[SECURITY] Fedora 13 Update: libuser-0.56.16-1.fc13.2

The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included...

[SECURITY] Fedora 14 Update: libuser-0.56.18-3.fc14

The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included...

IrfanView 4.27 Denial Of Service

done by BraniX www.hackers.org.pl found: 2010.08.18 published: 2010.12.27 tested on: Windows XP SP3 Home Edition App: IrfanView 4.27 DoS, Integer division by zero in module JPEG2000.dll iview32.exe MD5: 58150C1AC5B86C1A6B5E15FE1C3A870D JPEG2000.dll MD5: 50B3DCD4F32C9939722A905A06AD371A first...

Joomla! Component JE Auto 1.0 - SQL Injection

Joomla! Component JE Auto 1.0 - SQL Injection JE Auto 1.0 SQL Injection Vulnerability Name JE Auto Vendor http://joomlaextensions.co.in/extensions/components/je-auto.html Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at...

CVE-2010-3790

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary...

Design/Logic Flaw

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary...

CVE-2010-3790

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary...

MDVA-2009:121 : pulseaudio

Multiple bugs has been identified and corrected in pulseaudio: - alsa: allow configuration of fallback device strings in profiles util: if NULL is passed to papathgetfilename just hand it through alsa: don't hit an assert when invalid module arguments are passed - alsa: fix wording, we are speaki...

TTVideo 1.0 Joomla Component SQL Injection Vulnerability

TTVideo 1.0 Joomla Component SQL Injection Vulnerability Name TTVideo Vendor http://www.toughtomato.com Versions Affected 1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-27 X. INDEX I. ABOUT THE APPLICATION II...

Joomla Appointinator 1.0.1 SQL Injection

Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities Name Appointinator Vendor http://appointinator.chemeia.info Versions Affected 1.0.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-27 X. INDEX ...

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Name RedShop Vendor http://redweb.dk Versions Affected 1.0.23.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-13 X. INDEX I. ABOUT THE...

2daybiz Matrimonial Script SQL Injection / Cross Site Scripting

$------------------------------------------------------------------------------------------------------------------- $ 2daybiz Matrimonial Script SQL Injection and Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :...

Office 2 iPhone XLS Denial of Service

Exploit for hardware platform in category dos / poc ===================================== Office 2 iPhone XLS Denial of Service ===================================== I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.inj3ct0r.com/sploits/12662.xls which I randomly found on the...

Office^2 iPhone - .XLS Denial of Service

Office^2 iPhone - .XLS Denial of Service I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications f...

GoodiWare GoodReader iPhone - .XLS Denial of Service

GoodiWare GoodReader iPhone - .XLS Denial of Service I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader...

GoodiWare GoodReader iPhone XLS Denial of Service

Exploit for hardware platform in category dos / poc I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.inj3ct0r.com/sploits/12663.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone. 0day.tod...

Office^2 iPhone - '.XLS' Denial of Service

I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone...

GoodiWare GoodReader iPhone - '.XLS' Denial of Service

I wrote a fuzzer "dumb fuzzer" and used a sample from http://www.ccp14.ac.uk/ccp/web-mirrors/bca-spreadsheets/scanplot101.xls which I randomly found on the internet. I mutated the data and tested roughly 1000 cases on several Document Reader Applications for iPhone...

DEBIAN-CVE-2010-1459

The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated by the VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project...

Microsoft IIS4 Exair Sample Site Denial Of Service (CVE-1999-0449)

Microsoft Internet Information Services IIS is a multi-featured server product that ships with all versions of Microsoft Windows 2000, XP and Server 2003. The product provides FTP, SMTP, NNTP and HTTP services. The HTTP component, known as the WWW Publishing Service, allows for the serving of...