ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability

ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-296 October 26, 2011 -- CVE ID: CVE-2011-2438 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Reader --...

Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image...

Encipher It : Easiest Browser based Advanced Encryption Tools [Video Demonstration]

Encipher It : Easiest Browser based Advanced Encryption Tools Video Demonstration "Encipher It" One of the best and easiest AES Text encryptor for Google Mail or anything else. It Provide more secure PBKDF2 Password-Based Key Derivation Function key generation. It use Advanced Encryption Standard...

Windows Gather FTP Navigator Saved Password Extraction

This module extracts saved passwords from the FTP Navigator FTP client. It will decode the saved passwords and store them in the database. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Window...

CVE-2011-3692

NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...

Information disclosure

NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...

CVE-2011-3692

NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...

CVE-2011-3692

CVE-2011-3692 affects NetSaro Enterprise Messenger Server 2.0. The issue is information disclosure: the product stores cleartext console credentials in configuration.xml, allowing local users to read the file and decode credentials via base64. The NVD entry lists a low severity (CVSS v2 base scor...

qt4 security update

4.2.1-1.1 - Resolves: 737815, qt/harfbuzz buffer overflow, CVE-2011-3193 - Resolves: 234633, UTF-8 overlong sequence decoding vulnerability, CVE-2007-0242...

Wireshark 1.4.9 & Wireshark 1.6.2 updated version released

Wireshark 1.4.9 & Wireshark 1.6.2 updated version released Wireshark is the world's most popular network protocol analyzer. It is used for troubleshooting, analysis, development, and education. The following bugs have been fixed: configure ignores partially LDFLAGS. Bug 5607 Build fails when it...

libavcodec / FFmpeg / MPlayer buffer overflow

Buffer overflow in CAVS decoding...

Windows Gather Internet Download Manager (IDM) Password Extractor

This module recovers the saved premium download account passwords from Internet Download Manager IDM. These passwords are stored in an encoded format in the registry. This module traverses through these registry entries and decodes them. Thanks to the template code of theLightCosine's CoreFTP...

Windows Gather IPSwitch iMail User Data Enumeration

This module will collect iMail user data such as the username, domain, full name, e-mail, and the decoded password. Please note if IMAILUSER is specified, the module extracts user data from all the domains found. If IMAILDOMAIN is specified, then it will extract all user data under that particula...

broadcast-listener NSE Script

Sniffs the network for incoming broadcast communication and attempts to decode the received packets. It supports protocols like CDP, HSRP, Spotify, DropBox, DHCP, ARP and a few more. See packetdecoders.lua for more information. The script attempts to sniff all ethernet based interfaces with an IP...

CentOS Update for cups CESA-2009:0428 centos3 i386

Check for the Version of cups OpenVAS Vulnerability Test CentOS Update for cups CESA-2009:0428 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for gstreamer-plugins CESA-2009:0270 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for gstreamer-plugins-good CESA-2009:1123 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for blender MDVSA-2011:114 (blender)

Check for the Version of blender OpenVAS Vulnerability Test Mandriva Update for blender MDVSA-2011:114 blender Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Linux Security Advisory : blender (MDVSA-2011:114)

Multiple vulnerabilities have been identified and fixed in blender : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

Double nibble URI decoding XSS Vulnerability on EC Council website

Double nibble URI decoding XSS Vulnerability on EC Council website What EC Council is ? They offers certifications in certified ethical hacker ceh, Computer Security, network security, internet security program and computer forensics and penetration testing. Information Security, Ethical Hacking,...