This Metasploit module exploits an out-of-bounds access flaw in Firefox 7 and 8 (versions 8.0.1 and below). The notification of nsSVGValue observers via nsSVGValue::NotifyObservers(x,y) uses a loop which can result in an out-of-bounds access to attacker-controlled memory. The mObserver ElementAt() function (which picks up pointers), does not validate if a given index is out of bound. If a custom observer of nsSVGValue is created, which removes elements from the original observer, and memory layout is manipulated properly, the ElementAt() function might pick up an attacker provided pointer, which can be leveraged to gain remote arbitrary code execution.
94acb924f037607a74196ffbd40dc6b26726a6b5e2a13e1caa089d6e3b0c2406This is a brief whitepaper that discusses finding remote and local file inclusion vulnerabilities and how to exploit and patch them.
d28ed75d8eb9604c29fc6876297418475ffea313bb8b01a2430294ecdbd4a18bApple Security Advisory 2012-05-07-1 - A URL spoofing issue existed in Safari. This could be used in a malicious web site to direct the user to a spoofed site that visually appeared to be a legitimate domain. Multiple cross site scripting issues existed in WebKit along with a memory corruption issue.
786fe23968a3f5aa19c1879e551587fcf15f839f12791813e11922d9793808ecThe Cisco Linksys WRT54GL router suffers from a cross site request forgery vulnerability.
15765a5278a3d85691a1560925b05f28f2c55ddd9ccac8024f86755afe32809aThis paper reveals the theoretical aspects behind run-time crypters and describes a reference implementation for Portable Executables.
151b5b88ae878e07f3f061bd79b9e8bdd14d125d1e574f3e6cedd6317fb54d52Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.
84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5This bulletin summary lists 7 released Microsoft security bulletins for May, 2012.
5b55111db2e9d458489aa5b317e94be0141b02eb1566f67bc6fa8b03a39a053cBagler CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
456977912384df602200c12ee51909b89bbbde0e1daab9affab1a16180702cddPHP Enter suffers from a code execution vulnerability.
0e40cede5b489ccd4eccd31c3db4cd143a0b5033a7852925e405574541aa09d6The vulnerability described in this document could hypothetically be exploited by unprivileged code running in a VMware virtual machine (guest) in order to execute code in the host VMX process, thereby breaking out of the virtual machine; however, such exploitation has not been proven.
6b511360ce2598e1deb986ad52df1981db6e70d11d4357b2353ea14c01410c67Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Silverlight, which can be exploited by malicious people to compromise a user's system.
73b22210df3231f8173b40f05daac8bebce1e960ce3be5c2d564d1b566d25943Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).
e04ce246d1f4789ea33a87894d4cdb1a2dfedf367275b7815aff77c50f972828Secunia Security Advisory - Red Hat has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to disclose certain sensitive information or compromise a vulnerable system.
b654e484fb2fe17573de807256d80a3e692e677b41d841de3d90eccd627ac52dSecunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system.
32b95a29a08e0891177ba0136d57828e7a5d6a9b2dd0bac45e2be92621c51a35Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.
215c25917298206231d8fa3ae5e55aa9d692f49a1b9813874c08e8bcfbe449f7Secunia Security Advisory - A vulnerability has been reported in Microsoft Visio Viewer, which can be exploited by malicious people to compromise a user's system.
10318aa6c588be6ee964bbffd912ec767dd6c14269c063fec7133da827d5c6f2Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
9fe3f56b1b384bfbfa4dce83e61da818762396e24dee114131888abf1e14f0f4Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to bypass certain security restrictions and gain escalated privileges.
021af0b291c512ba86ab27f470b5eef58250a194c59d8a020deaa4fc14d87ce5Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
ea90e76cd4b389bdca6f975e1e601d35339369428f489b08578b2c15b48ef169Secunia Security Advisory - Ubuntu has issued an update for linux-lts-backport-natty. This fixes multiple vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine and malicious, local users to cause a DoS (Denial of Service).
963251f8864f31d57385c89672f28830b367f85b2ade27733884e2e374b9be28Secunia Security Advisory - A vulnerability has been discovered in Serendipity, which can be exploited by malicious people to conduct cross-site scripting attacks.
2dccbe0bd58dba78597f9a5c5d679035f2755865a848364b068c3a9b8692d747Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft .NET Framework, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
c9678451e2dc88c442cd15fbf30333ea2e9939d138ec367b3d9becee270e14a7Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a user's system.
81e5b958a7ecf775d654bf246b2639e9f4109773eaa46c2a6d50ff62345cee85Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system.
21fb7f13a69e3c5e9bee5fa63d501333030da793712a4bbf677f79e5485dfdd0Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Performance Insight, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting and SQL injection attacks.
23ebb442d44d501938a9b90d12063e72b86f231da5c98b21124c400c3f8bbc58
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed