Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of document objects...

MS Internet Explorer (blnmgr.dll) COM Object Remote Exploit (MS05-038)

No description provided by source. !-- placed into html for your testing. /str0ke !/usr/bin/perl Internet Explorer COM Objects Instantiation Proof of Concept Exploit MS05-038 Bindshell on port 28876 - Based and ripped from Berend-Jan Wever's IE Exploit Vulnerable Objects :...

Debian DSA-1621-1 : icedove - several vulnerabilities

Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0304 It was discovered that a buffer overflow in MIME decoding can lead t...

DSA-1621-1 icedove - several vulnerabilities

Bulletin has no description...

Debian DSA-1614-1 : iceweasel - several vulnerabilities

Several remote vulnerabilities have been discovered in the Iceweasel web browser, an unbranded version of the Firefox browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter...

Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

MS Internet Explorer COM Objects File Download Exploit (MS05-038)

No description provided by source. /+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11 http://www.donews.net/zwell [email protected] Some code belongs to Lioncnhonker, regards to him. This code tested on Windows 2003...

CVE-2008-2976

Multiple directory traversal vulnerabilities in TinX/cms 1.1, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the 1 language parameter to a includeme.php, b admin/ajax.php, and c...

CVE-2008-2975

The CVE-2008-2975 vulnerability affects TinX/cms 1.1, specifically the admin/objects/obj_image.php component. It is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the language parameter. The NVD lists a MEDIUM severity (CVSSv2 4.3) with n...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox

Overview Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's ali...

Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.

Overview Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods ex. destructive methods was confirmed. Impact An attacker may be able to...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

Microsoft Publisher memory corruption

.PUB files memory corruption on embedded objects parsing...

xpdf: embedded font vulnerability

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

Business Objects Infoview - cms Cross-Site Scripting

Business Objects Infoview - cms Cross-Site Scripting source: https://www.securityfocus.com/bid/28762/info Business Objects is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input via the Infoview web portal. An attacker may leverage...

Python stringobject.c多个远程溢出漏洞

BUGTRAQ ID: 28749 Python是一种开放源代码的脚本编程语言。 Python的核心API提供了多个用于分配字符串对象的函数，其中一个API调用允许分配或重新分配PyStringObject，这个函数为PyStringFromStringAndSize，该函数获取了两个参数，分别为一个指针和一个有符整数。如果指针非空的话，就会将指向该指针的内存重新分配为第二个参数所指定的大小；如果指针为空，就会分配整数所指定的字节数并返回。 在这个操作期间，没有验证第二个参数是否为负数，而该值与PyStringObject的大小相加并用作了分配函数的长度，可能导致错误的内存分配。...

Business Objects Infoview - 'cms' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28762/info Business Objects is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input via the Infoview web portal. An attacker may leverage this issue to execute arbitrary script code in the...

Adobe Flash Player 89.0.x - .SWF File DeclareFunction2 ActionScript Tag Remote Code Execution

Adobe Flash Player 89.0.x - .SWF File DeclareFunction2 ActionScript Tag Remote Code Execution source: https://www.securityfocus.com/bid/28694/info Adobe Flash Player is prone to a remote code-execution vulnerability when handling certain embedded ActionScript objects. An attacker may exploit this...