Secunia Security Advisory - Will Dormann has reported multiple vulnerabilities in the acpRunner ActiveX control, which can be exploited by malicious people to compromise a user's system.
27a0809360bdacf42b6aa107549474b18510699f9e7bfa07d0c2e82f87c74609
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in multiple irssi music announcement scripts, which can be exploited by malicious people to bypass certain security restrictions.
c24fd2f3ab21f00551320c0086706f435ff8135c66f96ea6f38d07766a2b2183
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in xmms-thing, which can be exploited by malicious people to bypass certain security restrictions.
70c6d7a6d75088c45fcd43cf24a6c3483d84965c68d12020406db04460e9b63c
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in XMMS Remote Control Script, which can be exploited by malicious people to bypass certain security restrictions.
d5b38faec7b1023e002fdbcfec5f7cda596e38456234159a2e819da1ed36b029
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in Disrok, which can be exploited by malicious people to bypass certain security restrictions.
dd1426a594f928898f2f00b34b78562af2a2381a0e482d156bcf65cf4b713298
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in a2x, which can be exploited by malicious people to bypass certain security restrictions.
0ba287c80d0611cb4ad49ef7dacedbf59c17853258b2be7a45cba5c83980a8ed
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in Another xmms-info script, which can be exploited by malicious people to bypass certain security restrictions.
fd2fd68b1bd5c7654c4ee0502b56bd943697350fd4af99820c8a1fd48599279e
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in xmms.bx, which can be exploited by malicious people to bypass certain security restrictions.
557d65d3473bc4a54ff52374d7fc3e2f63ef470a3629ce4eb3f47ff5dbd2bf3e
Secunia Security Advisory - Wouter Coekaerts has reported a vulnerability in xmms.pl, which can be exploited by malicious people to bypass certain security restrictions.
49372fa31213dbbc629caebfee8c63070864ed62aa30c06615ceb9b768d7ffa9
Secunia Security Advisory - Wouter Coekaerts has discovered a vulnerability in Advanced mIRC Integration Plugin, which can be exploited by malicious people to bypass certain security restrictions.
52707b7e91ce6cf780f8e2f22ccc962db4d8d64af122439955ae698e48eefd84
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
1e8deb3be83198f6102ea2cfa87c324f6fa31399e90dffd2f0e3b56d0ac9ab6f
Gentoo Linux Security Advisory GLSA 200708-09 - Mozilla developers fixed several bugs, including an issue with modifying XPCNativeWrappers, a problem with event handlers executing elements outside of the document, and a cross-site scripting (XSS) vulnerability. They also fixed a problem with promiscuous IFRAME access and an XULRunner URL spoofing issue with the wyciwyg:// URI and HTTP 302 redirects. Denials of Service involving corrupted memory were fixed in the browser engine and the JavaScript engine. Finally, another XSS vulnerability caused by a regression in the CVE-2007-3089 patch was fixed. Versions less than 2.0.0.6 are affected.
764eb18f274a13a2519a59558d5e3a6de627854283160fa729985a477c6ca6a8
iDefense Security Advisory 08.14.07 - Remote exploitation of a buffer overflow vulnerability within Microsoft Corp.'s XML Core Services may allow an attacker to execute arbitrary code in the context of the current user. The vulnerability specifically exists in incorrect checking being performed on the length argument to the substringData() method of an XMLDOM object. When certain length values are supplied, a large region of memory is copied into a buffer of insufficient size. iDefense confirmed the existence of this vulnerability using Internet Explorer 6.x on Windows XP SP2. It is suspected that other versions are also affected.
f9bcf5ae6ba542ea3738f635fd826735147768f8c106723ed5723ad418e549e8
iDefense Security Advisory 08.14.07 - Remote exploitation of a Cross Site Scripting (XSS) vulnerability in the Windows Vista Sidebar RSS Gadget allows an attacker to execute arbitrary code with the privileges of the logged in user. The vulnerability exists within the parsing of the certain elements of the items in an RSS feed. A properly crafted HTML tag within these elements will not be removed, and will be rendered by the RSS gadget. Since the RSS gadget runs in the local zone, the injected JavaScript has full access to the system. iDefense has confirmed the existence of this vulnerability in Microsoft Windows Vista Business. Other versions are suspected to be vulnerable.
b72e8982684f82bb2ef8f850fc5b1d27c583c8eb479eac82601e2686a3b3bac8
Zoidcom versions 0.6.7 and below proof of concept exploit that demonstrates a crash vulnerability.
138fd40e2de6eb84ad1259c781269ae1077d0bedea7a2ecaa48a56bea5fe28a1
Zoidcom versions 0.6.7 and below suffer from a denial of service vulnerability.
6c64dd688249e42705afcfe0d02685cc9c5a4d9fc2fcd6aecc882c6d0119dcb7
Babo Violent 2 versions 2.08.00 and below proof of concept exploit that demonstrates multiple vulnerabilities.
bd1d92a75ce86e15b8e3df93845f1ad8307b2d173d06b3178b1ed0ea01de1ad3
Babo Violent 2 versions 2.08.00 and below suffer from multiple vulnerabilities.
0f461d45f7c3f8e045742f3dfc0c3e6cc5a393c4bc4a8ac951f0dba55b58dfec
Live For Speed versions 0.5X10 and below proof of concept exploit that demonstrates buffer overflow vulnerabilities.
0c6a89beb4a07b95ba34a7e6422d06439298f78de9f2f3aeece9e5828367709a
Live For Speed versions 0.5X10 and below suffer from multiple buffer overflow vulnerabilities.
35c0c543c662e582655aab6f86cbb8576f08030cb8f3b86b10bea4e9f91c20ef
Vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of multiple Hewlett-Packard (HP) OpenView products, including: Performance Manager, Performance Agent, Reporter, Operations, Operations Manager, Service Quality Manager, Network Node Manager, Business Process Insight, Dashboard and Performance Insight. Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the OpenView Shared Trace Service. A service that is distributed with multiple products as ovtrcsvc.exe and OVTrace.exe. The vulnerable service may be found bound to TCP port 5053 (ovtrcsvc.exe) or TCP port 5051 (OVTrace.exe). Specially crafted data through opcode handlers 0x1a and 0x0f can result in arbitrary code execution under the context of the SYSTEM user.
0f9b632a8194e66912be70699b2b63b542bb327aadc02228f6f4671e2435c7ca
Mandriva Linux Security Advisory - Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause koffice to crash and possibly execute arbitrary code open a user opening the file.
89d31e8182e9110ed0b5a04a58b70de50193fa8afed54c84c98aff2c0e8b3f6d
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of various Microsoft software User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the substringData() method available on the TextNode JavaScript object. When specific parameters are passed to the method, an integer overflow occurs causing incorrect memory allocation. If this event occurs after a different ActiveX object has been instantiated, an exploitable condition is created when the ActiveX object is deallocated which can result in the execution of arbitrary code.
5202e811d0539734ae0470c1dbc3cfe7e806c8cf6e41bc61351a1e7df01420e8
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists while decompressing skin files (.WMZ and .WMD) with malformed headers. During this process the malformed values are used to improperly calculate data which can later allow an attacker to execute code under the rights of the current user.
fd124b4813e7b30490ec09a758f257012e9680c1e061030a378bc39967915936
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed skin files (WMZ). A size compressed / decompressed size mismatch can result in an under allocated heap buffer which can be leveraged by an attacker to eventually execute arbitrary code under the context of the current user.
b1220ae8595b89a835ea943c02322c926f4b05d24b18cc55feca92be395049d8