Microsoft Office Image Filter BMP Header Buffer Overflow (MS08-044; CVE-2008-1765; CVE-2008-3020)

BMP is an image file format used to store bitmap digital images. A remote code execution vulnerability was reported in the way Microsoft Office handles BMP files.The vulnerability is due to a memory corruption error when a malformed BMP file is opened by any ofthe affected Microsoft Office...

Nokia series 40 phones multiple security vulnerabilities

Multiple J2ME implementation vulnerabilities allow complete device compromization...

Integer overflow

Integer overflow in the rbaryfill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service crash or possibly have unspecified other impact via a call to the Arrayfill method with a start aka beg argument greater than ARYMAXSIZE. NOTE: this...

Tips Complete Website 1.2.0 (tipid) SQL Injection Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'&nbsp...

Riddles Complete Website 1.2.1 (riddleid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Riddles Complete Website 1.2.1 riddleid SQL Injection Vulnerability =====================================================================...

Cheats Complete Website 1.1.1 (itemid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Cheats Complete Website 1.1.1 itemid SQL Injection Vulnerability ==================================================================...

Easysitenetwork Jokes Complete Website 2.1.3 - jokeid SQL Injection

Easysitenetwork Jokes Complete Website 2.1.3 - jokeid SQL Injection || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection...

Jokes Complete Website 2.1.3 (jokeid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= Jokes Complete Website 2.1.3 jokeid SQL Injection Vulnerability =================================================================...

Drinks Complete Website 2.1.0 (drinkid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== Drinks Complete Website 2.1.0 drinkid SQL Injection Vulnerability ===================================================================...

Kaspersky Multiple Products kl1.sys Driver Local Overflow

The version of the Kaspersky product installed on the remote host contains a stack-based overflow in its 'kl1.sys' kernel driver involving its handling of IOCTL 0x800520e8. A local attacker may be able to leverage this issue to gain complete control of the affected system. C Tenable Network...

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-05 June 4, 2008 -- CVE ID: CVE-2008-2541 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates eTrust Secure Content Manager --...

Microsoft Security Bulletin MS08-021 – Critical Vulnerabilities in GDI Could Allow Remote Code Execution (948590)

Microsoft Security Bulletin MS08-021 – Critical Vulnerabilities in GDI Could Allow Remote Code Execution 948590 Published: April 8, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these...

PT-2008-2963 · Red Hat · Cups +1

Name of the Vulnerable Software and Affected Versions: CUPS versions in Red Hat Enterprise Linux 3 and 4 Description: The issue is caused by an integer overflow in the pdftops filter in CUPS, which can be exploited by remote attackers to execute arbitrary code via a crafted PDF file. This issue i...

MITKRB5-SA-2008-002: array overrun in RPC library used by kadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2008-002 MIT krb5 Security Advisory 2008-002 Original release: 2008-03-18 Last update: 2008-03-18 Topic: array overrun in RPC library used by kadmind CVE-2008-0947, CVE-2008-0948 VU374121 Use of high-numbered file descriptors in the RPC...

Adobe Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities

The remote host is running Adobe's Flash Media Server, an application server for Flash-based applications. The Edge server component included with the version of Flash Media Server installed on the remote host contains several integer overflow and memory corruption errors that can be triggered wh...

Microsoft Office .WPS File Stack Overflow Exploit (MS08-011)

No description provided by source. / Copyright c 2008 chujwamwdupe - pumpernikiel.c one day in teletubby land... an email from idefense: "Unfortunately, Microsoft has refused to credit you using the name you requested." ...what's wrong with 'chujwamwdupe', eh? Description:...

Microsoft Office 2003 - .wps Local Stack Overflow (MS08-011)

Microsoft Office 2003 - .wps Local Stack Overflow MS08-011 / Copyright c 2008 chujwamwdupe - pumpernikiel.c one day in teletubby land... an email from idefense: "Unfortunately, Microsoft has refused to credit you using the name you requested." ...what's wrong with 'chujwamwdupe', eh? Description:...

Cross site scripting

Cross-site scripting XSS vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete...

mambo462-xss.txt

Application : Mambo v4.6.2 Author : Beenu Arora website : www.darkc0de.com Email ; [email protected] Website: http://sourceforge.net/projects/mambo/ --------------- |Multiple XSS | --------------- a.Vulnerable URL: http://localhost/mambo/index.php?option=comfrontpage&Itemid= Parameter = Item...

kvaliitti-sql.txt

Found by: Jaakko "Chrysalid" Hartikainen 1. Info Kvaliitti WebDoc 3.0 CMS is a proprietary Finnish-made content management system developed by Kvaliitti Oy http://www.kvaliitti.fi. It is driven by MS SQL Server and ASP. 2. Abstract WebDoc 3.0 suffers from a flaw in input validation, which allows...