Adobe Reader 9.3.2 - 'CoolType.dll' Remote Memory Corruption / Denial of Service

/ Title: Adobe Reader 9.3.2 CoolType.dll Remote Memory Corruption / DoS Vulnerability Summary: Adobe Reader software is the global standard for electronic document sharing. It is the only PDF file viewer that can open and interact with all PDF documents. Use Adobe Reader to view, search, digitall...

Gmail Checker Plus Chrome Extension Cross Site Scripting

Gmail Checker plus Chrome extension XSS extension: https://chrome.google.com/extensions/detail/mihcahmgecmbnbcchbopgniflfhgnkff advisore:http://lostmon.blogspot.com/2010/06/gmail-checker-plus-chrome-extension-xss.html Exploit available:yes So in this case "Google Mail Checker Plus" version 1.1.7...

Xerox Workcenter 4150 - Remote Buffer Overflow (PoC)

Xerox Workcenter 4150 - Remote Buffer Overflow PoC Application: Xerox Workcenter 4150 Remote Buffer Overflow Platforms: Xerox Workcenter 4150 Discover Date: 2009-12-21 Author: Francis Provencher Protek Research Lab's Blog: http://www.Protekresearchlab.com 1 Introduction 2 Report Timeline 3...

Solaris Update for rpc.nisd 140917-02

Check for the Version of rpc.nisd OpenVAS Vulnerability Test Solaris Update for rpc.nisd 140917-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

Solaris Update for kcms_server and kcms_configure 111400-04

Check for the Version of kcmsserver and kcmsconfigure OpenVAS Vulnerability Test Solaris Update for kcmsserver and kcmsconfigure 111400-04 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

Solaris Update for /usr/lib/dcs 111332-08

Check for the Version of /usr/lib/dcs OpenVAS Vulnerability Test Solaris Update for /usr/lib/dcs 111332-08 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Solaris Update for sshd 140119-06

Check for the Version of sshd OpenVAS Vulnerability Test Solaris Update for sshd 140119-06 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the G...

Fedora 10 : kvm-74-10.fc10 (2008-11727)

---------------------------------------------------------------------- ---------- ChangeLog : - Mon Dec 22 2008 Glauber Costa - 74-10 - Fixed CVE-2008-2382. - Thu Dec 4 2008 Glauber Costa - 74-9 - Fixed bug that corrupted gnome-panel 474703 - Tue Dec 2 2008 Glauber Costa - 74-8 - Properly set fla...

CentOS Update for xpdf CESA-2008:0240 centos4 x86_64

Check for the Version of xpdf OpenVAS Vulnerability Test CentOS Update for xpdf CESA-2008:0240 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for unzip CESA-2008:0196 centos3 i386

Check for the Version of unzip OpenVAS Vulnerability Test CentOS Update for unzip CESA-2008:0196 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

TLS certificates can be used to execute arbitrary code – Opera Security Advisories

TLS certificates can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | February 13, 2009 Severity Highly Severe Problem Description When connecting to a TLS-protected website, Opera parses the X.509 certificate. If a site uses a specially crafted Subject Alternative Name ...

FreeBSD-SA-09:01.lukemftpd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:01.lukemftpd Security Advisory The FreeBSD Project Topic: Cross-site request forgery in lukemftpd8 Category: core Module: lukemftpd Announced: 2009-01-07...

kernel security and bug fix update

kernel-2.4.21-57.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - ora 5088963: io to nfs partition hangs - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli kernel-2.4.21-57.EL -...

CA DSM gui_cm_ctrls.ocx ActiveX控件远程代码执行漏洞

BUGTRAQ ID: 28809 CVECAN ID: CVE-2008-1786 CA桌面和服务器管理（DSM）产品中包含多种应用，分别用来执行软件分发、远程控制和资产管理任务。 DSM产品所提供的guicmctrls ActiveX控件没有充分的验证函数输入，如果用户受骗访问了恶意网页的话就可能导致拒绝服务或在WEB浏览器会话中执行任意代码。 Computer Associates guicmctrls.ocx 11.2.3.1896 Computer Associates guicmctrls.ocx 11.2.2000.4 Computer Associates...

Simple Machines Forum multiple sql injection flaws with exploit code.

SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...

ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability

ZDI-07-041: Panda Software AdminSecure Agent Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-041.html July 24, 2007 -- CVE ID: CVE-2007-3026 -- Affected Vendor: Panda Software -- Affected Products: Panda AdminSecure 2006 -- TippingPointTM IPS Customer Protection:...

EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability

Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability Release Date: July 5, 2007 Date Reported: Jan 19, 2007 Severity: High Remote Code Execution Vendor: Sun Microsystems Systems Affected: Java Runtime Environment 6 Update 1, and earlier Java Runtime Environment 5 Update 11, and earlier...

SOL3277 - mod_ssl and ssl_log vulnerability VU#303448

Information about this advisory is available at the following location: F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS version 4.5.11 and 4.6.2. For instructions about downloading software from F5, refer to SOL167: Downloading software from F5. A VU303448 patch has...

CentOS 3 / 4 : gnupg (CESA-2006:0754)

Updated GnuPG packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. Tavis Ormandy discovered a stack overwrite flaw in t...

PHP-Nuke <= 7.9 (Encyclopedia) Remote SQL Injection Exploit

No description provided by source. ? / Neo Security Team - Exploit made by Paisterist on 2006-10-22 http://www.neosecurityteam.net / $host="localhost"; $path="/phpnuke/"; $prefix="nuke"; $port="80"; $fp = fsockopen$host, $port, $errno, $errstr, 30; $data="query=fooaa&eid=foo'//UNION SELECT pwd as...