3944 matches found
Adobe Releases Security Bulletin for Adobe Reader and Acrobat
Adobe has released a security bulletin to address multiple vulnerabilities in Adobe Reader 10.0.1 and earlier versions for Windows, Adobe Reader 10.0.3 and earlier versions of Macintosh, and Adobe Acrobat 10.0.3 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities...
Null pointer dereference
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a 1 vws and 2 vwr file with an invalid Type property, which triggers an untrusted pointer dereference...
CVE-2011-2386
VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a 1 vws and 2 vwr file with an invalid Type property, which triggers an untrusted pointer dereference...
CVE-2011-2386
CVE-2011-2386 affects VisiWave Site Survey (VisiWaveReport.exe) prior to version 2.1.9 from AZO Technologies. The vulnerability arises when processing VWR/VWS files with an invalid Type property, triggering an untrusted pointer dereference and enabling user-assisted remote code execution. Public ...
Google Chrome Releases 12.0.742.91
Google has released Chrome 12.0.742.91 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
Adobe Releases Security Update for Flash Player
Adobe has released security bulletin APSB11-13 to address a vulnerability in Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux, and Solaris, and 10.3.185.22 and earlier versions for Android. Exploitation of this vulnerability may allow an attacker to conduct a cross-site...
VideoLAN Releases VLC Media Player 1.1.10
VideoLAN has released VLC Media Player 1.1.10 to address an integer overflow vulnerability in the xspf demuxer. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the release notes for VLC Media Player 1.1.10 a...
Gmail Phishing Attack
US-CERT is aware of public reports of a phishing attack that specifically targets US government and military officials' Gmail accounts. The attack arrives via an email sent from a spoofed address of an individual or agency known to the targeted user. The email contains a "view download" link that...
Apple Releases Malware Detection Tool
Apple has released Security Update 2011-003 for Mac OS X in response to the recent Mac fake anti-virus software. This update: adds a malware definition to the File Quarantine application causes the File Quarantine application to automatically update its malware definition list daily removes...
Cisco Releases Security Advisory for Cisco Internet Streamer
Cisco has released a security advisory to address a vulnerability in the web server component of the Cisco Internet Streamer application, which is part of the Cisco Content Delivery System. This vulnerability may allow an attacker to cause a denial-of-service condition. US-CERT encourages users a...
WordPress Releases Version 3.1.3
WordPress has released WordPress 3.1.3 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the WordPress Codex document for version 3.1.3 and apply any necessary updates t...
VisiWave Site Survey Report VWR File Handling Overflow
The version of VisiWave Site Survey on the remote host is earlier than 2.1.9 and thus reportedly contains a file handling overflow. If an attacker provides a malicious VWR file and convinces a user to open it with VisiWave, VisiWave may execute malicious code in the context of the user. C Tenable...
VisiWave VWR File Parsing Vulnerability
This module exploits a vulnerability found in VisiWave's Site Survey Report application. When processing .VWR files, VisiWaveReport.exe attempts to match a valid pointer based on the 'Type' property valid ones include 'Properties', 'TitlePage', 'Details', 'Graph', 'Table', 'Text', 'Image', but if...
SA-CONTRIB-2011-021 - Webform - Multiple Vulnerabilities
Webform module enables you to create custom webform or survey nodes. These nodes typically may be created either by editorial teams or administrators. Webform does not sufficiently check directory access when a user configures an upload field. This may allow a user to upload malicious files to th...
Adobe Releases Flash Player and Flash Media Server Updates
Adobe has released updates for Flash Player and Flash Media Server to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.2.159.1 and earlier versions for Windows, Macintosh, Linux, and Solaris; Adobe Flash Player 10.2.157.51 and earlier versions for Android; Adob...
Microsoft Releases May Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office as part of the Microsoft Security Bulletin Summary for May 2011. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the...
Osama Bin Laden's Death Email Scams, Fake Antivirus, and Phishing Attack Warning
Users should be aware of potential email scams, fake antivirus, and phishing attacks regarding Osama Bin Laden's death. Email scams may contain links or attachments that may direct users to malicious websites. Fake antivirus attacks may come in the form of pop-ups that flash security warnings and...
Mozilla Releases Firefox updates
Mozilla has released Firefox 4.0.1, 3.6.17, and 3.5.19 to address multiple vulnerabilities. The impact of these vulnerabilities includes arbitrary code execution, privilege escalation, directory traversal, and information disclosure. US-CERT encourages users and administrators to review the Mozil...
Nuke_Evolution_Xtreme <= 2.0 (SQLi/LFI) Vulnerabilities
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Nuke Evolution Xtreme 2.0 SQL Injection / Local File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...