This Metasploit module exploits VLC media player when handling a .AMV file. By flipping the 0x41st byte in the file format (video width/height), VLC crashes due to an invalid pointer, which allows remote attackers to gain arbitrary code execution. The vulnerable packages include: VLC 1.1.4 VLC 1.1.5 VLC 1.1.6 VLC 1.1.7.
ad3457b33c1e4c43e6d0a896791081f60a3443611181ae8b714619e73cacfa19This whitepaper is the Linux Exploit Writing Tutorial Part 2 - Stack Overflow ASLR bypass using ret2reg instruction from vulnerable_1.
4c2b149d7ccca25f1acf14efcd2470501e9773535e368a20bb006619476ff363SSL Capable NetCat is just what it sounds like. It's a perl script that works just like netcat but has SSL capabilities.
a20c5c6ad561e60cb6dfad12dfb36badee97f23d2e0d50911d29e98e4b8220d6Encompass Web System CMS suffers from a remote SQL injection vulnerability.
e22b284ffc09d69c8656318d19d2de2b3f687dafc09cd4ba74ff97a186dead8fDebian Linux Security Advisory 2203-1 - This update for the Network Security Service libraries marks several fraudulent HTTPS certificates as untrusted.
06c589ebb8c705b04aed6e21c282fa18b92767991ec117119626088dc5ce9ce1WhatWeb is a next-generation web scanner. It recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 900 plugins, identifies version numbers, email addresses, account ID's, web framework modules, SQL errors, and more. WhatWeb can be stealthy and fast, or thorough but slow. WhatWeb supports an aggression level to control the trade off between speed and reliability.
af1ed088b147290cbc61e4924fb5620a29c2b58032d102fe11e94ae109565ec6VMware Player version 3.1.3 for Windows DLL hijacking exploit.
7fb5257f9aeaec500641d32fc5f0ea1fcb20634cc17f685c7133c941d9bb8c4bVMware Workstation version 7.1.3 for Windows DLL hijacking exploit.
425b2009cd3823d05009e0e458fccc46224cba2cb796d543089a94a11a3c9562MAGIX Music Editor version 3.0 DLL hijacking exploit.
9d83f28972eacc87720ea098b4f45ad28ab5012805bbe7b460d6f3982b9112e0MAGIX Movie Edit Pro 16 Plus version 9,0,0,55 DLL hijacking exploit.
0305c0e78141b6749f3c4bcb881b5c3803f9202b20d3fb553d0cad8ad5b7b49cUltraISO Premium Edition version 9.3.6 DLL hijacking exploit.
44c4dab3fa6a46bb19dd07e6b3f93c7bcbd94285a85fb7b7a2489930e6fdc3f1Secunia Security Advisory - A vulnerability has been reported in HP MFP Digital Sending Software, which can be exploited by malicious, local users to bypass certain security restrictions.
05cd07c367a4b3ae53927ef0478e19756f3e0c3aa1e1dda411978b1e7c7a70a5Secunia Security Advisory - Red Hat has issued an update for libtiff. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
d3a0b924674ec7270e25bae94b5a301c1c19719fd30deca949a29b5338f62805Secunia Security Advisory - SUSE has issued an update for kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system and sensitive information and gain escalated privileges and by malicious, local users and malicious people to cause a DoS (Denial of Service).
b80880d94a1acb2c47b5c8ae66caa98034a862520fb7c0b8dfff0f22dd07e707Secunia Security Advisory - A vulnerability has been reported in Google Picasa, which can be exploited by malicious people to compromise a user's system.
741cff1d789e245b3c369348bb9aea2e1705f5dbb49a039b260dfed546ef6912Secunia Security Advisory - Two vulnerabilities have been discovered in ClanSphere, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
a6aa3a5119c58947d28e9926d20a08c1411a95df84d31d57540c55b0de89a096Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
037eb30fe40d79880c078a0e1e7c21860518c5425fd7f3169145f3a9c7c6f6c8Secunia Security Advisory - A vulnerability has been discovered in Avaya IP Office Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
26cb8ac73b5607f4180ea1146be07c0dec18e089eb1ca1819c9d6fe6f079546bSecunia Security Advisory - Two vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
366e0e20b1e7dd6807204c173858dc81118194c948f53cb5eb1293438db7db4cSecunia Security Advisory - A security issue has been reported in Python, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
145af6eda74968987ffc91d8753e68982f1cf47883700a70691550ec85fd71e4Secunia Security Advisory - A security issue has been reported in Python, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
371dfd49a88d777bbfd9e8b3f76212c885fc7795b87969fedd7d6200b7d84f53Secunia Security Advisory - AbdulAziz Hariri has discovered a vulnerability in various Citrix products, which can be exploited by malicious people to cause a DoS (Denial of Service).
7b3f07c3c204a3e66b31b99f4ddfb7b6e1b265754ebb3110f6874c005d11a44cSecunia Security Advisory - Some vulnerabilities have been discovered in SyndeoCMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
d443c1873d09b0b42bc225de465415a0a70056f4d6c91dc268308d4a40ee0dd1Secunia Security Advisory - daveb has reported a vulnerability in loggerhead, which can be exploited by malicious users to conduct script insertion attacks.
82fa3b31763136d679cfc9df5fd32d8ee0d4e0426f7f1febf204f9790170ca7dThis is a whitepaper discussing the risk associated with the privacy of your data on Facebook.
1c7324957e7d7c62de38033fa300af904e3fd13b9fd83df2b808ba22aedd9a41
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed