what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Word Splash Pro 9.5 Buffer Overflow
Posted Dec 20, 2010
Authored by h1ch4m

Word Splash Pro versions 9.5 and below local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 5ffcbcad8fc30b44e94b571c1529d9ac9720ac37e56b839154e7777838dfe66d

Related Files

Secunia Security Advisory 50216
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | c47dbcfbed988fb012fc5678f5bb01004dc25cea272f7fa84fd1fbd2b7b8508d
Secunia Security Advisory 50221
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for calligra. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 9b82c52322521b4bb745bcd0a348a2f380e6e5c69fb578ed1f947caa829a1e15
Secunia Security Advisory 50223
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, ubuntu
SHA-256 | f457133663067f176a740320aeaeabc1db606d0b70ccb940ae0795b005017da5
Secunia Security Advisory 50222
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | fbac53267a255962f54dbbf30ca4c9da5da3b6f327ee9f1207884cfd0b4893fb
Secunia Security Advisory 50219
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for webkit. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 40c5d88cb2b2d055443a887003a7b30764fcdb1cd6d6f31f748ed0174dbb9c27
Secunia Security Advisory 50258
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for icedtea-web. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the plugin.

tags | advisory, web, vulnerability
systems | linux, suse
SHA-256 | d2498827fbc60ac4f93763aa590a4f48b39ae08094bcfc93dd5231c7f75f3820
Secunia Security Advisory 50215
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - L0n3ly-H34rT has discovered multiple vulnerabilities in ProQuiz, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 4f46f52e9700c26bb4c944fc5835625d34059a3b1db17689a17c41ec57cf71a5
Secunia Security Advisory 50157
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GNU Emacs, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 25ad1a4bd9530941966c1d6c0d4fdd4447fb40f4192ebda098c7383baf8bf9f9
Secunia Security Advisory 50242
Posted Aug 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
SHA-256 | d020c513596d0ba89d8483ab21957f60a887308cc990e153ab278cfd7d9603e5
Mandriva Linux Security Advisory 2012-129-1
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues. The wrong set of packages was sent out with the MDVSA-2012:129 advisory that lacked the fix for CVE-2006-1168. This advisory provides the correct packages.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | c7875eb533c9d6beb3425c1a97fe6ed841b9a1c6086b68f13fd555c85ebb7760
Mandriva Linux Security Advisory 2012-129
Posted Aug 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, shell, code execution
systems | linux, mandriva
advisories | CVE-2006-1168, CVE-2011-2716
SHA-256 | 741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4
Mandriva Linux Security Advisory 2012-128
Posted Aug 9, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-128 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability.

tags | advisory, remote, overflow, shell, bash
systems | linux, mandriva
advisories | CVE-2012-3410
SHA-256 | ded651ae3fb8a40f05143e18cd58c2e666fadd104e5caa2a2f8e3f23bba5151f
Ubuntu Security Notice USN-1526-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1526-1 - It was discovered that KOffice incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3455
SHA-256 | 43e88c37453c69867d815481a625315c78eea69767bddb4042378d1de7526dc2
Ubuntu Security Notice USN-1525-1
Posted Aug 9, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1525-1 - It was discovered that Calligra incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-3456
SHA-256 | a534bf03e4f3fd9b5adceea60563dbe513a9895d51f11e031ad46c5e6a4e72c4
Secunia Security Advisory 50220
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 60a963331192fcc92f50d2f9dd3c437bf5576a63b0c1cf60843bf0062447a34d
Secunia Security Advisory 50227
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the powermail extension for TYPO3, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 0c65fe588d266494acdb6b788c9e15fc674c007333703c8929661a8f23164a16
PBBoard 2.1.4 SQL Injection / Improper Authentication / Broken Access Control
Posted Aug 9, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

PBBoard version 2.1.4 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, bypass
advisories | CVE-2012-4034, CVE-2012-4035, CVE-2012-4036
SHA-256 | 98c660124db3dfdff27f3497939655798807cd19db3c0489fbf39341a0590cb1
Red Hat Security Advisory 2012-1152-01
Posted Aug 9, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1152-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.

tags | advisory, remote, arbitrary, code execution, csrf
systems | linux, redhat
advisories | CVE-2011-2908
SHA-256 | 541ebbf92a7b69b98f4d8f15cc4138c7a7f8c74ac83e8b5ebf8bc57eb5032ebc
PHP IRC Bot pbot eval() Remote Code Execution
Posted Aug 8, 2012
Authored by Evilcry, juan vazquez, bwall, Jay Turla | Site metasploit.com

This Metasploit module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval() in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version of pbot analyzed by Jay Turla, and published on Infosec Institute, running over Ubuntu 10.04 and Windows XP SP3.

tags | exploit, remote, php
systems | linux, windows, ubuntu
SHA-256 | af5927c4e9d6a607a05e48844259bb81f722ee9404fcdab77834d99f0a04d614
ESCON SupportPortal Pro 3.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2590
SHA-256 | 276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
SHA-256 | 70975b139f142c6b5aa2788169c1656874f10ae8fd42b3b7714b3d1791acff41
Mandriva Linux Security Advisory 2012-127
Posted Aug 8, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-127 - A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-3401
SHA-256 | 149b7cb1a9d75035cbf157d9a41f74cd86afc4f26ebe2a53fe79e88cc5726a0b
Secunia Security Advisory 50094
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sleipnir Mobile for Android, which can be exploited by malicious people to compromise a user's device.

tags | advisory
SHA-256 | 943f2ce7fee15408d358baaad3f9bc05c904e8694aa65521dc950f607ec1cac8
Secunia Security Advisory 50144
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sauerbraten Game Engine, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 415bdb53a582f34c45fd6d68ab280ae7b73a6a7f56050e69f13483d539d6bbbe
Secunia Security Advisory 50145
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | 848c847707dc1376b96820be85e810d719ecb357b2159381ba010fabbbc355ce
Page 4 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close