Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
da58b230384d632c52553a0dc4b5256eeaf3ce762c74c6ad7d8fb67893b6ff42UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.
a6a08e41b5947372974aff9b14a2282596f65cf35a007410bc1f76fed9559f49Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.
bf02e9e1d36238740750081701ce2a3c2b498e0a3532ceabfb5c7b2b1318b948Jira version 4.0.1 suffers from a cross site scripting vulnerability.
a089b5e197e692751a2c97611b596e258edd5b8b894ebb0ee35d25a94853d538Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
ba54e9780a47cbb9ac825fb26ba0fcde7c0734880a7eec64089b018ed29a2036Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
f9a9de57b6faceeb2d7116e3bbd81eb59d6cb237692bb06b5afcdb428702f9d2Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability.
c4b5374aef4fafad83d8cf34f59211029acaf54deb05c6b2269c93d7ea737d0aCetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
6f1b7cc690c9fe01ae23a3cdf4588f2d2b60564d3f3c631d51149fa0275d2050Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
29ad95481579f1764c96d5a3b905c173447d7638ad22ab0b3fad3310e1033f40Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
5ed5b03e9a9bfac07541b8affc29df12ce6a114af5ce70de811e350abee24c4cSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
9f637d773e05147f5fddebca47d4f32eaa065525a4713e86117852b4fc62630cSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
79ff156cf917fb691f4b17bdbfad5cb0a6cc061edf41a7bcd72b346f6913a832Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
c8af127dc81e18677064ef66428dd5b8386a0ce6358af637f1bbae03414a1ae4UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18.
976e244165fc9beb273d4e21c954c5135843e2b1fb28d129213c11847fd97471Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities.
8990931df0ebbd576f3d3b513dc714bdbe844c94639806bdeeb8b03de8fc3d32AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities.
8e521695e01449c7661f2cb8f90b185012521a3a3fc71c1f2a2a3040bb131b5fnuBuilder version 10.04.x suffers from a remote file inclusion vulnerability.
50aa0127b4f48063bded2efe72397e46ea8cda4e661102f4751dfdcb7cca99b4Secunia Security Advisory - Red Hat has issued an update for jboss-seam2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
1f66f3b22ebc5b24916bace93266531af9f937ab6d1b8e9bb97a071edca32f8bSecunia Security Advisory - A security issue and a vulnerability have been reported in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
b22c0eeeec3ca2a90ab3f7a2cdda7cd24bfa42913180a5fd00518843a1fd90bbSecunia Security Advisory - A vulnerability has been discovered in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks.
0e594d0c1fc7f38c3ac50fb687688700c06bb431c685d58a36401c57a586782eSecunia Security Advisory - A vulnerability has been discovered in KVIrc, which can be exploited by malicious people to hijack IRC connections.
04f006656d5afdeb39aa80ce20a5b7dc4ed746fecdb8ce2ca287f5bccb32ef2bSecunia Security Advisory - A vulnerability has been discovered in bozohttpd, which can be exploited by malicious people to bypass certain security restrictions.
a7d066c2cc8cefcd25baf8c479852de7fc2da0695f44c4d44e8118728af9f7b0Secunia Security Advisory - A vulnerability has been discovered in nuBuilder, which can be exploited by malicious people to compromise a vulnerable system.
d2e57a39c835ec7678c8fb691abb7d74caf3cb3be3294cc8dcf44f85c8065b0dSecunia Security Advisory - Some vulnerabilities have been reported in hsolinkcontrol, which can be exploited by malicious, local users to gain escalated privileges.
e6b559f8344d03713cee7b6a322e904df7b03a8792335c201193b5cba5bb0c90Secunia Security Advisory - A security issue has been reported in the Front End User Registration extension for TYPO3, which can be exploited by malicious people to bypass certain security restrictions.
2d692ae4f82b8d8c52cab67f895d860df52e1627ef4e68e42fef6197e4a6fa9b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed