The HTC Mail application on Android stores passwords base64 encoded after swapping around odd and even characters.
5dbb95f9e5f9adae904123eb9746ffa5bfd499af74e2a90f0e01d0d5d1ae9cf8The Microsoft NetMeeting application insufficiently validates received data opening a possibility to overwrite portions of application memory causing exceptions ranging from null-pointer access to a possible code execution. Version 3.01 has been found vulnerable.
a88f3c204e5b5b98c35fd8a74b701829f9b30f2c25275569137bbba6ad575152HEXVIEW*2006*03*14*1 - A vulnerability exists in Microsoft Excel which can be exploited to run a code of attacker's choice on user's PC.
b49f61bf0aad7736ae9c98d528c432754324b83c3815c076ca36290e525344d3A vulnerability exists in Microsoft Excel which can be exploited to run a code of attacker's choice on user's PC. Sufficient data validation is not performed when parsing "Named Range" definitions in the document file, which makes it possible to produce a negative 32-bit value that is later used as a length parameter for the msvcrt.memmove() function. As a result, a large chunk of memory is copied overwriting critical memory ranges, including the stack space. All tests were performed using Microsoft Excel 2003 (11.6560.6568) on Windows XP and Windows 2000 Pro platforms. It is likely that all MS Excel products are vulnerable.
d3ff03122df3a97151a14bd39966d4c618c8133f2af3261d2fc519f3c40b6a32Multiple vulnerabilities in Merak Mail Server 8.0.3 with Icewarp Web Mail 5.4.2 allow for cross site scripting, arbitrary file viewing, and more.
bbd44f9d66d0b59f4e1b162ed1fba5a48f52f53f725ac4d72198eda5661ffc2bThe Microsoft Jet DB engine suffers from various vulnerabilities that can lead to arbitrary code execution.
3bc0f27920edbf12b249e0d3cf0e4a6040fae500fdb40a7f3ea4fcffacf8d45cMultiple versions of the Merak Mail Server with Icewarp Web Mail suffer from various flaws. Included are cross site scripting, path disclosure, arbitrary file manipulation/access, and weak password encryption vulnerabilities.
2f72998322fa1ea4c6c2c644becc01d4932c53fb305167832b92978f9a58c796Symantec LiveUpdate is susceptible to compressed archive attacks known as zip bombing.
2673b88a121041513379080564220f8659436f861cf25d1939c9738f8b4f4a07Zip console application by Info-Zip is susceptible to a buffer overflow condition that can be triggered and exploited during a recursive compression operation.
274803fde916bd9e952281ab6546188a8fdc6b1c96a71fcd827aee6005de24b5A specially crafted WAV file can cause the WAV file property handler to consume all available CPU resources on Windows XP.
8e05ffb1b09efaeebd8f0714bf6ea2a5918b97d04c49938779f57d86f6f1093cInsufficient data validation for incoming calendar data makes possible to cause buffer overflow condition leading to stack corruption. As a result, it is possible to reboot the device (all stored messages will be lost since RAM storage will be reinitialized). It is also possible to execute code embedded by the attacker. It should be mentioned that Blackberry developers tools are freely available.
92f19aced80d13dd354f933fc08c07fda2df3c70c05fdcf8c2fff682d778be56Microsoft Word is susceptible to having an exception triggered due to a lack of sufficient data validation when winword.exe parses a document file. Two types of exceptions can be triggered, with the second being possibly exploitable.
cdc21ddeff9714cf7e828e939a3991db70d3d59f034e5e36ca4d6c5e9788b886BlackIce Server Protect versions 3.6cno and below from Internet Security Systems installs a firewall ruleset that can be removed or modified by any trusted or local unprivileged user.
f4772cb504ab957ef7193a8d03b9130f45c9592b768c32a0241b609c051209a1Datakey's tokens and smartcards suffer from a clear text password exposure vulnerability. The communication channel between the token and the driver is not encrypted. A user's PIN can be retrieved using a proxy driver or hardware sniffer. Systems affected: Rainbow iKey2032 USB token and Datakey's up-to-date CIP client package.
e6a95aba557fecb0404997af5ad693bdb744910e82a8e30d9cad43caeeb4742eA denial of service condition exists in the Microsoft SMS Client where a data packet that gets analyzed will cause the server to throw an exception while attempting to read or write an invalid memory address. Tested against: Microsoft Systems Management Server version 2.50.2726.0.
553f2e065d26c6b861b80533b5ce510271d41b91c5034a763c8d3895d8d62af4A cross site scripting vulnerability exists in Netegrity IdentityMinder Web Edition 5.6 SP2 for Windows and Netegrity Policy Server version 5.5.
60d8395a6691d3d4f0676d76c918575f97a8d986d0e069c2a2e903bd448fa6ffSending crafted packets to a 2.6 series kernel with netfilter rules matching TCP options (using the --tcp-option match) may result in a Denial of Service.
28a31023e011acd43ed42575cb7c55864db29f0f4463ce4e22d18f0616b771b0SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.
c311575509d77e140256db203b3431dabc5c01cfb4dd8d1e624c66a52ee8d789SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.
7d950166788412a4f59d5667daca8545e4ae1aefd11cc0225a8adfe941090883SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.
60b6fab3dcc07e154a22aa2c18072a5e408070846522782d959a9681d25da497SGI Security Advisory 20040401-01-P - It has been reported that there are several security issues affecting ftpd on IRIX. There is an ftpd DoS that is possible during PORT mode (SGI BUG 899364) not to mention that ftpd's ftp_syslog() doesn't work with anonymous FTP (SGI BUG 909172).
d0f63c5ef8fae4b78f5bbda3793a2c29d3e7603a5dde6ed7dde8af08e6c4ecf6SGI Security Advisory 20030902-01-P - It has been reported that certain Microsoft RPC scanning can cause the DCE daemon dced to abort, causing a denial of service vulnerability.
aff987ebea44700e772f00905cc18391b6bb9872ff70d9c1c6d4a9fb41d1b8d0SGI Security Advisory 20030901-01-P - It has been reported that under certain conditions a NFS client can avoid read-only restrictions on filesystems exported via NFS from a server running IRIX 6.5.21 and mount them in read/write mode.
20adad9965ecc3ab9669c0c0f988b3136ffc46d036a3e2a4b59af98e260d296aSGI Security Advisory 20030803-01-P - A vulnerability has been reported by sendmail.org that the 8.12.8 and earlier releases shipped with a potential problem in DNS mapping that could lead to a remote denial or service or root compromise. Relatedd CVE Number: CVE-2003-0688.
f599f483c03b2a7dbaa048e9abd60ad17327c2a14fc6add6523e23542a45abb1SGI Security Advisory 20030801-01-P - It is possible to create a Denial of Service attack on the IRIX nfsd through the use of carefully crafted packets which cause XDR decoding errors. This can lead to kernel panicing the system. No local account or access to an NFS mount point is required, so this could be constructed as a remote exploit.
c8555a9a5b384e2c2b2c17225b0c097f292cea81bae358a367064a71388393f1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed