ReVuln Discovers Zero Day Vulns in Gaming Clients

Two video game researchers have discovered a slew of zero day vulnerabilities in the engines that run popular first person shooter games like “Quake 4,” “Monday Night Combat,” “Crysis 2” and “Homefront,” among others that could put their servers and the gamers who use them in danger. The flaws li...

Ophcrack 3.5.0 - Code Execution Local Buffer Overflow

Ophcrack 3.5.0 - Code Execution Local Buffer Overflow Exploit Title: ophcrack v3.5.0 - Local Code Execution BOF Date: 21.05.2013 Exploit Author: xisone@STM Solutions Vendor Homepage: http://ophcrack.sourceforge.net/ Software Link:...

CVE-2013-2724

Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors...

Oracle Java mort TTF Table Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fontmanager...

FreeBSD : nginx -- multiple vulnerabilities (efaa4071-b700-11e2-b1b9-f0def16c5c1b)

The nginx project reports : A stack-based buffer overflow might occur in a worker process process while handling a specially crafted request, potentially resulting in arbitrary code execution. CVE-2013-2028 A security problem related to CVE-2013-2028 was identified, affecting some previous nginx...

Novell iPrint Client < 5.90 Stack-Based Buffer Overflow

The version of Novell iPrint Client installed on the remote host is earlier than 5.90. It therefore is reportedly affected by an unspecified, remote, stack-based buffer overflow vulnerability that could allow arbitrary code execution. C Tenable Network Security, Inc. include"compat.inc"; if...

CVE-2013-1091

Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors...

[SECURITY] [DSA 2663-1] tinc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2663-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez April 22, 2013 http://www.debian.org/security/faq -...

Mandriva Linux Security Advisory : pixman (MDVSA-2013:116)

Updated pixman packages fix security vulnerability : Stack-based buffer overflow in libpixman has unspecified impact and attack vectors CVE-2013-1591. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux...

Mandriva Linux Security Advisory : nss-pam-ldapd (MDVSA-2013:106)

Updated nss-pam-ldapd packages fixes the following security vulnerability : Garth Mollett discovered that a file descriptor overflow issue in the use of FDSET in nss-pam-ldapd can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process...

Mandriva Linux Security Advisory : asterisk (MDVSA-2013:140)

Multiple vulnerablilities was identified and fixed in asterisk : The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition BE C.3.x before C.3.8.1; and Asterisk...

QNX Multiple Vulnerabilities

OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...

CVE-2013-0680

Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service daemon crash or possibly execute...

CVE-2013-2685

Stack-based buffer overflow in res/resformatattrh264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol SDP header...

CVE-2013-0512

Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to cause a denial of service plug-in crash via a crafted web page...

Sami FTP Server LIST Command Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit4 'Sami FTP Server...

CVE-2013-2492

Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT...

RedHat Update for pidgin RHSA-2013:0646-01

Check for the Version of pidgin OpenVAS Vulnerability Test RedHat Update for pidgin RHSA-2013:0646-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CentOS Update for finch CESA-2013:0646 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for nss-pam-ldapd CESA-2013:0590 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...