Secunia Research: DVR Remote ActiveX Control DVRobot Library Loading Vulnerability

====================================================================== Secunia Research 17/11/2011 - DVR Remote ActiveX Control DVRobot Library Loading Vulnerability - ====================================================================== Table of Contents Affected...

Oracle Hyperion Financial Management ActiveX File Upload

Added: 11/15/2011 BID: 50476 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for scripting and...

Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

Oracle AutoVue AutoVueX ActiveX Control ExportEdaBom Arbitrary File Overwrite

Added: 11/07/2011 BID: 50332 OSVDB: 76539 Background Oracle AutoVue Enterprise Visualization is a suite of Oracle products designed to deliver a web-based capability to access, view, digitally annotate and collaborate on technical and business documents, without requiring specialized computer-aid...

Windows Manage Process Migration

This module will migrate a Meterpreter session from one process to another. A given process PID to migrate to or the module can spawn one and migrate to that newly spawned process. This module requires Metasploit: https://metasploit.com/download Current source:...

aspcms corporate website system 0day 2.0 or above through the kill-vulnerability warning-the black bar safety net

aspcms development of the new core open source enterprise built Station system, capable of enterprise a variety of site requirements, and support template customization, support, extensions, etc., can be completed in a short time the enterprise built Station. The vulnerability appears in the...

Samba mtab lock file race condition

Multiple race conditions in the 1 mount.cifs and 2 umount.cifs programs in Samba 3.6 allow local users to cause a denial of service mounting outage via a SIGKILL signal during a time window when the /etc/mtab file exists...

MS 2562937: Update Rollup for ActiveX Kill Bits (2562937)

The remote Windows host is missing a list of kill bits for ActiveX controls that are known to contain vulnerabilities. If these ActiveX controls are ever installed on the remote host, either now or in the future, they would expose it to various security issues. Note that the affected controls are...

HPSBPI02698 SSRT100404 rev.3 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code

Potential Security Impact Remote execution of arbitrary code VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP Easy Printer Care Software Running on Windows. The vulnerability can be remotely exploited to write arbitrary files to the system and execute them via...

PHPFood CMS 2.00 SQL Injection

PhpFood CMS restaurant.php?id= SQL Injection Vulnerability Author : kaMtiEz [email protected] / / Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id Date : 3 July, 2011 Software Information + Vendor : http://www.phpfood.com/ + Download :...

When Angry Birds Attack: Android Edition

It’s been about six months since I reported a vulnerability in the Android mobile platform that allowed the unprompted installation of arbitrary applications with arbitrary permissions on a victim’s device. While the vulnerability has long been fixed on Android handsets around the world, I’ve yet...

BarCodeWiz ActiveX LoadProperties Buffer Overflow

Added: 05/23/2011 CVE: CVE-2010-2932 BID: 42097 OSVDB: 66882 Background BarCodeWiz Barcode ActiveX Control is a tool for generating barcodes in Microsoft Office documents, and for Visual Basic, Visual C++, VB.NET, C, or Delphi developer looking to include barcodes in programs. Problem The...

BarCodeWiz ActiveX LoadProperties Buffer Overflow

Added: 05/23/2011 CVE: CVE-2010-2932 BID: 42097 OSVDB: 66882 Background BarCodeWiz Barcode ActiveX Control is a tool for generating barcodes in Microsoft Office documents, and for Visual Basic, Visual C++, VB.NET, C, or Delphi developer looking to include barcodes in programs. Problem The...

Design/Logic Flaw

Openswan 2.2.x does not properly restrict permissions for 1 /var/run/starter.pid, related to starter.c in the IPsec starter, and 2 /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a...

CVE-2011-2147

Openswan 2.2.x does not properly restrict permissions for 1 /var/run/starter.pid, related to starter.c in the IPsec starter, and 2 /var/lock/subsys/ipsec, which allows local users to kill arbitrary processes by writing a PID to a file, or possibly bypass disk quotas by writing arbitrary data to a...

CVE-2011-1784

CVE-2011-1784 concerns keepalived 1.2.2 and earlier, where pidfile_write creates /var/run/*.pid files (keepalived.pid, checkers.pid, vrrp.pid) with 0666 permissions. This allows local users to write to these PID files and potentially kill arbitrary processes. Connected advisories show that update...

CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

win32/xp sp3 Force Kill explorer.exe process Shellcode 73 Bytes

Exploit Title: win32/xp sp3 Force Kill explorer.exe process Shellcode 73 Bytes + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : win32-Shellcodes + Tested on : Windows Xp 32 bit 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0...

Multiple ActiveX components security vulnerabilities

kill bit update for multiple components of different vendors...

CVE-2011-1137

Integer overflow in the modsftp aka SFTP module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service memory consumption leading to OOM kill via a malformed SSH message...