falt4cms-multi.txt

H - Security Labs Falt4 CMS RC4 10.9.2007 Security Report /Advisory ID : HSEC20071012 General Information -------------------------- Name : Falt4Extreme CMS RC4 10.9.2007 Vendor HomePage :http://sourceforge.net/projects/falt4/ Platforms : PHP && MySQL Vulnerability Type : Input Validation Errors...

Eurologon CMS Multiple SQL Injection

--------------------------------------------------------------- / | | / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / / | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...

eurologon-sql.txt

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Eurologon...

Eurologon CMS - Multiple SQL Injections

Eurologon CMS - Multiple SQL Injections --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...

Eurologon CMS Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== Eurologon CMS Multiple Remote SQL Injection Vulnerabilities ===========================================================...

Heap overflow

Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in 1 a PSP image to the IDPSP.apl plug-in or 2 an LHA archive to the...

CVE-2007-4344

Multiple input validation errors in ACD ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 build 195 allow user-assisted remote attackers to execute arbitrary code via a long section string in 1 a PSP image to the IDPSP.apl plug-in or 2 an LHA archive to the...

CVE-2007-4344

CVE-2007-4344 involves heap-based buffer overflows in ACDSee products: PSP images processed by ID_PSP.apl and LHA archives by AM_LHA.apl, leading to remote code execution with user-assisted input. Affects ACDSee Photo Manager 9.0 build 108, Pro Photo Manager 8.1 build 99, and Photo Editor 4.0 bui...

CVE-2007-5756

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

Code injection

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

CVE-2007-5756

CVE-2007-5756 : A local privilege-escalation flaw in WinPcap’s NPF.SYS driver (bpf_filter_init) arises from multiple array-indexing errors when handling IOCTLs, allowing crafted IOCTL requests to gain kernel-mode privileges. Affected: WinPcap up to version 4.0.1 (and variants used by Wireshark). ...

CVE-2007-5756

Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...

Fedora 8 : perl-5.8.8-31.fc8 (2007-3218)

Resolves: CVE-2007-5116: perl regular expression UTF parsing errors Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 7 : perl-5.8.8-26.fc7 (2007-3255)

Resolves CVE-2007-5116: perl regular expression UTF parsing errors Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

KLA10395 LPE vulnerability in WinPcap

Array index errors were found in WinPcap. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed IOCTL request. Original advisories WinPcap changelog Related products WinPcap CVE list CVE-2007-5756 high Solution...

FreeBSD : gftp -- multiple vulnerabilities (f8b0f83c-8bb3-11dc-bffa-0016179b2dd5)

Gentoo reports : Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. A remote attacker could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name,...

perl regular expression UTF parsing errors

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine regcomp.c in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode UTF characters in a regular expression...

Important: perl security update

5.8.5-36.el45.2.0.1 - Added patch perl-5.8.5-OEL-mock-build.patch to disable test lib/Net/t/hostname.t, so that mock build succeeds 5.8.5-36.el4.2 - Resolves: bug323791 - fix previous patch 5.8.5-36.el4.1 - Resolves: bug323791 - fix regular expression UTF parsing errors...

Important: kernel security update

2.6.9-55.0.12.0.1 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix for nfs open call taking longer issue Chuck Lever orabug 5580407 bz 219412 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with rds Zach...

gFTP: Multiple vulnerabilities

Background gFTP is an FTP client for the GNOME desktop environment. Description Kalle Olavi Niemitalo discovered two boundary errors in fsplib code included in gFTP when processing overly long directory or file names. Impact A remote attacker could trigger these vulnerabilities by enticing a user...