Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption

Added: 06/19/2011 CVE: CVE-2011-2217 BID: 48099 Background Tom Sawyer Software produces a variety of data visualization, layout, and analysis tools. Problem Certain ActiveX controls in tsgetxu71ex552.dll and tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client...

Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption

Added: 06/19/2011 CVE: CVE-2011-2217 BID: 48099 Background Tom Sawyer Software produces a variety of data visualization, layout, and analysis tools. Problem Certain ActiveX controls in tsgetxu71ex552.dll and tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client...

Tom Sawyer Software GET Extension Factory COM Object Instantiation Memory Corruption

Tom Sawyer Software's GET Extension Factory, a component used for graph visualization applications, is installed on the remote Windows host. It may have been bundled with a third-party application, such as the VMware Infrastructure Client or Embarcadero ER / Studio XE2. The installed version of...

Ushahidi 2.0.1 (range param) SQL Injection Vulnerability (post-auth)

Exploit for php platform in category web applications Ushahidi 2.0.1 range param SQL Injection Vulnerability post-auth Vendor: Ushahidi, Inc. Product web page: http://www.ushahidi.com Affected version: 2.0.1 Tunis Summary: The Ushahidi Platform is a platform for information collection,...

Ushahidi 2.0.1 SQL Injection

Ushahidi 2.0.1 range param SQL Injection Vulnerability post-auth Vendor: Ushahidi, Inc. Product web page: http://www.ushahidi.com Affected version: 2.0.1 Tunis Summary: The Ushahidi Platform is a platform for information collection, visualization and interactive mapping. Desc: Input passed via th...

Fedora Update for SimGear FEDORA-2011-5727

Check for the Version of SimGear OpenVAS Vulnerability Test Fedora Update for SimGear FEDORA-2011-5727 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: SimGear-2.0.0-5.fc13

SimGear is a set of open-source libraries designed to be used as building blocks for quickly assembling 3d simulations, games, and visualization applications...

[SECURITY] Fedora 15 Update: SimGear-2.0.0-5.fc15

SimGear is a set of open-source libraries designed to be used as building blocks for quickly assembling 3d simulations, games, and visualization applications...

Image of the Day: Visualizing a VoIP Server Attack

Today’s image of the day comes from a video posted by New Scientist magazine that helps illustrate an attack between a server and a hacker. Created by Ben Reardon of Dataviz Australia, the video chronicles a hacker’s attempt to break into a voice over IP VoIP server. As we’ve seen, servers like...

Visualizing Wi-Fi Networks Through Light

Today’s Image of the Day comes from a film posted on YOUrban. The film is an exploration of the typically intangible landscape of WiFi signals. They built a WiFi measuring rod that displays strength of signal in a vertical alignment of light bars. As they moved the rod, they used long-exposure...

Image of the Day: Mapping E-banking Fraud

We spend our days combing the ‘Net for interesting security happenings and also noting the great work that other reporters and researchers are doing on the security front. Usually that means traditional reporting work: pulling together information from a bunch of different sources, digging for...

Fedora Update for zabbix FEDORA-2010-12752

Check for the Version of zabbix OpenVAS Vulnerability Test Fedora Update for zabbix FEDORA-2010-12752 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

SAP AG SAPgui EAI WebViewer3D - Remote Buffer Overflow (Metasploit)

$Id: sapguisaveviewtosessionfile.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[SECURITY] Fedora 13 Update: gource-0.24-3.fc13

OpenGL-based 3D visualisation tool for source control repositories. The repository is displayed as a tree where the root of the repository is the centre, directories are branches and files are leaves. Contributors to the source code appear and disappear as they contribute to specific files and...

[SECURITY] Fedora 12 Update: gource-0.24-3.fc12

OpenGL-based 3D visualisation tool for source control repositories. The repository is displayed as a tree where the root of the repository is the centre, directories are branches and files are leaves. Contributors to the source code appear and disappear as they contribute to specific files and...

Secunia Research: Visualization Library DAT File Parsing Vulnerabilities

====================================================================== Secunia Research 14/04/2010 - Visualization Library DAT File Parsing Vulnerabilities - ====================================================================== Table of Contents Affected...

Buffer overflow

Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the 1 vl::loadDAT and 2 vl::isDAT functions...

CVE-2010-0994

Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the 1 vl::loadDAT and 2 vl::isDAT functions...

CVE-2010-0994

CVE-2010-0994 concerns the Visualization Library vulnerability in src/vl/vlDAT.cpp (vl::loadDAT, vl::isDAT). It describes boundary/buffer overflow errors in DAT file parsing that allow user‑assisted remote code execution in Visualization Library 2009.08.812. Exploitation requires a crafted DAT fi...

CVE-2010-0994

Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assisted remote attackers to execute arbitrary code via a crafted DAT file, related to the 1 vl::loadDAT and 2 vl::isDAT functions...