iDefense Security Advisory 05.08.07 - Remote exploitation of an integer overflow vulnerability in the IMAP service of Microsoft Exchange 2000 could allow a remote attacker to crash all running Exchange services and other services in the same process. The vulnerability specifically exists in code responsible for reading of literals in the IMAP4 service. When the IMAP4 service encounters a specially crafted literal, it fails to properly process it. An access violation occurs causing an unhandled exception that terminates the process. iDefense confirmed the existence of this vulnerability in Microsoft Exchange 2000 with Service Pack 3.
fced1ee1ae6edabb2f453b8dea3d929f5b5acd4a65d224dfbf4d2976fa6ca9cbiDefense Security Advisory 05.08.07 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Word could allow attackers to execute arbitrary code under the privileges of the target user. This vulnerability specifically exists in the handling of property strings of certain control words in an RTF document. In certain circumstances, these property strings can be written into a memory region which has already been deallocated and heap corruption can occur. iDefense has confirmed that winword.exe file version 11.0.8106.0, as included with a fully patched Microsoft Word 2003 SP2, is vulnerable. Previous versions of Microsoft Word are also likely to be affected.
46ec72415e834b6a52d6a15c148a41952e7fb608dc242fbd831554d99fec6755iDefense Security Advisory 05.08.07 - Remote exploitation of an input validation error in the handling of AutoFilter records in Excel BIFF8 format spreadsheet files by Microsoft Corp.'s Excel 2003 could allow an attacker to execute arbitrary code in the context of the current user. The AutoFilter feature of Excel allows data not matching a specified criteria to be filtered out. By creating a document containing a specially crafted filter record, an attacker is able to cause an invalid memory access leading to arbitrary code execution. iDefense has confirmed Microsoft Excel 2003 is vulnerable. Previous versions are also likely to be affected. Excel 2007 does not appear to be vulnerable.
75710def3d9c5022a17b416ac6a211ffd7e4f5fb82a2f997d69c714db1c01853iDefense Security Advisory 05.09.07 - Remote exploitation of a design error vulnerability in an ActiveX control installed by Symantec Norton Internet Security 2006 could allow for the execution of arbitrary code. Defense confirmed the existence of this vulnerability within version 12.2.0.13 of NavOpts.dll as distributed with Norton Internet Security 2006. Prior versions are suspected to be vulnerable.
c8fe898519159f7cbf84384ab6a00699f5a7103b95f426b56c623aa0a9ba5be8Mandriva Linux Security Advisory - A vulnerability in ISC BIND 9.4.0, when recursion is enabled, could allow a remote attacker to cause a denial of service (daemon exit) via a certain sequence of queries.
851097b8174d40756fa235d46c6fee77e74ad0b21fc5c7e8ce788434d2328e15Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco IOS File Transfer Protocol (FTP) Server feature. These vulnerabilities include Denial of Service, improper verification of user credentials and the ability to read or write any file in the device's filesystem, including the device's saved configuration, which may include passwords or other sensitive information.
bb629cc0f8cd6483cf3f0a652a7c237dc6826aac766a610a99377f5d35474702Microsoft's Terminal Server on Windows 2003 Server with all of the current service packs fails to enforce its own settings.
8798b9bc51b7d84c7da9fb7f5b4f9eba6130b48b4e845424495701e089d46febSEC Consult Security Advisory 20070509-0 - The Nokia Intellisync Mobile Suite is susceptible to cross site scripting, source code disclosure, and denial of service vulnerabilities. Details provided. Versions known vulnerable include 6.4.31.2, 6.6.0.107, and 6.6.2.2.
51a25ba5752d84a5e2041a75ccb577608b5f1dc5ff208d33097a57a267d97907BarCodeWiz ActiveX control version 2.5.2 stack overflow SEH overwrite exploit.
0eb38f8fe8dd7209823e7270c1808535e77f9594182dcbbf1f5343be0a6f83bfSienzo Digital Music Mentor version 2.6.0.4 SetEvalExpiryDate Method stack overflow EIP overwrite exploit.
eb97560adc32501de136b416f83c9bf1bd0ba200235eeffee79cdb81ff631494Sienzo Digital Music Mentor version 2.6.0.4 SetEvalExpiryDate Method stack overflow SEH overwrite exploit.
ecb37fb01a9f7b4011663353a57645b32ed5999c33eaaeec83786ec68ea9f317IncrediMail IMMenuShellExt ActiveX control buffer overflow exploit.
0caeeb709f7fcad8787ad22dbfcaebe4011fd0b2233aed799dd3a5ce3a3bae32Taltech Tal Bar Code ActiveX control buffer overflow exploit.
97b63468ef7f63fb20b3d594b516701c4bfc51030d9cfeeecf4e6b6aafa2be32Gimp version 2.2.14 .RAS file download/execute buffer overflow exploit for Win32.
f23a1c715a3e3479ff3d05505b8d8ae918555dc43052d7036b7bb28930137d15TutorialCMS versions 1.00 and below remote SQL injection exploit that makes use of search.php.
10622078881d7b7ec5d83c62b36aa4491504e5142aa7eb8f8756ac7f69bf69f0SimpleNews versions 1.0.0 FINAL and below remote SQL injection exploit that makes use of print.php.
9a731b99e77f334123a5d3f6f10e6abc09264a71745e3ad70c159261fc0faf7eaForum versions 1.32 and below suffer from remote file inclusion vulnerabilities.
3ea3d0fdcd3e98186b1741d0eaff86de28085c85e32c9258026e2cb598e9fd5eMiplex2 suffers from a remote file inclusion vulnerability in SmartyFU.class.php.
43e5aa22f993e8084b4dae9acc29223df9fee5801f0a43657043dfe8ecadb05ftelltarget versions 1.3.3 and below suffer from remote file inclusion vulnerabilities.
0bbc1c2793a4ec3bb2ae7ce9f90a69abc2dd55cd5f722248a05d0bbd88ec4754phpMyPortal version 3.0.0 RC3 GLOBALS[CHEMINMODULES] remote file inclusion exploit.
dfde14a67e2860d59250d6bd29b8c60862dc1a1a60864b7c884b81ee16e20407GNUEDU version 1.3b2 suffers from remote file inclusion vulnerabilities.
025dd154db6bba2b16506659365d6ed9b406b21a6e5d3812895d841e4cb5104cPHPLojaFacil version 0.1.5 suffers from a remote file inclusion vulnerability.
99f0a21b853b653a1602d803b259e81c570ed0466970966d2638631df466ead8CGX 2005-03-14 suffers from remote file inclusion vulnerabilities.
36a9ae0b34d90c62de43263cdb01a101ec2dfbfc8202544adbf611356321f131LaVague versions 0.3 and below suffer from a remote file inclusion vulnerability in printbar.php.
6dbd6304b7c3f5850b1aafc758d3784f4076a7b56c905e8b9120f2c28816826eMcAfee VirusScan version 10.0.21 ActiveX control stack overflow proof of concept exploit.
07d2a305772dccd03612fcd54a7f1483122409b1af7b1a61c203ae312498355b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed