Radius Manager version 3.8.0 suffers from a cross site scripting vulnerability.
849ce4124b8868d4964c836f3f0fe5032b8b695ec1975c135f686eb55ae4a79cEmbedded Video WordPress Plugin suffers from a cross site scripting vulnerability.
e878442fc4101ed9c5163d489e152cacbae8369a6daf6621de5c5f33a5a44380The Apple QuickTime player does not properly parse .fpx media files, which causes a memory corruption by opening a malformed file with an invalid value located in PoC repro.fpx at offset 0x49. Tested vulnerable are versions 7.6.8 (1675) and 7.6.6 (1671).
facb84d8419ffcf0bba2fe7f89e1f2ae1bc160d4a44a1f04b6c7f18419579e90Whitepaper called Heap Taichi: Exploiting Memory Allocation Granularity in Heap-Spraying Attacks.
5d81db54a8c1cb8adde0d3a9a3232376c7e10413b9da9189fa92a35fc83d1d8cGentoo Linux Security Advisory 201012-1 - Multiple vulnerabilities have been reported in Chromium, some of which may allow user-assisted execution of arbitrary code. Versions less than 8.0.552.224 are affected.
843dc252afb33ba84e4493131801ac4527c15a6f2ca5881fceb4574014d0fac1Microsoft Windows Win32k pointer dereference proof of concept exploit that leverages the vulnerability noted in MS10-098.
88c0d56f4f9ce474815203874c072f79800b80461abd432eb2320a32dcce001aAlt-N WebAdmin version 3.3.3 suffers from a remote source code disclosure vulnerability. Also affected is U-Mail for Windows version 9.8 and U-Mail GateWay for Windows version 9.8.
463f4e8bc5d27ae0d0f91b4239888aabb80818473f98de5f45f4248aebf01d9cRTShop version 2.0 suffers from a remote SQL injection vulnerability.
68881dd1dd976189c619312cc6063d18f08f91ea6852c6fb8cf579a5781e565fEasy Online Shop suffers from a remote SQL injection vulnerability.
929e1833d696babaf764b9636f9b287f2b6d22a62944354286c5b2ef14e41776Immo Makler Script suffers from a remote SQL injection vulnerability.
f0472473d06efe5aaa8307fe6e2d182febd90e51cbdddc45877ce76d3ebf816cSocial Share suffers from multiple cross site scripting vulnerabilities.
8ccd8a654a1fc3b0182a14d032cef3fd9d0ffe57ed38687342c7625848f4d43dD-Link DIR-300 suffers from a cross site request forgery vulnerability.
4dd65f1f47ca740636fa5722f23e5b9764ea3b4b1e59312db89281f84927d9d6Softbiz PHP Joke Site suffers from multiple remote SQL injection vulnerabilities.
08a18a40e33b971a6ef2b83008df97a498d3b419e05c54756c46be30f4228fa6CubeCart version 3.x suffers from a shell upload vulnerability.
d64ed04b4a12fabd4c0382a28464f89b382faf2a2d17800ae9a3a49b8dd9012cMHP Downloadshop suffers from a remote SQL injection vulnerability.
75fa8fd6ae9fef0f7ef75d9790e2c22d2c6c62d9e5288e30692da41309dff2dcPHP ID Page suffers from a remote SQL injection vulnerability.
326e1bc0a437f5842d9d703c87f7d2da0bccd9b7e97f2bcd646b29499cf5b52aPaliz Portal suffers from a cross site scripting vulnerability.
fce37699b0b8289e4697097ade67500a36942965344055e9005984a233a4b114ESTsoft ALYac Anti-Virus 1.5 versions 5.0.1.2 and below local kernel mode privilege escalation exploit.
3f2ad9346053fe68522b374ee5555a7073ebc22d57e5e70dd6876d32348fda11ViRobot Desktop version 5.5 and Server version 3.5 local kernel mode privilege escalation exploit.
43b2f4d9655eba5b3ad8440b6a03d204684557b7a8a87dc810c8ac66864da14cNProtect Anti-Virus 2007 versions 2010.5.11.1 and below local kernel mode privilege escalation exploit.
7aa3139aa141fd361b9e82cc2ef15b355832b22280cf778db25220451462bc33AhnLab V3 Internet Security versions 8.0.3.28 and below local kernel mode privilege escalation exploit.
f88b271f50becd28f0e4c69664d429db408ede575ed745aea9362f6b33b6e6f0This tarball was discovered on a compromise Debian Lenny host after it was compromised via the recent remote root Exim vulnerability. It includes binaries such as the MIG logcleaner, backdoored versions of top, uptime, free, pgrep and more. Please note that a thorough analysis of these binaries has not been performed and they must be considered unsafe and untrustworthy. Only use the enclosed contents for research purposes. Further details regarding this rootkit can be obtained via the reddit site link.
6a324fcebd39bee3df601a2c0bae779d4238f227c025bef29ca33382ddbcd665Apple Security Advisory 2010-12-16-1 - Multiple vulnerabilities have been addressed in Time Capsule and the Airport Base Station.
19e1b60ec22923c32fb00988fef5c6e725dba382d2956765668f49e98ef707a3Mandriva Linux Security Advisory 2010-257 - The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service via a crafted exec system call, a related issue to CVE-2010-2240. drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. Various other issues have been addressed as well.
1e230666cbb1fc66c91156a8035fbdbdaca4fbe40c2a8ed95fd1ecd43722fa30
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed