[MORNINGSTAR-2009-02] Multiple security issues in Cute News and UTF-8 Cute News

MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Cute News and UTF-8 Cute News 1. Advisory Information ------------------------------------------------------------------------------------------------------------------------ Title: Multiple security...

Blender 2.34, 2.35a, 2.4, 2.49b .blend File Command Injection

Exploit for unknown platform in category remote exploits ============================================================= Blender 2.34, 2.35a, 2.4, 2.49b .blend File Command Injection ============================================================= Title: Blender 2.34, 2.35a, 2.4, 2.49b .blend File...

Core Security Technologies Advisory 2009.0912

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrary Command Execution Advisory Id: CORE-2009-0912...

Blender 2.34 2.35a 2.4 2.49b .blend File Command Injection

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrary Command Executio...

Blender .blend Project Arbitrary Command Execution

Advisory ID Internal CORE-2009-0912 1. Advisory Information Title: Blender .blend Project Arbitrary Command Execution Advisory Id: CORE-2009-0912 Advisory URL:http://www.coresecurity.com/content/blender-scripting-injection Date published: 2009-11-05 Date of last update: 2009-11-04 Vendors...

Blender 2.342.35a2.42.49b - .blend Command Injection

Blender 2.342.35a2.42.49b - .blend Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Blender .blend Project Arbitrary Command Execution 1. Advisory Information Title: Blender .blend Project Arbitrar...

Sun Java Web Start Arbitrary Command Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java WebStart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the implementation...

Matt Wright guestbook.pl Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

AWStats migrate Remote Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'AWStats...

Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Alcatel-Luce...

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution source: https://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds...

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution

source: https://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds Max 6 through 9 3ds Max 2008 through 2010 Other versions may also be...

CVE-2009-3233

changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack...

CVE-2009-3233

changetrack 4.3 allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack...

Multiple Vulnerabilities in Hitachi JP1/File Transmission Server/FTP

Overview Hitachi JP1/File Transmission Server/FTP contains multiple vulnerabilities that could allow an attacker to execute arbitrary commands. Impact A remote attacker could execute arbitrary commands. Solution Please refer to the 'Vendor Information' section for the official countermeasure and...

GLSA-200909-15 : Lynx: Arbitrary command execution

The remote host is affected by the vulnerability described in GLSA-200909-15 Lynx: Arbitrary command execution Clint Ruoho reported that the fix for CVE-2005-2929 GLSA 200511-09 only disabled the lynxcgi:// handler when not using the advanced mode. Impact : A remote attacker can entice a user to...

Sql injection

Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 calendar.php, 2 news.php, and 3 links.php; and the 4 assignmentid parameter to assignments.php...

MySQL COM_TABLE_DUMP Information Leakage and Arbitrary Command Execution

No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...

EMC Replication Manager irccd.exe RunProgram Message Handling Arbitrary Command Execution

Binary data emcrmcclient.nbin...

Alcatel-Lucent OmniPCX Enterprise masterCGI Arbitrary Command Execution

This module abuses a metacharacter injection vulnerability in the HTTP management interface of the Alcatel-Lucent OmniPCX Enterprise Communication Server 7.1 and earlier. The Unified Maintenance Tool contains a 'masterCGI' binary which allows an unauthenticated attacker to execute arbitrary...