vulnerability in Microsoft Corp.'s Embedded OpenType Font Engine (T2EMBED.DLL) could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a malicious OpenType Font, an integer truncation issue can occur on a specific length value. This can result in a large overwrite of the heap using attacker controlled data. The attacker may gain arbitrary execution control by overwriting specific data structures on the heap, such as an object virtual function table. iDefense has confirmed the existence of this vulnerability in the Embedded OpenType Font Engine for Windows Vista SP1 (T2EMBED.DLL version 6.0.6001.18000) and Windows XP SP3 (T2EMBED.DLL version 5.1.2600.5512). Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-0231
SHA-256 | edf76a6e28b64e4665ce974eeeee24d9ed24c6318f6cad7289d6bd9431d1583b
iDEFENSE Security Advisory 2009-06-26.1
Posted Jun 26, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 06.26.09 - Remote exploitation of a stack based buffer overflow vulnerability in Hewlett-Packard Development Co. LP (HP)'s Network Node Manager could allow an attacker to execute arbitrary code with the privileges of the affected service. The vulnerability exists within the 'rping' application, which is distributed with the Linux version of NNM. It is possible for a remote attacker to launch the 'rping' application and trigger a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Network Node Manager version 7.53 for Linux. Previous versions may also be affected. The Windows version is not affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, windows
advisories | CVE-2009-1420
SHA-256 | 7675a1f6766cff4edda973a4f9158e1010e7d7b646122849c2e2c355ac3642bf
iDEFENSE Security Advisory 2009-06-25.2
Posted Jun 26, 2009
Authored by iDefense Labs, Ruben Santamarta | Site idefense.com

iDefense Security Advisory 06.25.09 - Remote exploitation of a stack-based buffer overflow vulnerability in Motorola Inc.'s Timbuktu Pro could allow attackers to execute arbitrary code with SYSTEM privileges. Timbuktu fails to properly handle user-supplied data passed through a named pipe session. When the PlughNTCommand named pipe receives an overly large character string, a buffer overflow will occur resulting in arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Timbuktu Pro version 8.6.5. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2009-1394
SHA-256 | ab79faf675800d7b7b3746fd9f41707ec4fd077918d41f3c4a45aebd457ac0a3
iDEFENSE Security Advisory 2009-06-25.1
Posted Jun 26, 2009
Authored by iDefense Labs, Manuel Santamarina Suarez | Site idefense.com

iDefense Security Advisory 06.25.09 - Remote exploitation of a stack based buffer overflow vulnerability in Unisys's Business Information Server could allow an attacker to execute arbitrary code with the privileges of the affected service. If attackers send a packet to the Unisys Business Information Server over a TCP port, the attacker can corrupt stack memory and gain arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Business Information Server version 10. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2009-1628
SHA-256 | 0f6b851e37ef707c28dc12e307cce811d639b591995017d0726189ad5d30b210
Page 4 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close