Apple MAC OS X Install.framework runner privilege dropping vulnerability

Apple Mac OS X is a commercial operating system. The Apple Mac OS X Install.framework 'runner' setuid program fails to properly discard privileges, allowing attackers to exploit the vulnerability to run malicious applications and execute arbitrary code...

MGASA-2015-0247 Updated cups package fixes security vulnerabilities

It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code CVE-2015-1158. It was discovered that the CUPS templating...

MGASA-2015-0114 Updated tcpdump package fixes security vulnerabilities

Several vulnerabilities have been discovered in tcpdump. These vulnerabilities might result in denial of service application crash or, potentially, execution of arbitrary code CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155...

ActualAnalyzer Lite 2.81 - Command Execution

ActualAnalyzer exploit. Tested on Lite version We load command into a dummy variable as we only have 6 characters to own the eval but load more as first 2 characters get rm'd. We then execute the eval with backticks. 11/05/2011 import urllib import urllib2 import sys import time def banner: print...

Gopher <= 3.0.9 (+VIEWS) Remote (Client Side) Buffer Overflow Exploit

No description provided by source. / gopherv3.0.9+: remote client buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc xgopher-client.c -o xgopher-client syntax: ./xgopher-client port bindshell port The Internet Gopher Client is based on the UMN Gopher/Gopherd 2.3....

Adobe Flash Player Multiple Vulnerabilities -01 (Mar 2013) - Linux

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

XdCMS takeaway, food ordering, corporate website system multiple vulnerabilities and fixes-vulnerability warning-the black bar safety net

Vulnerability file: System/modeules/member/login.php ifempty$COOKIE'memberuser'||empty$COOKIE'memberuserid' //only judge the Cookie exists 漏洞 文件 :www.xxx.com system/libs/base.class.php if empty$COOKIE'memberuser'|| empty$COOKIE'memberuserid' //only the judgment of the Cookies...

YoGen Vocal Remover Local Buffer Overflow Exploit

Exploit for windows platform in category local exploits !/usr/bin/perl Exploit Title: YoGen Vocal Remover Local Buffer Overflow Exploit Author: Angel Injection Thanks: r0073r // Sid3^effects // r4dc0re // CrosS || Inj3ct0r Team || "SeeMe" // XroGuE // gunslinger // indoushka // KnocKout // ZoRLu ...

Audio Workstation 6.4.2.4.3 pls Buffer Overflow (meta)

No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::FILEFORMAT include Msf::Exploit::Remote::Seh def initializeinfo = superupdateinfoinfo, 'Name' = 'Audio Workstation 6.4.2.4.3 pls Buffer Overflow', 'Description' = ...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/classes/pctemplate.php in PointComma 3.8b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the pcConfigsmartyPath parameter...

Mp3-Nator 2.0 - &#039;ListData.dat&#039; Universal Buffer Overflow (SEH)

!/usr/bin/perl + Bug : Mp3-Nator 2.0 ListData.dat Universal Buffer Overflow Exploit SEH + Author : ThE g0bL!N Greetz to all my friends Download:http://files.brothersoft.com/mp3audio/players/mp3nator.zip Tested on: Windows XP Pro SP2 Fr Ismail: Hadi Wallah Ghir 3la Rabbi : usage: After Clicking On...

Microsoft Word Document Stack Based Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw exist...

HP-UX Update for Xserver HPSBUX02381

Check for the Version of Xserver OpenVAS Vulnerability Test HP-UX Update for Xserver HPSBUX02381 Authors: System Generated Check Copyright: Copyright c 2009, 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Gentoo Security Advisory GLSA 200710-29 (sylpheed claws-mail)

The remote host is missing updates announced in advisory GLSA 200710-29. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200504-23 (Kommander)

The remote host is missing updates announced in advisory GLSA 200504-23. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200802-09 (clamav)

The remote host is missing updates announced in advisory GLSA 200802-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200709-14 (clamav)

The remote host is missing updates announced in advisory GLSA 200709-14. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

[security bulletin] HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01422264 Version: 1 HPSBMA02326 SSRT071490 rev.1 - HP Instant Support HPISDataManager.dll Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin...

CVE-2008-1720

Buffer overflow in rsync 2.6.9 to 3.0.1, with extended attribute xattr support enabled, might allow remote attackers to execute arbitrary code via unknown vectors...

CVE-2006-4034

PHP remote file inclusion vulnerability in include/html/config.php in ModernGigabyte ModernBill 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the DIR parameter...