MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plugin)

No description provided by source. Hi, I have just uploaded a k-plugin for Kartoffel, which exploits a flaw patched in the recent MS08-066 bulletin. http://kartoffel.reversemode.com/downloads.php backup: http://milw0rm.com/sploits/2008-afdplugin.zip For those researchers interesting in digging a...

CVE-2008-3477

Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to...

FreeBSD Security Advisory (FreeBSD-SA-05:07.ldt.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:07.ldt.asc ADV FreeBSD-SA-05:07.ldt.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Security Advisory (FreeBSD-SA-06:18.ppp.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:18.ppp.asc ADV FreeBSD-SA-06:18.ppp.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

MS Jet Database (msjet40.dll) DB File Buffer Overflow Exploit

No description provided by source. / -------------------------------------- Microsoft Jet msjet40.dll Exploit -------------------------------------- Author: ---------- S.Pearson Computer Terrorism UK www.computerterrorism.com 11/04/2005 Credits: ---------- Hexview original advisory Tested on:...

Debian Security Advisory DSA 1608-1 (mysql-dfsg-5.0)

The remote host is missing an update to mysql-dfsg-5.0 announced via advisory DSA 1608-1. OpenVAS Vulnerability Test $Id: deb16081.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1608-1 mysql-dfsg-5.0 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...

Microsoft Outlook Web Access Data Validation Cross Site Scripting (MS08-039; CVE-2008-2247)

Outlook Web Access OWA is a webmail service of Microsoft Exchange Server 5.0 and later. The web interface of OWA resembles the interface in Microsoft Outlook. A cross-site scripting vulnerability has been detected in Outlook Web Access. The vulnerability is a result of OWA failure to properly...

MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747)

The remote host is running a version of Outlook Web Access OWA for Exchange Server that is vulnerable to multiple cross-site scripting issues in the HTML parser and Data validation code. These vulnerabilities may allow an attacker to elevate his privileges by convincing a user to open a malformed...

FreeBSD : xorg -- multiple vulnerabilities (800e8bd5-3acb-11dd-8842-001302a18722)

Matthieu Herrb of X.Org reports : Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Exploiting these overflows will crash the X server or, under certain circumstances...

BBSXP the latest vulnerability and the discovery process-vulnerability warning-the black bar safety net

Operating environment: Micromedia Dreamweaver 8.0+IIS 5.0+SQL Server 2 0 0 0+BBSXP 6.00 SP1 SQL Travel back to the days of work relatively easily, just as everyone presented a few days ago found BBSXP new vulnerability, the way to find the ASP program vulnerability method. See here you should thi...

xorg -- multiple vulnerabilities

Matthieu Herrb of X.Org reports: Several vulnerabilities have been found in the server-side code of some extensions in the X Window System. Improper validation of client-provided data can cause data corruption. Exploiting these overflows will crash the X server or, under certain circumstances all...

PHP security----using Register Globals-bug warning-the black bar safety net

Using Register Globals can PHP the most controversial change from PHP " 4.2.0 version of the beginning of the configuration file, registerglobals the default value from on to off. For this option the dependence is so prevalent that many people simply don't know it exists and thought PHP was so...

Debian Security Advisory DSA 1533-1 (exiftags)

The remote host is missing an update to exiftags announced via advisory DSA 1533-1. OpenVAS Vulnerability Test $Id: deb15331.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1533-1 exiftags Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

DSA-1533-2 exiftags

Bulletin has no description...

Debian DSA-1533-2 : exiftags - insufficient input sanitizing

Christian Schmid and Meder Kydyraliev Google Security discovered a number of vulnerabilities in exiftags, a utility for extracting EXIF metadata from JPEG images. The Common Vulnerabilities and Exposures project identified the following three problems : - CVE-2007-6354 Inadequate EXIF property...

DSA-1533-1 exiftags

Bulletin has no description...

Microsoft Excel Rich Text Handling Code Execution (MS08-014; CVE-2008-0116; CVE-2009-0238)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in Microsoft Excel. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a targe...

Input validation

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."...

CVE-2008-0111

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."...

CVE-2008-0111

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."...