what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 38 RSS Feed

Files Date: 2010-09-03

Microsoft Internet Explorer 8 Forced Tweeting
Posted Sep 3, 2010
Authored by Chris Evans

Microsoft Internet Explorer 8 suffers from a vulnerability that allows an arbitrary web site the ability to force a victim to make tweets.

tags | advisory, web, arbitrary
SHA-256 | 8269887c6dc615aa7b380185ff2cddb02707773fa120bc701801b7bafec70899
SMBind 0.4.7 SQL Injection
Posted Sep 3, 2010
Authored by IHTeam

SMBind versions 0.4.7 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 0da84d92d29133b3f50b81dffd38845ce1e493b4b43e77fddb677151dfde6607
Pligg 1.0.4 SQL Injection
Posted Sep 3, 2010
Authored by Bogdan Calin | Site acunetix.com

Pligg version 1.0.4 suffers from additional remote SQL injection vulnerabilities outside of the previously discovered findings.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | bd510dfa8c37dd79fb700a945f23a47f0bda0d46ad0b2c4cc73c2acdada49063
Month Of Abysssec Undisclosed Bugs - Trend Micro
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Trend Micro Internet Security Pro 2010 suffers from an Active-X extSetOwner remote code execution vulnerability.

tags | advisory, remote, code execution, activex
SHA-256 | 4620de97498bd0557f5f5a7a75237763455786c027f6b263a0f56abfdcc5fb4e
Month Of Abysssec Undisclosed Bugs - Visinia 1.3 XSRF / LFI
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Visinia version 1.3 suffers from cross site request forgery and local file inclusion vulnerabilities.

tags | advisory, local, vulnerability, file inclusion, csrf
SHA-256 | 585ee45ed954de99a78e5b9e113589b44930bbce597ba8fcac84e298923a2dcc
Google Chrome Focus Processing Memory Corruption
Posted Sep 3, 2010
Authored by Matthieu Bonetti | Site vupen.com

VUPEN Vulnerability Research Team discovered a high risk vulnerability affecting Google Chrome. The vulnerability is caused by a memory corruption error when processing focus events, which could be exploited by remote attackers to potentially execute arbitrary code by tricking a user into visiting a specially crafted web page. Google Chrome versions prior to 6.0.472.53 are affected.

tags | advisory, remote, web, arbitrary
SHA-256 | 2295a6c5a62a9aab8f0009db39e9958b989b89bb1f3c39a635c47d462c9c9bfe
Month Of Abysssec Undisclosed Bugs - Visinia 1.3 XSRF / LFI
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Visinia version 1.3 suffers from cross site request forgery and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
SHA-256 | 54ba9b2a77570d5e24c797949460bf2d84ab31e6f9d24e86fadc566553993376
Month Of Abysssec Undisclosed Bugs - Trend Micro
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Trend Micro Internet Security Pro 2010 suffers from an Active-X extSetOwner remote code execution vulnerability.

tags | exploit, remote, code execution, activex
SHA-256 | bbdd0a04d64f85ab56f13cb6ee058728c66b9b3b85d47b220ea29d630abf4871
Debian Linux Security Advisory 2102-1
Posted Sep 3, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2102-1 - It has been discovered that in barnowl, a curses-based instant-messaging client, the return codes of calls to the ZPending and ZReceiveNotice functions in libzephyr were not checked, allowing attackers to cause a denial of service (crash of the application), and possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2010-2725
SHA-256 | ab80e7337de5886d730835a02d434d8f7f3c6c6cda36cdb2a4d3ae519c3188ac
HP Security Bulletin HPSBMA02572 SSRT100082
Posted Sep 3, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Operations Agent running on Windows. The vulnerabilities could be exploited locally resulting in an elevation of privileges and remotely allowing execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | windows
advisories | CVE-2010-3004, CVE-2010-3005
SHA-256 | bd721da8bf251414d3a9b4774068164e61684e3127a198b48521299815d52f8c
Secunia Security Advisory 41167
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in KeePass Password Safe, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 212bbdb20030a8ac1337286e667ab1b71ae06818653b74a35bd2537b907c16c0
Secunia Security Advisory 41280
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
SHA-256 | ab30e7373aa72dba088713674d90a24c1be66c8c2b40ce46115b0c6821c903f7
Secunia Security Advisory 41266
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 3Com H3C S9500E switches, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 6e6ef62c3c3db90d84ae7c860f53139b89925a4b3844f51cbd6c7f32f215843b
Secunia Security Advisory 41258
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in PhotoImpact, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 206bd2e8e2a746b02f3b49f4ba317a0ff20096d89e3b1bb81bfb408e2ddba8e0
Secunia Security Advisory 41277
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Operations Agent, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to potentially compromise a vulnerable system.

tags | advisory, local, vulnerability
SHA-256 | 903b02e3759946a2ada824011e59051dfd9f95d2b0769c4617ca14b446bc00d2
Secunia Security Advisory 41189
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Visinia, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive information.

tags | advisory, vulnerability, csrf
SHA-256 | 8e0a5151f81bc3ffa4f2891b91fd9e7d1b0d336c0fb3968e78d3668c9865dbb4
Secunia Security Advisory 41152
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Roxio MyDVD, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 7e8f1e9ed1328f75ac9243c5f2aa6c30fbb5028de7e3d93c9f0c6bb991eab77e
Secunia Security Advisory 41278
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in MantisBT, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | c5a2e5d8062ba402537b8e09729f11fba30abe69383a60fd86ee64b844a442d3
Secunia Security Advisory 41254
Posted Sep 3, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in NuSOAP, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 6e737644a9cbe78dcd865d7bab4a7c2cf239d9893d9df922b60f8e136053dd91
Mandriva Linux Security Advisory 2010-170
Posted Sep 3, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-170 - GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a.wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2252
SHA-256 | 7e88aed1075989ac769d24f2faa6e97354507085f73aec9d9b3c569aa00eb29c
Gentoo Linux Security Advisory 201009-1
Posted Sep 3, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201009-1 - An integer overflow vulnerability in wxGTK might enable remote attackers to cause the execution of arbitrary code. wxGTK is prone to an integer overflow error in the wxImage::Create() function in src/common/image.cpp, possibly leading to a heap-based buffer overflow. Versions less than 2.8.10.1-r1 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2009-2369
SHA-256 | c2ac66e27ba600b2f3b5ab01ed974d8c839adb14c710f03fa8005debac84c079
OneCMS 2.6.1 Cross Site Scripting
Posted Sep 3, 2010
Authored by anT!-Tr0J4n

OneCMS version 2.6.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 36f4fb5855939c1f7d8dc2edead0768a8d6a834a57f32aca98abfabad05b4a8b
Whitepaper Called PATH Attacks
Posted Sep 3, 2010
Authored by fred777

Whitepaper called PATH Attacks. Written in German.

tags | paper
SHA-256 | 8a7171d2db605792d0b33902b06e2133656e7900ddfe53395a9f9b3645604ffa
Month Of Abysssec Undisclosed Bugs - Apple QuickTime
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 FlashPix NumberOfTiles remote code execution exploit.

tags | advisory, remote, code execution
systems | apple
advisories | CVE-2010-0519
SHA-256 | aa5ee77d4f0cae3c9c6b145e680baba1d16f858fe6786e227c30f287041e1fa1
Month Of Abysssec Undisclosed Bugs - Rainbow Portal 2.0
Posted Sep 3, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Rainbow Portal version 2.0 suffers from login weakness, cross site scripting and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection
SHA-256 | 3c9106c77965a19f36fcdf1cf3d15465ddacc650e342e9ea6adb4586e0bbf833
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close