2007-07-20 - n.runs-SA-2007.016 - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2007.016 20-Jul-2007 Vendor: ESET, http://eset.com Affected Products: ESET NOD32 Antivirus Vulnerability: Arbitrary Code Execution remote Risk: HIGH Vendor communication: 2007/05/07 Initial notification to ESET 2007/05/07 ESET Response...

ASA-2007-014: Stack buffer overflow in IAX2 channel driver

Asterisk Project Security Advisory - ASA-2007-014 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Stack buffer overflow in IAX2 channel driver |...

Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD (DB12)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Alert Update Oracle Database Buffer overflows and Denial of service vulnerabilities in public procedures of MDSYS.MD DB12 Jan 18, 2007 Updated July 18th, 2007 Risk Level: High Affected versions: Oracle Database Server versions 8i...

Oracle Database Buffer overflow vulnerabilities in procedure DBMS_DRS.GET_PROPERTY (DB03)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Team SHATTER Security Alert Update Oracle Database Buffer overflow vulnerabilities in procedure DBMSDRS.GETPROPERTY DB03 Jan 18, 2007 Updated July 18th, 2007 Risk Level: Medium Affected versions: Oracle Database Server versions 9i, 9iR2, 10gR1 and 10g...

EEYE: Microsoft Publisher 2007 Arbitrary Pointer Dereference

Microsoft Publisher 2007 Arbitrary Pointer Dereference Release Date: July 10, 2007 Date Reported: February 16, 2007 Severity: High Remote Code Execution Vendor: Microsoft Vendor Software Affected: Microsoft Office 2007 Small Business Microsoft Office 2007 Professional Microsoft Office 2007 Ultima...

SAP Internet Communication Framework (BC-MID-ICF) Vulnerability

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: Internet Communication Framework BC-MID-ICF Vendor: SAP Subject: Multiple XSS, HTML Injection Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler [email protected] Date: June, 17th 2007 Introduction: -------------...

[EXPL] Microsoft Windows XVoice.dll and Xlisten.dll Buffer Overflow (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow

CSIS Security Group has discovered a remote exploitable arbitrary overwrite, in the Blue Coat K9 Web Protection local Web configuration manager on 127.0.0.1 and port 2372. This allows an attacker to perform at least a Denial of Service condition, on the usage of internet. Since the overflow can...

CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code onvulnerable installations of various Computer Associates products. The specific flaw exists within the processing of an improperly defined "coffFiles" field in .CAB archives. Large values result in an unbounded data copy...

UltraISO <= 8.6.2.2011 (Cue/Bin Files) Local Buffer Overflow PoC

No description provided by source. !/usr/bin/perl Credit:To n00b for finding this bug and writing poc. Ultra ISO stack over flow poc code. Ultra iso is exploitable via opening a specially crafted Cue file..There is A limitation that the user must have the bin file in the same dir as the cue file...

Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...

CVE-2007-2056

Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files aka "time-of-check-time-of-use file race". NOTE: the researcher has retracted the original advisory, stating that "th...

Oracle Database Buffer overflow vulnerabilities in package DBMS_SNAP_INTERNAL

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Oracle Database Buffer overflow vulnerabilities in package DBMSSNAPINTERNAL Risk Level: Medium Affected versions: Oracle Database Server versions 8i, 9i and 10gR1 Remote exploitable: Yes Authentication to Database Server is needed Credits: This...

CVE-2007-2148

Direct static code injection vulnerability in admin/save.php in Stephen Craton aka WiredPHP Chatness 2.5.3 and earlier allows remote authenticated administrators to inject PHP code into .html files via the html parameter, as demonstrated by head.html and foot.html, which are included and executed...

CVE-2007-2082

Direct static code injection vulnerability in admin/settings.php in MyBlog 0.9.8 and earlier allows remote authenticated admin users to inject arbitrary PHP code via the content parameter, which can be executed by accessing index.php. NOTE: a separate vulnerability could be leveraged to make this...

Kerberos 1.5.1 - Kadmind Buffer Overflow

Kerberos 1.5.1 - Kadmind Buffer Overflow Kerberos Version 1.5.1 Kadmind Remote Root Buffer Overflow Vulnerability The Issue: Remotely exploitable buffer overflow vulnerability in Kerberos kadmind service The Versions: krb5-1.5.1 Latest version from http://eb.mit.edu/Kerberos/ krb5-server-1.4.3-5....

ssfree-rfi.txt

By Hasadya Raed Contact : [email protected] Israel ----------------------------------------- Script : Shop-SCRIPT FREE Dork : "Copyright c 2004 Articus consulting group. All rights reserved" ----------------------------------------- B.Files : smartyclass.php ---------------------------------------...

CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability

Shirkdog Security Advisory SHK-004 Title: ------ Computer Associates CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability Description of Application: --------------------------- http://www3.ca.com/solutions/ProductFamily.aspx?ID=115 Brightstor ARCserv Backup provides a complete, flexible a...

CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit

Exploit for unknown platform in category remote exploits ================================================================ CA BrightStor Backup 11.5.2.0 Mediasvr.exe Remote Code Exploit ================================================================ !/usr/bin/python Computer Associates CA...

Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01

Buffer Overflow in InterVetions' NaviCopa HTTP server 2.01 While developing one of our advanced security training modules, we identified a remotely exploitable buffer overflow vulnerability in the latest release of InterVetions' HTTP server NaviCopa 2.01. Successful exploitation of this...