Mail.ru: target.mail.ru: XSS через Referer

POST /offer HTTP/1.1 Host: target.mail.ru User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:28.0 Gecko/20100101 Firefox/28.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Referer:...

Apple TV < 6.1.2 Multiple Vulnerabilities

Binary data 8323.prm...

Kerio Control 8.3.1 - Blind SQL Injection Vulnerability

Kerio Control versions 8.3.1 and below suffer from a boolean-based blind remote SQL injection vulnerability. Document Title: ====================== Kerio Control = 8.3.1 Boolean-based blind SQL Injection Primary Informations: ====================== Product Name: Kerio Control Software Description...

PHP 5.4.x < 5.4.30 / 5.5.x < 5.5.14 Multiple Vulnerabilities

Binary data 8320.prm...

RhinoSoft Serv-U FTP Server 3/4/5 MDTM Command Time Argument Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9751/info Serv-U FTP Server has been reported prone to a remote stack based buffer overflow vulnerability when handling time zone arguments passed to the MDTM FTP command. The problem exists due to insufficient bounds...

AN-HTTPd 1.2 b CGI Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/762/info Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data...

Solaris 2.6/7.0 DTMail Mail Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a local user to gain elevated...

RobotFTP Server 1.0/2.0 Username Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9672/info A vulnerability has been reported for RobotFTP Server. The problem likely occurs due to insufficient bounds checking when processing 'USER' command arguments of excessive length. / this is example code for the...

mIRC 6.1 DCC SEND Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/8818/info A vulnerability has been reported to exist in the mIRC client that may allow a remote attacker to crash a vulnerable mIRC client. The condition is most likely present due to insufficient boundary checking...

HP-UX 11 RWrite Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7489/info HP-UX rwrite utility has been reported prone to a buffer overflow vulnerability. Although unconfirmed code execution with elevated privileges may be possible. The condition presents itself when excessive data is...

Alt-N WebAdmin USER Buffer Overflow

No description provided by source. $Id: altnwebadmin.rb 8498 2010-02-15 00:48:03Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Citadel/UX 5.9/6.x Username Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/10833/info A buffer overrun vulnerability is reported for Citadel/UX. The problem occurs due to insufficient bounds checking when processing 'USER' command arguments. An anonymous remote attacker may be capable of...

NullSoft Winamp 2.6 4 M3U Playlist Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1496/info The M3U Playlist file parser in NullSoft Winamp does not perform proper bounds checking with the extension EXTINF:. Therefore, entering a string consisting of over 280 characters in conjunction with this paramet...

Alt-N WebAdmin 2.0.x USER Parameter Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. /...

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

No description provided by source. $Id: hpnnmwebappmonovjavalocale.rb 12087 2011-03-23 03:39:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

FoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8547/info FoxWeb is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of user-supplied PATHINFO data to the Foxweb CGI and ISAPI extension. Successful exploitation...

PSOProxy 0.91 Remote Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt...

PSOProxy 0.91 Remote Buffer Overflow Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/9706/info It has been reported that PSOProxy is prone to a remote buffer overflow vulnerability. The issue is due to the insufficient boundary checking. A malicious user may exploit this condition to potentially corrupt...

Polymorph 0.4 Filename Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7663/info Polymorph for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is copied into an...

Microsoft Windows XP/ME Help and Support Center Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6966/info The Microsoft Windows ME Help and Support Center is prone to a buffer overflow. This is due to insufficient bounds checking on input supplied through the HCP URI parameter. An attacker can exploit this...