openSUSE Security Update : libxml2 (openSUSE-SU-2012:1647-1)

A Heap-based buffer underflow in the xmlParseAttValueComplex function in parser.c in libxml2 allowed remote attackers to cause a denial of service or possibly execute arbitrary code via crafted entities in an XML document. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

openSUSE: Security Advisory for MozillaThunderbird (openSUSE-SU-2012:0917-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress WP Forum 1.7.8 SQL Injection

Exploit Title: WordPress WP Forum plugin getrow"SELECT text, authorid, date FROM $tableposts WHERE id = $id"; $u = new WPuser$text-authorid; echo htmlentities"QUOTE $u-nickname @ ".dategetoption'forumdateformat', strtotime$text-date."\n $text-text";...

Microsoft Internet Explorer 6/7 - Remote Denial of Service

Exploit Title: IE6 / 7 Remote Dos vulnerability Date: 27/07/2010 Author: Richard leahy Version: 6 / 7 Tested on: Windows Xp Sp3 category Remote Dos, might lead to code execution. The vulnerability is caused due to specifying a large value integer or string to the frame.frameBorder causing a dos a...

FreeBSD ld-elf本地权限提升漏洞

FreeBSD是一款开放源代码的基于BSD的操作系统。 在ld-elf对环境变量处理存在本地权限提升漏洞 FreeBSD包含的Run-Time Link-Editor rtld存在问题，本地攻击者可以利用漏洞获得root特权。 一般情况下，在执行类似"ping"或"su" setugid的程序时，RTLD不允许设置类似LDPRELOAD这类的危险环境变量，不过存在漏洞可让rtld被诱使在setugid程序上接收LD变量，导致特权提升。 FreeBSD 8.0-RELEASE FreeBSD 7.1-RELEASE 厂商解决方案 目前没有解决方案提供：...

TFTP Server 1.3 - Remote Buffer Overflow (Denial of Service) (PoC)

Name : TFTPServerMT v 1.3 Remote Buffer Overflow Dos Exploit Author: Umesh Wanve Date: 01-03-2007 Desc: This is latest version of TFTP server. EDI gets overwritten at 246. So code execution may be possible Someone can better write it. Sending a long file name on the vulnerable server can crash th...

Echo Security Advisory 2006.41

ECHOADV41$2006 --------------------------------------------------------------------------- ECHOADV41$2006 BufferOverflow in Midirecord2 --------------------------------------------------------------------------- Author : Dedi Dwianto Date : July, 25th 2006 Location : Indonesia, Jakarta Web :...