exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

secunia-netmail-3.52C
Posted Oct 13, 2005
Authored by Secunia Research | Site secunia.com

Secunia research has discovered a vulnerability in Novell NetMail, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 216a4b9cd6b475818d0fb2dad4209215db856a48bff8ed34e60241ff5c088664

Related Files

RealPlayer "cook" Uninitialised Memory
Posted Dec 20, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in RealPlayer, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error when parsing RealAudio content encoded using the "cook" codec. This can be exploited to trigger the use of uninitialised memory and potentially corrupt memory via e.g. a specially crafted RealMedia file.

tags | advisory
advisories | CVE-2010-0121
SHA-256 | 2434eaef6b000eb04efc5bf512381ecffb8c1a973ccfb2c8544b94986d6df588
SAP Crystal Reports Print ActiveX Control Buffer Overflow
Posted Dec 20, 2010
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in SAP Crystal Reports, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control (PrintControl.dll) when processing the "ServerResourceVersion" property and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation allows execution of arbitrary code. Affected is Crystal Reports 2008 SP3 Fix Pack 3.2 Print ActiveX (12.3.2.753).

tags | advisory, overflow, arbitrary, activex
advisories | CVE-2010-2590
SHA-256 | d28710dbbdb6a4e04bbf0b31230732e1f2ccbb1c884c4ad65e99fc484a3db74d
QuickTime Track Dimensions Buffer Overflow
Posted Dec 8, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when copying track content based on the track's dimensions and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-1508
SHA-256 | 911bd4b055ba39de0bc64e6b9b69f88e96dd93acfe80f04f10e0363185f748a4
Winamp NSV Table of Contents Parsing Integer Overflow
Posted Dec 2, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer overflow error in the "in_nsv.dll" plugin when parsing the Table of Contents. This can be exploited to cause a heap-based buffer overflow via a specially crafted NSV stream or file. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2586
SHA-256 | 0e11ad9228e8586e68caa98094db7b108049945b5e471bad6d6329da58669380
Secunia Security Advisory 39259
Posted Nov 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 918c34fa4532c76eaee7016f1630ff39136aa6daa7d2d02b700262db9a6de70b
QuickTime Sorenson Video 3 Array-Indexing
Posted Nov 11, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an array-indexing error when parsing Sorenson Video 3 content and can be exploited to corrupt memory during decompression via a specially crafted file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3793
SHA-256 | e114b679b8b2a77228eda194e3cac070aeb1c50ddabcdbb4ade3ae86857bb33e
Microsoft Office Drawing Shape Container Parsing
Posted Nov 10, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by insufficient validation when parsing an Office Art Drawing record, which contains "msofbtSp" records that specify certain flags. This can be exploited to corrupt memory via a specially crafted Office file. Successful exploitation allows execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-3334
SHA-256 | 61dae7bedfeaf692cd9a528ab0ceaf23d9863ec3a159771e27ed645dbdcfc890
Microsoft PowerPoint PP7X32.DLL Record Parsing
Posted Nov 10, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a logic error in PP7X32.DLL when processing certain records in PowerPoint 95 files and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2572
SHA-256 | 7ecd37648537fbfa01db86e653e3bda1f9f95fe6fda438246fd9bb3b1fcb0f61
Secunia Security Advisory 41644
Posted Nov 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | 894776b3eaaa687429b44c66139594863280ebcf8f9f50d9be963c51c67a199f
SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control
Posted Oct 29, 2010
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the "Install3rdPartyComponent()" method in the "Aventail.EPInstaller" ActiveX control when creating an absolute path name based on values in the "CabURL" and "Location" arguments. This can be exploited to cause a stack-based buffer overflow via overly long values. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, activex
advisories | CVE-2010-2583
SHA-256 | bda7d9a6037b717f828fe03148093d6578e44697389fab80cebbcb196eeacc52
Adobe Shockwave Player "DEMX" Chunk Parsing
Posted Oct 29, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which may be exploited by malicious people to compromise a user's system. The vulnerability is caused by a logic error in TextXtra.x32 when parsing "DEMX" chunks. This can be exploited to cause a heap-based buffer overflow via a specially crafted Director file as a function does not reallocate a buffer to contain a section of data as expected, but another function to still copy chunk data into the insufficiently sized buffer. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2582
SHA-256 | 0520606f6722058230d81d2805a4528a191ff0ab419df32cfb2367dc2efaca0c
Adobe Shockwave Player "pamm" Chunk Parsing
Posted Oct 29, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which may be exploited by malicious people to compromise a user's system. The vulnerability is caused by a function in dirapi.dll not validating the size and number of sub-chunks inside a "pamm" chunk during initial parsing of the sub-chunks. This can be exploited to corrupt memory outside the bounds of a buffer allocated for the "pamm" data via a specially crafted Director file. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2010-2581
SHA-256 | a3e29c613af64c8ecff2b697ddfc189577bbb6d153195c683e72b4cc58a495ab
Winamp VP6 Content Parsing Buffer Overflow
Posted Oct 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by an error in the VP6 codec (vp6.w5s) when parsing VP6 video content. This can be exploited to cause a heap-based buffer overflow via a specially crafted media file or stream. Successful exploitation may allow execution of arbitrary code. Version 5.581 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-1523
SHA-256 | 589a067f3f1289bab05e944bfaf2f2cc31e132d0938bcb4b2965adc396c3972b
Secunia Security Advisory 40911
Posted Oct 21, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in PhreeBooks, which can be exploited by malicious users to conduct script insertion attacks, SQL injection attacks, and disclose sensitive information and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 9a34fe45793f6ce613dd230dd1eaacac681b0ce74c1beb8ee6adc01e7a56e8f6
Secunia Security Advisory 41392
Posted Oct 21, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in RealPage Module Upload ActiveX Control, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.

