62 matches found
SiNG cms 2.9.0 (email) Remote XSS POST Injection Vulnerability
Summary SiNG cms is a free modular Content Management System open source, based on a bunch of PHP / MySQL and intended use of the web server Apache. Description The application is prone to a reflected cross-site scripting vulnerability due to a failure to properly sanitize user-supplied input to...
SiNG cms - 'Password.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/55168/info SiNG cms is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of t...
Set your Web browsers to "stun"…it's the online holiday shopping season. Here are ten tips for surviving it without getting yourself p4wn3d
Cyber Monday is billed as the biggest online shopping day of the year, with deep discounts from online merchants. But the truth is that your online shopping isn’t anywhere near done now that its passed, any more than your in store shopping is done now that the 3:00 AM Black Friday door buster...
Acroread: Stack-based buffer overflow by processing certain fonts (APSA10-02)
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...
Adobe CoolType - SING Table 'uniqueName' Local Stack Buffer Overflow (Metasploit) (2)
$Id: adobecooltypesing.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Adobe CoolType - SING Table 'uniqueName' Remote Stack Buffer Overflow (Metasploit) (1)
$Id: adobecooltypesing.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Adobe Reader CoolType.dll buffer overflow
Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...
Adobe Reader CoolType.dll buffer overflow
Added: 09/17/2010 CVE: CVE-2010-2883 BID: 43057 OSVDB: 67849 Background Adobe Reader is free software for viewing PDF documents. Problem A buffer overflow in the CoolType.dll module allows command execution when a user opens a PDF document containing a long, specially crafted field in a SING tabl...
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability - Linux
Adobe Reader is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...
Adobe Acrobat and Reader SING 'uniqueName' Buffer Overflow Vulnerability - Windows
Adobe Reader/Acrobat is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Adobe Reader and Acrobat TTF SING Table Buffer Overflow (APSA10-02; CVE-2010-2883)
Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. A vulnerability has been discovered in Adobe Reader and Acrobat. A remote attacker can exploit...
Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow
This module exploits a vulnerability in the Smart INdependent Glyplets SING table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior versions are assumed to be vulnerable as well. This module requires Metasploit: https://metasploit.com/download Current source:...
Stack overflow
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...
CVE-2010-2883
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...
CVE-2010-2883
CVE-2010-2883 describes a stack-based buffer overflow in Adobe’s CoolType.dll (SING table handling) that affects Adobe Reader/Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Windows and macOS. A long field in a TTF font’s SING table in a PDF can allow remote code execution or cause a DoS (applicat...
CVE-2010-2883
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...
Adobe Reader Smart INdependent Glyplets (SING) Table Handling Vulnerability
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'zlib' class Metasploit...
Adobe CoolType SING Table "uniqueName" Stack Buffer Overflow
This module exploits a vulnerability in the Smart INdependent Glyplets SING table handling within versions 8.2.4 and 9.3.4 of Adobe Reader. Prior versions are assumed to be vulnerable as well. This module requires Metasploit: https://metasploit.com/download Current source:...
Send ICMP Nasty Garbage (SING) - Append File Logrotate
Send ICMP Nasty Garbage SING - Append File Logrotate / sing file append exploit by bannedit 12/05/2007 The original reporter of this issue included an example session which added an account to the machine. The method for this exploit is slightly different and much more quiet. Although it relies...
CVE-2007-6211
Send ICMP Nasty Garbage sing on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L output log file option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to overrid...