CVE-2010-3683

Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service mysqld daemon crash via a crafted request...

Windows Vista/7 lpksetup.exe DLL Hijacking

/ Exploit: Windows Vista/7 lpksetup.exe oci.dll DLL Hijacking Vulnerability Extension: .mlc Author: Tyler Borland [email protected] Date: 10/20/2010 Tested on: Windows 7 Ultimate Windows Vista Ultimate/Enterpries and Windows 7 Enterprise should be vulnerable as well Effect: Remote Code Executio...

GNU C Library 2.x (libc6) - Dynamic Linker LD_AUDIT Arbitrary DSO Load Privilege Escalation

GNU C Library 2.x libc6 - Dynamic Linker LDAUDIT Arbitrary DSO Load Privilege Escalation Source: http://marc.info/?l=full-disclosure&m=128776663124692&w=2 The GNU C library dynamic linker will dlopen arbitrary DSOs during setuid loads...

Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel-rt packages that fix multiple security issues and upgrade the kernel-rt kernel to version 2.6.33.7-rt29 are now available for Red Hat Enterprise MRG 1.3. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System...

Barracuda Networks Multiple Products 'view_help.cgi' Directory Traversal Vulnerability

Multiple Barracuda Networks products are prone to a directory- traversal vulnerability because it fails to sufficiently sanitize user- supplied input. A remote attacker can exploit this vulnerability using directory- traversal characters '../' to access files that contain sensitive information th...

DEBIAN-CVE-2010-3476

Open Ticket Request System OTRS 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attackers to cause a denial of service CPU consumption via a large message, a different vulnerability than...

The Week in Security: Gov2.0, DLL Patches and When Social Media Attacks!

Summer may have reached its unofficial end with the Labor Day holiday, but there was no break from security news this week, as both the Gov 2.0 Conference in Washington D.C. and a raft of warnings and patches from leading vendors kept the heat on high. We all know the Internet started as a U.S...

Microsoft to Patch 13 Security Holes in Windows, Office

Microsoft’s September batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services IIS, and Microsoft Office. According to the company’s advance notification for this month’s Patch Tuesday, there will be a total of 9 bulletins fou...

Mozilla Patches Firefox DLL Load Hijacking Bug

Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications. The open-source group released Firefox 3.6.9 with patches for a total of 15 vulnerabilities 11 rated critical, including the publicly known DLL...

Apple Plugs Safari Drive-by Download Security Holes

Apple has shipped Safari 5.0.2 and Safari 4.1.2 with patches for three gaping holes that expose Web surfers to drive-by download attacks. The browse-and-you’re-hacked vulnerabilities affect both Windows and Mac users, Apple warned in an advisory. One of the three vulnerabilities is the DLL load...

SeaMonkey < 2.0.7 Multiple Vulnerabilities

Binary data 5660.prm...

MySQL Community Server < 5.1.49 Multiple Vulnerabilities

The version of MySQL Community Server installed on the remote host is earlier than 5.1.49 and thus potentially affected by multiple vulnerabilities: - DDL statements could cause the server to crash. 55039 - Joins involving a table with a unique SET column could cause the server to crash. 54575 -...

μTorrent (uTorrent) 2.0.3 - DLL Hijacking

Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and placed in the utorrent.exe directory, the...

μTorrent (uTorrent) 2.0.3 - DLL Hijacking

μTorrent uTorrent 2.0.3 - DLL Hijacking Title: uTorrent =2.0.3 Dll Hijacking Local Exploits By: DrIDE Tested: Windows 7RC Note: These are additional DLL's with unsafe Load Paths Reference: http://www.exploit-db.com/exploits/14726/ If the payload .DLL file is renamed to any of these files and plac...

MySQL Community Server 5.1 < 5.1.49 Multiple Denial of Service Vulnerabilities

Binary data 801140.prm...

Mandriva Update for mysql MDVSA-2010:155 (mysql)

Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:155 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

MySQL Community Server 5.1 < 5.1.49 Multiple Denial of Service Vulnerabilities

Binary data 5646.prm...

PYSEC-2010-16

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 Page.py, 2 PageEditor.py, 3 PageGraphicalEditor.py, 4 action/CopyPage.py, 5...

Microsoft Soap SDK (V 1.02.814.0)beta (mssoap1.dll) ActiveX load Code

Exploit for windows platform in category remote exploits 0day.today 2018-01-05...

Discuz7. 2 of my vest plug-injection vulnerability-a vulnerability warning-the black bar safety net

Discuz! A common set of community forums software system, the user can not require any programming on the basis of, through the simple setup and installation, on the Internet build up with perfect function, strong load capacity, and highly customizable Forum service Vulnerability plug-in:...