tags | advisory, vulnerability, activex
SHA-256 | 651fea232220f0ed27e4254355c0628fd7ec8472eb448994dd1f1103d7ac6a47
RealPlayer QCP Sample Chunk Parsing Buffer Overflow
Posted Oct 19, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in RealPlayer SP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of sample chunks when parsing QCP audio content. This can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. RealPlayer SP 1.0.5 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2578
SHA-256 | eeeb4329cff7001ffd06cec1862563c1994e5260cf8c7aa4113f614fd72bb98e
Microsoft Excel Ghost Record Type Parsing Vulnerability
Posted Oct 14, 2010

Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by missing input validation in a conversion routine when parsing a certain record type. This can be exploited to corrupt memory outside the bounds of an allocated heap buffer via an overly large range specified by two record fields. Successful exploitation may allow execution of arbitrary code.

tags | advisory, arbitrary
SHA-256 | 21e10e587b08eab8b138823b37faa5960ca8e9055a5b50ffdeb344420cc00b64
Microsoft Excel Extra Out of Boundary Record Vulnerability
Posted Oct 14, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error when processing Extra Out of Boundary records having an insufficient size and can be exploited to corrupt memory at an arbitrary memory address. Successful exploitation may allow execution of arbitrary code. Microsoft Excel version 2002 SP3 is affected.

tags | advisory, arbitrary
advisories | CVE-2010-3239
SHA-256 | 8ea759d06afa37e09ab49ee1dafb03c92928931d90be995c5efb168e981771e7
Microsoft Excel Record Parsing Integer Overflow Vulnerability
Posted Oct 14, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a sign-extension error and integer overflow when processing a certain record type and can be exploited to cause a heap-based buffer overflow via a specially crafted Excel file. Successful exploitation may allow execution of arbitrary code. Microsoft Excel version 2002 SP3 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-3230
SHA-256 | 2df1b52e63dddaf3a80b801b02ae3b8ce56242dea57ed013b15298219990a6e1
Microsoft Excel Lotus 1-2-3 File Parsing Vulnerability
Posted Oct 14, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the parsing of certain records in Lotus 1-2-3 workbooks. This can be exploited to cause a heap-based buffer overflow via a Lotus 1-2-3 file containing a specially crafted, overly long record. Successful exploitation may allow execution of arbitrary code. Microsoft Excel versions 2002 SP3 and 2003 SP3 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-3233
SHA-256 | eaa3b220e89e395f1191b6a6206ef0e5d0192c66b80b7db1d9065ae7233e71ad
Secunia Security Advisory 41391
Posted Sep 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Nagios XI, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 25c41b21c449ee236f0770e5126e55f0c1300d47f71adced075c6a8098b41a3f
Microsoft Outlook Content Parsing Integer Underflow
Posted Sep 15, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an integer underflow error when parsing certain content and can be exploited to cause a heap-based buffer overflow via e.g. a specially crafted e-mail message. Successful exploitation may allow execution of arbitrary code, but requires that Outlook is connected to an Exchange server with Online Mode (not default setting for Outlook 2003 and 2007).

tags | advisory, overflow, arbitrary
advisories | CVE-2010-2728
SHA-256 | 3ac2fa8b03f7e0a1eb4436a2b09aa20d22e3ff238856861ce6ed1812b132fe1d
Secunia Security Advisory 34075
Posted Sep 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | a5d9ad5004ac3e91b8761bf3fecc511540ab02ec335b51b3102a1b78c0cb3bc3
MailEnable SMTP Service Denial Of Service
Posted Sep 14, 2010
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious people to cause a DoS (Denial of Service). An insufficient length check when appending data to a predefined log message into a buffer using strcat_s() may result in an unhandled invalid parameter error. This can be exploited to crash the SMTP service (MESMTPC.exe) via an overly long email address in the "MAIL FROM" command. An insufficient length check when copying data with a predefined log message into a buffer using strcpy_s() may result in an unhandled invalid parameter error. This can be exploited to crash the SMTP service (MESMTPC.exe) via an overly long domain name in the "RCPT TO" command.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-2580
SHA-256 | b390e4462d7181ab22d988e0eaeb3fed9186ac4bba863901c1fa5b907f6d21bb
Secunia Security Advisory 41175
Posted Sep 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 437d0243968befb6cf0fdbf76996c55b068323283ad040935cdf28d7263b6918
Page 4 of 4
Back1234Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    9 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close