DEBIAN-CVE-2012-3435

SQL injection vulnerability in frontends/php/popupbitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter...

Scientific Linux Security Update : openoffice.org2 on SL4.5 and 4.6 i386/x86_64

Multiple heap overflows and an integer underflow were found in the Quattro ProR import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. CVE-2007-5745, CVE-2007-5747...

Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64

Multiple heap overflows and an integer underflow were found in the Quattro ProR import filter. An attacker could create a carefully crafted Quattro Pro file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the file was opened by a victim. CVE-2007-5745, CVE-2007-5747...

Scientific Linux Security Update : openoffice.org on SL3.x, SL4.x i386/x86_64

A heap overflow flaw was found in the EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or possibly execute arbitrary code if the malicious EMF image was added to a document or if a document containing the malicious EMF file was opened by a...

[SECURITY] Fedora 16 Update: dokuwiki-0-0.10.20110525.a.fc16

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

CyberLink Power2Go - name Attribute (p2g) Stack Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'CyberLink Power2Go name attribute p2g...

CVE-2012-0001

The kernel in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly load structured exception handling tables, which allows context-dependent attackers to bypass the SafeSEH security feature by...

StreamDown 6.8.0 Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'StreamDown 6.8.0...

CVE-2010-5037

SQL injection vulnerability in article.php in SenseSites CommonSense CMS allows remote attackers to execute arbitrary SQL commands via the articleid parameter...

CVE-2010-4980

SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter...

CVE-2010-4990

SQL injection vulnerability in the Front-edit Address Book comaddressbook component for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a contact action to index.php...

CVE-2010-4981

SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information...

CVE-2009-5088

SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter...

Exploit writing tutorial part 3 - SEH Based Exploits [RUS by p(eaZ]

Автор: Peter Van Eeckhoutte corelanc0d3r Перевод: peaZ 8/2011 В первых двух частях данного руководства, мы обсудили, как происходят классические переполнения буфера в стеке, и каким образом можно создать надежный эксплойт с использованием различных методик перехода к шеллкоду. Пример, который мы...

[SECURITY] Fedora 14 Update: dokuwiki-0-0.8.20110525.a.fc14

DokuWiki is a standards compliant, simple to use Wiki, mainly aimed at crea ting documentation of any kind. It has a simple but powerful syntax which makes sure the datafiles remain readable outside the Wiki and eases the creation of structured texts. All data is stored in plain text files no...

CVE-2011-1667

SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action...

[SECURITY] Fedora 14 Update: TeXmacs-1.0.7.9-2.fc14

GNU TeXmacs is a free scientific text editor, which was both inspired by TeX and GNU Emacs. The editor allows you to write structured documents via a WYSIWYG what-you-see-is-what-you-get and user friendly interface. New styles may be created by the user. The program implements high-quality...

[SECURITY] Fedora 15 Update: TeXmacs-1.0.7.9-2.fc15

GNU TeXmacs is a free scientific text editor, which was both inspired by TeX and GNU Emacs. The editor allows you to write structured documents via a WYSIWYG what-you-see-is-what-you-get and user friendly interface. New styles may be created by the user. The program implements high-quality...

AutoPlay 1.33 Buffer Overflow

!/usr/bin/python AutoPlay v1.33 autoplay.ini Local Buffer Overflow Exploit SEH Vendor: Naugher Software Product web page: http://www.naughter.com Affected version: 1.33 Summary: AutoPlay is a shareware application used for making autorun.ini files that can be edited and stored to compact disks...

AutoPlay 1.33 (autoplay.ini) - Local Buffer Overflow (SEH)

AutoPlay 1.33 autoplay.ini - Local Buffer Overflow SEH !/usr/bin/python AutoPlay v1.33 autoplay.ini Local Buffer Overflow Exploit SEH Vendor: Naugher Software Product web page: http://www.naughter.com Affected version: 1.33 Summary: AutoPlay is a shareware application used for making autorun.ini...