Adobe Reader 10.1.4 - JP2KLibCoolType Crash (PoC)

Adobe Reader 10.1.4 - JP2KLibCoolType Crash PoC Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkav...

Accidental XSRF and DoS consumption-of-space issue

We experienced an unusual growth of our nonspaced attachments that appears to be a DoS vunerability both in an accidental way with a workaround and intentional not easily worked around. This is under Confluence 4.0, but appears to probably apply to 4.3.1 as well. It appears the growing nonspaced...

Accidental XSRF and DoS consumption-of-space issue

We experienced an unusual growth of our nonspaced attachments that appears to be a DoS vunerability both in an accidental way with a workaround and intentional not easily worked around. This is under Confluence 4.0, but appears to probably apply to 4.3.1 as well. It appears the growing nonspaced...

Fedora 16 : python-djblets-0.6.22-2.fc16 (2012-11576)

Previous version of python-djblets contained embedded / own copy of python-feedparser BUILD/Djblets-0.6.22/djblets/feedview feedparser.py code, which is vulnerable to numerous security flaws CVE-2009-5065, CVE-2011-1156, CVE-2011-1157, and CVE-2011-1158 to mention some of them. This package...

flash-plugin: arbitrary code exec via integer overflow in copyRawDataTo method in Matrix3D class

Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments...

Scientific Linux Security Update : gfs2-utils on SL5.x i386/x86_64

Multiple insecure temporary file use flaws were discovered in GFS2 user level utilities. A local attacker could use these flaws to overwrite an arbitrary file writable by a victim running those utilities typically root with the output of the utilities via a symbolic link attack. CVE-2008-6552 Thi...

Scientific Linux Security Update : kernel on SL4.x i386/x86_64

These updated packages fix the following security issues : - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These updated packages fix the following security issues : - A security flaw was found in the Linux kernel memory copy routines, when running on certain AMD64 systems. If an unsuccessful attempt to copy kernel memory from source to destination memory locations occurred, the copy routines did not...

Code injection

model/modelstorage.py in the Tryton application framework trytond before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authenticated users to modify the privileges of arbitrary users via a 1 create, 2 write, 3 delete, or 4 cop...

Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Quicktime.qts. T...

CVE-2012-1119

MantisBT before 1.2.9 does not audit when users copy or clone a bug report, which makes it easier for remote attackers to copy bug reports without detection...

libvirt security, bug fix, and enhancement update

libvirt-0.9.10-21.0.1.el6 - Replace docs/et.png in tarball with blank image libvirt-0.9.10-21.el6 - qemu: Rollback on used USB devices rhbz743671 - qemu: Dont delete USB device on failed qemuPrepareHostdevUSBDevices rhbz743671 - Revert 'rpc: Discard non-blocking calls only when necessary'...

DEBIAN-CVE-2012-2375

The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words in an...

UBUNTU-CVE-2012-2375

The nfs4getacluncached function in fs/nfs/nfs4proc.c in the NFSv4 implementation in the Linux kernel before 3.3.2 uses an incorrect length variable during a copy operation, which allows remote NFS servers to cause a denial of service OOPS by sending an excessive number of bitmap words in an...

SA-CONTRIB-2012-046 - Bundle Copy - Arbitrary Code execution

CVE: CVE-2012-2073 Bundle copy is a replacement for the Content copy module which lives in the CCK project for Drupal 6. Besides the ability to import and export content types, taxonomy and user entities are also supported. Field groups can be exported easily as well. The module doesn't...

Information disclosure

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different 1 domain or 2 zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."...

CVE-2012-0010

Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different 1 domain or 2 zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."...

CVE-2012-0010

CVE-2012-0010 affects Microsoft Internet Explorer 6–9, where copy-and-paste operations could disclose information from another domain or security zone via a crafted webpage (information disclosure). Multiple connected sources confirm a related MS12-010 update (2647516) addressing IE vulnerabiliti...

CodeMeter WebAdmin Detection

The remote web server hosts CodeMeter WebAdmin, a web-based tool for working with CodeMeter hardware and software based copy protection technology. Note: for accurate results from this plugin and those that depend on it, you may need to enable the CodeMeter WebAdmin ports 22352, 22350 in your...

Giveaway : Win a Backtrack or iPhone book

Giveaway: Win a Backtrack or iPhone book After the huge success of our earlier giveaway we have again teamed up with Packt Publishing and we are organizing a giveaway where Three lucky winners stand a chance to win a copy of their choice between two great selling books i.e iPhone Applications...