9454 matches found
FreeBSD : xv -- exploitable buffer overflows (fffacc93-16cb-11d9-bc4a-000c41e2cdad)
In a Bugtraq posting, infamous41mdathotpop.com reported : there are at least 5 exploitable buffer and heap overflows in the image handling code. this allows someone to craft a malicious image, trick a user into viewing the file in xv, and upon viewing that image execute arbitrary code under...
FreeBSD : pound remotely exploitable vulnerability (fb521119-9bc4-11d8-9366-0020ed76ef5a)
An unknown remotely exploitable vulnerability was disclosed. Robert Segall writes : a security vulnerability was brought to my attention many thanks to Akira Higuchi. Everyone running any previous version should upgrade to 1.6 immediately - the vulnerability may allow a remote exploit. No exploit...
Norton Ghost Support Module Denial Of Service
----------------------------------------------------------------------------------------- Norton Ghost Support module for EasySetup wizard Remote DoS/Arbitrary code execution? url: http://www.symantec.com/ Author: shinnai mail: shinnaiatautisticidotorg site: http://www.shinnai.net/ File:...
Phorum < 5.2.10 Cross-Site Scripting/Request Forgery
=cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =Phorum 5.2.10 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: Phorum 5.2.10 Cross-Site Scripting/Request Forgery Advisory ID: VUDO-2009-1504 Advisory URL:...
Oracle plugs critical database server holes
Oracle has released the first Critical Patch Update for 2009 to provide fixes for at least address 43 vulnerabilities across several database server products. The mega update oracle.com, released on the same day Microsoft released its own security patches, plugs at least 16 holes in the company’s...
net2ftp <= 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities
No description provided by source. =cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =net2ftp = 0.97 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: net2ftp = 0.97 Cross-Site Scripting/Request Forgery Advisory ID:...
net2ftp <= 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities
Exploit for linux platform in category remote exploits ==================================================================== net2ftp = 0.97 Cross-Site Scripting/Request Forgery Vulnerabilities ==================================================================== / / / / // / / // / o / / .-/ =net2f...
net2ftp 0.97 - Cross-Site Scripting Request Forgery
net2ftp 0.97 - Cross-Site Scripting Request Forgery =cicatriz ==advisories= / / / / // / / // / o / / .-/ =net2ftp = 0.97 Cross-Site Scripting/Request Forgery==/= == =Advisory & Vulnerability Information=== Title: net2ftp = 0.97 Cross-Site Scripting/Request Forgery Advisory ID: VUDO-2009-0804...
Amaya 11.1 XHTML Parser Buffer Overflow
=cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =Amaya 11.1 XHTML Parser Buffer Overflow==/= == =Advisory & Vulnerability Information=== Title: Amaya 11.1 XHTML Parser Buffer Overflow Advisory ID: VUDO-2009-0104 Advisory URL:...
Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)
Amaya 11.1 - XHTML Parser Remote Buffer Overflow PoC =cicatriz ==advisories= / / / / // / / // / o / / .-/ =Amaya 11.1 XHTML Parser Buffer Overflow==/= == =Advisory & Vulnerability Information=== Title: Amaya 11.1 XHTML Parser Buffer Overflow Advisory ID: VUDO-2009-0104 Advisory URL:...
Amaya 11.1 XHTML Parser Remote Buffer Overflow PoC
No description provided by source. =cicatriz [email protected]==advisories= / / / / // / / // / o / / .-/ =Amaya 11.1 XHTML Parser Buffer Overflow==/= == =Advisory & Vulnerability Information=== Title: Amaya 11.1 XHTML Parser Buffer Overflow Advisory ID: VUDO-2009-0104 Advisory URL:...
Amaya 11.1 - XHTML Parser Remote Buffer Overflow (PoC)
=cicatriz ==advisories= / / / / // / / // / o / / .-/ =Amaya 11.1 XHTML Parser Buffer Overflow==/= == =Advisory & Vulnerability Information=== Title: Amaya 11.1 XHTML Parser Buffer Overflow Advisory ID: VUDO-2009-0104 Advisory URL: http://research.voodoo-labs.org/advisories/2 Date founded:...
Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting
Sun Calendar Express Web Server - Denial of Service Cross-Site Scripting Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Multiple vulnerabilities in Sun Calendar Express Web Server 1. Advisory Information Title: Multiple vulnerabilities in Sun Calendar Express...
FreeBSD -- remotely exploitable crash in OpenSSL
Problem Description The function ASN1STRINGprintex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. Impact An application which attempts to print a BMPString or UniversalString which has an invalid length will crash as a result of...
HP OpenView Buffer Overflows
Advisory ID Internal CORE-2009-0122 1. Advisory Information Title: HP OpenView Buffer Overflows Advisory ID: CORE-2009-0122 Date published: 2009-03-23 Date of last update: 2009-03-19 Vendors contacted: Hewlett-Packard Release mode: Coordinated release 2. Vulnerability Information Class: Buffer...
reporting CVE
Hello, CVE-2005-2573 is reported for MySQL 4.1.x before 4.1.13 and MySQL 5.0 before 5.0.7. However. I tested this vulnerability in MySQL 5.0.51a on Windows xp sp2, and found this version vulnerable too. According to CVE-2008-4098, that is reported because of an incomplete fix for CVE-2008-4097, i...
Team SHATTER Security Advisory: SQL Injection in Oracle Enterprise Manager (TARGET Parameter)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager TARGET Parameter January 29, 2009 Risk Level: Medium Affected versions: Oracle Enterprise Manager 10g Grid Control 10.2.0.4 and previous patchsets Remote exploitable: Yes...
Team SHATTER Security Advisory: Oracle Database Buffer Overflow in SYS.OLAPIMPL_T.ODCITABLESTART
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Advisory Oracle Database Buffer Overflow in SYS.OLAPIMPLT.ODCITABLESTART January 29, 2009 Risk Level: High Affected versions: Oracle Database Server version 9iR2 Remote exploitable: Yes Authentication to Database Server is needed...
CORE-2008-1009 - VNC Multiple Integer Overflows
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ VNC Multiple Integer Overflows 1. Advisory Information Title: VNC Multiple Integer Overflows Advisory ID: CORE-2008-1009 Advisory URL:...
VNC Multiple Integer Overflows
1. Advisory Information Title: VNC Multiple Integer Overflows Advisory ID: CORE-2008-1009 Advisory URL:http://www.coresecurity.com/core-labs/advisories/vnc-integer-overflows Date published: 2009-02-03 Date of last update: 2009-02-03 Vendors contacted: UltraVNC, TightVNC Release mode: Coordinated...