A remote exploitable vulnerability exists in clamav-milter when used with sendmail due to an insecure call to popen(). ClamAV versions prior to 0.91.2 are affected.
88430f439474ceb833877640e5ef738a4bb02bb470e976a6ef541d0b83c2d84c
BENIGNCERTAIN is a remote exploit to extract Cisco VPN private keys. Note that this exploit is part of the recent public disclosure from the "Shadow Brokers" who claim to have compromised data from a team known as the "Equation Group", however, there is no author data available in this content. The tool references Cisco PIX versions 5.2(9) to 6.3(4), which were released in 2004.
f1cc0ef523db5ceca559ff6245e673e90a6309eaeaf13d63e575e3e9b70a5ea8
n2cms version 2.2.1 suffers from a path disclosure vulnerability.
3999ea7bf894cbb36512a747568273dd9e6751f2d406d253df2dbab8f24da389
A design bug in X.509 certificate chain validation (RFC 3280) allows attackers to trigger (blind) HTTP requests for both external as well as internal IPs if a specially-crafted, S/MIME-signed email is opened in Microsoft Outlook. This issue, which has been originally reported in 2008, has been revisited and timing differences make it possible to identify open and closed ports on internal networks.
9365e6ebb217675995930a39307adaa0068c69e67328ec203f67fb4ba9ac8f00
The Lotus Notes mail client accepts applet tags inside HTML emails, making it possible to load Java applets from a remote location. Combined with known Java sandbox escape vulnerabilities, it can be used to fully compromise the user reading the email.
72507df8ce813a6baed8ae1404ff3467f4a3d09f17024073ea1c0b531c0f08c6
Polycom systems suffer from a format string vulnerability when creating a CDR entry. Polycom HDX series versions prior to 3.1.1.2 are affected.
8998433b0bea32dde00acd6d3311c61443b062424f5faeac20c6cdfee2adbe3b
A simple H.323 SETUP packet can be used to commit a remote SQL injection attack against Polycom systems. Polycom HDX series versions prior to 3.1.1.2 are affected.
c8ef16e32d79b56646936f40819360d5231808c030efb457b8afed16f3c94923
The firmware update functionality in the Polycom web interface is vulnerable to a simple command injection vulnerability which allows an attacker with access to the web interface to execute arbitrary commands on the underlying embedded Linux system. Polycom HDX series versions prior to 3.1.1.2 are affected.
eaeed66e6e35211d5de8494085612d6cabc696df21d84244931e4cb825cb4492
The Polycom Command Shell can be used to view and also change several settings of the system. However it can also be used to get system-level access (i.e. root access) to the HDX system. The "printenv" and "setenv" commands can be used to read and write variables respectively which are stored in flash memory. Polycom HDX series versions prior to 3.1.1.2 are affected.
162aad6a25e60bab68f51ec49f90cbda2650407c9f0ac15d752cc71dba4606be
Splunk versions 4.0 through 4.3.4 suffer from an unauthenticated remote denial of service vulnerability against splunkd.
712c0f2ebc8a92c6651117dcb6b048dd30c332c12100a46fccd41ffa48f1183d
Splunk version 4.3.x suffers from a denial of service hash table vulnerability.
d5cbcf654bede60e73b046c746c6d6c0a805b9e9a6f72f4af8548cd3f36fa296
Most hash functions used in hash table implementations can be broken faster than by using brute-force techniques (which is feasible for hash functions with 32 bit output, but very expensive for 64 bit functions) by using one of two "tricks": equivalent substrings or a meet-in-the-middle attack.
5ba7d905a60a09b9e51b4bfc83a4c27718fe15666e0535630b7937cc69f6152f
A heap corruption vulnerability has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.
a967d2b7f8fefd73301e6eaf2dfb4c514e1473ca7edba87c15475fe6dc0abe7e
A stack-based buffer overflow has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.
8c2aad516fccebdeefca7b40556e1cfb18e6b22108f839a744c124db43130d39
N-13 News version 4.0.1 suffers from a cross site scripting vulnerability.
c17aa361bfc2f6a23221bee79bc39454c793bad9b8908c13976f67d8307cf15b
N-13 News version 4.0 suffers from a cross site request forgery vulnerability.
4d93d1d22757b4ac50a52537f8435fe2190a38e489fd2b3afd52abe79b7b4c30
N-13 News version 3.4 suffers from a remote administrator addition cross site request forgery vulnerability.
db9750e361a493b4e2180b3eb9df353cb1dc6c1560955919e0046197e71b8f8e
A directory traversal vulnerability has been found in the PJL file system access interface of various HP LaserJet MFP devices. File system access through PJL is usually restricted to a specific part of the file system. Using a pathname such as 0:\..\..\..\ it is possible to get access to the complete file system of the device.
3046f35f738f91dd1414a725b79b838acb34d0bb5e416218ca7e0fbb11a194c5
Part of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
5cd45b1c09ebec546267dae931c9ff29744617b38e2df6f7e0ab905d89d90e04
The Alcatel CTI Solution is completely broken by design and performs authentication validation client-side.
7e2e7e0578b17ca41d5ca1c3b86de59225fa2219cbd660340684ccbe44384690
N-13 News suffers from a file disclosure vulnerability.
078d10aafb3dc4666f8dc5ad3d88b135363e8a401324eb404891abddbb72021a
A remotely exploitable vulnerability has been found in Adobe Acrobat Reader/Acrobat Firefox plugin. Versions 8.1.3 through 8.1.6 are affected.
02dfa8f527d8d6db4d18a0236b10c85a02cc3272c626c753553d001851062481
Safari fails to sanitize the file protocol handler thus leading to an information disclosure, e.g. local file theft. Dynamically creating a certain HTML tag and using a valid file path to an executable may lead to a denial of service condition. Apple's Safari browser version 3.2.3 is vulnerable.
cacf872f1106fc6da55a3d56af72a3d3d6d797892f96aa06e4ee001b4fa30ae6
A Null Class Pointer Dereference in CoreFoundation.dll has been found while parsing a URL fragment with a high-bit character in a common protocol handler. Apple's Safari browser version 3.2.3 is vulnerable.
43353339aed37a33039bbc97039fb9b5ec525ae76af3ae86fbb10ebfa0788760
A remotely exploitable vulnerability has been found in the HTTP header parsing code of the CFNetwork framework.
3cd844ab4b16ffea30d4bf56950667b6ccf6b6b2a12354c933cb59ebebbbebe9
The Opera browser suffers from a HTML parsing flaw that allows for remote code execution. This affects the browser on all platforms.
febf5df96d484a8dc165f206b1224c5465d7ce08b01af90bdeeac54a08cce767