VideoSpirit Pro versions 1.68 and below local buffer overflow proof of concept exploit.
0f6178984474d71343f55c1f89fd67032bfd3a92d83c1780f4e6dd53e1f14253
Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
c47dbcfbed988fb012fc5678f5bb01004dc25cea272f7fa84fd1fbd2b7b8508d
Secunia Security Advisory - Ubuntu has issued an update for calligra. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
9b82c52322521b4bb745bcd0a348a2f380e6e5c69fb578ed1f947caa829a1e15
Secunia Security Advisory - Ubuntu has issued an update for koffice. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
f457133663067f176a740320aeaeabc1db606d0b70ccb940ae0795b005017da5
Secunia Security Advisory - Two vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
fbac53267a255962f54dbbf30ca4c9da5da3b6f327ee9f1207884cfd0b4893fb
Secunia Security Advisory - Ubuntu has issued an update for webkit. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
40c5d88cb2b2d055443a887003a7b30764fcdb1cd6d6f31f748ed0174dbb9c27
Secunia Security Advisory - SUSE has issued an update for icedtea-web. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the plugin.
d2498827fbc60ac4f93763aa590a4f48b39ae08094bcfc93dd5231c7f75f3820
Secunia Security Advisory - L0n3ly-H34rT has discovered multiple vulnerabilities in ProQuiz, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.
4f46f52e9700c26bb4c944fc5835625d34059a3b1db17689a17c41ec57cf71a5
Secunia Security Advisory - A vulnerability has been reported in GNU Emacs, which can be exploited by malicious people to compromise a user's system.
25ad1a4bd9530941966c1d6c0d4fdd4447fb40f4192ebda098c7383baf8bf9f9
Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system.
d020c513596d0ba89d8483ab21957f60a887308cc990e153ab278cfd7d9603e5
Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues. The wrong set of packages was sent out with the MDVSA-2012:129 advisory that lacked the fix for CVE-2006-1168. This advisory provides the correct packages.
c7875eb533c9d6beb3425c1a97fe6ed841b9a1c6086b68f13fd555c85ebb7760
Mandriva Linux Security Advisory 2012-129 - The decompress function in ncompress allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow. A missing DHCP option checking / sanitization flaw was reported for multiple DHCP clients. This flaw may allow DHCP server to trick DHCP clients to set e.g. system hostname to a specially crafted value containing shell special characters. Various scripts assume that hostname is trusted, which may lead to code execution when hostname is specially crafted. Additionally for Mandriva Enterprise Server 5 various problems in the ka-deploy and uClibc packages was discovered and fixed with this advisory. The updated packages have been patched to correct these issues.
741a2545d765d1e9854cdcbf178dc20b6ca0f8fc1357ad76b6a268fa5cadabc4
Mandriva Linux Security Advisory 2012-128 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability.
ded651ae3fb8a40f05143e18cd58c2e666fadd104e5caa2a2f8e3f23bba5151f
Ubuntu Security Notice 1526-1 - It was discovered that KOffice incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
43e88c37453c69867d815481a625315c78eea69767bddb4042378d1de7526dc2
Ubuntu Security Notice 1525-1 - It was discovered that Calligra incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
a534bf03e4f3fd9b5adceea60563dbe513a9895d51f11e031ad46c5e6a4e72c4
Secunia Security Advisory - A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
60a963331192fcc92f50d2f9dd3c437bf5576a63b0c1cf60843bf0062447a34d
Secunia Security Advisory - Some vulnerabilities have been reported in the powermail extension for TYPO3, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.
0c65fe588d266494acdb6b788c9e15fc674c007333703c8929661a8f23164a16
PBBoard version 2.1.4 suffers from improper authentication, improper access control, and remote SQL injection vulnerabilities.
98c660124db3dfdff27f3497939655798807cd19db3c0489fbf39341a0590cb1
Red Hat Security Advisory 2012-1152-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.
541ebbf92a7b69b98f4d8f15cc4138c7a7f8c74ac83e8b5ebf8bc57eb5032ebc
This Metasploit module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval() in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version of pbot analyzed by Jay Turla, and published on Infosec Institute, running over Ubuntu 10.04 and Windows XP SP3.
af5927c4e9d6a607a05e48844259bb81f722ee9404fcdab77834d99f0a04d614
ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.
276e0b8f015732fce0ae5dbd7e7bdd804d1aa558b1f1268b2d84dc292f750351
AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.
70975b139f142c6b5aa2788169c1656874f10ae8fd42b3b7714b3d1791acff41
Mandriva Linux Security Advisory 2012-127 - A heap-based buffer overflow flaw was found in the way tiff2pdf, a TIFF image to a PDF document conversion tool, of libtiff, a library of functions for manipulating TIFF image format files, performed write of TIFF image content into particular PDF document file, when not properly initialized T2P context struct pointer has been provided by tiff2pdf as one of parameters for the routine performing the write. A remote attacker could provide a specially-crafted TIFF image format file, that when processed by tiff2pdf would lead to tiff2pdf executable crash or, potentially, arbitrary code execution with the privileges of the user running the tiff2pdf binary. The updated packages have been patched to correct this issue.
149b7cb1a9d75035cbf157d9a41f74cd86afc4f26ebe2a53fe79e88cc5726a0b
Secunia Security Advisory - A vulnerability has been reported in Sleipnir Mobile for Android, which can be exploited by malicious people to compromise a user's device.
943f2ce7fee15408d358baaad3f9bc05c904e8694aa65521dc950f607ec1cac8
Secunia Security Advisory - A vulnerability has been reported in Sauerbraten Game Engine, which can be exploited by malicious people to compromise a user's system.
415bdb53a582f34c45fd6d68ab280ae7b73a6a7f56050e69f13483d539d6bbbe
Secunia Security Advisory - SUSE has issued an update for krb5. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise a vulnerable system.
848c847707dc1376b96820be85e810d719ecb357b2159381ba010fabbbc355ce