Gentoo Linux Security Advisory GLSA 200511-03 - Chris Evans and Daniel Eisenbud independently discovered two out-of-bounds memory write operations and a NULL pointer dereference in giflib. Versions less than 4.1.4 are affected.
d1036c1911648df7f22154d96ff0a7da0a6ac861b6ffa59920e8812548fd12cbProof of concept code showing the simple syntax needed to exploit the cross site scripting vulnerability in phpinfo.php for PHP versions 4.4.0 and below and 5.0.5 and below.
df410a755e0237e3e4f3fb77b4b9b431dc74d3c5756c946f73da426fd1261a7dDebian Security Advisory DSA 881-1 - Yutaka Oiwa discovered a vulnerability in the Open Secure Socket Layer (OpenSSL) library that can allow an attacker to perform active protocol-version rollback attacks that could lead to the use of the weaker SSL 2.0 protocol even though both ends support SSL 3.0 or TLS 1.0.
708143c7949a25b7e18c7c30d869bfeef7426dbd3787cdb3ff22b96a07fec4cbBy playing with parameter manipulation, you can download other people's uploads in Cerberus Helpdesk.
89dd670a39963a99cbb22bbc52bca82a2dc1bb072c00aaec3284fae378a6d6b4Apple QuickTime PictureViewer is reported prone to remote memory overwrite vulnerability (exploitable via remotely originated content). Expansion of compressed PICT data could exceed the size of the destination buffer, this cause an memory overwrite. The vulnerability may lead to remote code execution when specially crafted picture file (PICT file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
3b036f60cdfd01972d16163f01c31f694e97731c38b410af970ba5984b080fa5Apple QuickTime Player is reported prone to remote denial of service attack (exploitable via remotely originated content). A missing movie attribute is interpreted as an extension, but the absence of the extension is not flagged as an error, resulting in a de-reference of a NULL pointer. This will cause a denial of service against any application loading remotely-originated content. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
78f76c0519c801a0dfe0a4623f3d5c7c7bcc6623dc6b84d531c8fc2e896f1c67Apple QuickTime Player is reported prone to remote integer overflow vulnerability (exploitable via remotely originated content). Improper movie attributes could result in a very large memory copy, which lead to potential memory overwrite. The vulnerability may lead to remote code execution when specially crafted video file (MOV file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
a7fa09ceb9372c03ccbab0386d3205945a1fd05053debe49950536097f029a4dApple QuickTime Player is reported prone to remote integer overflow vulnerability (exploitable via remotely originated content). A sign extension of an embedded "Pascal" style string could result in a very large memory copy, which lead to potential memory overwrite. The vulnerability may lead to remote code execution when specially crafted video file (MOV file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
e5db0064c8b87bcc0db94f20691f219d8c4c634b26175e0704a2db53fdcf7edfSuperclick is susceptible to cross site scripting attacks in popup.php.
b33025e5cf8f2003785202f15e39c3074938cc2093cb49722715fd41efd48e0eSecunia Security Advisory - Luigi Auriemma has reported a vulnerability in Battle Carry, which can be exploited by malicious people to cause a DoS (Denial of Service).
995326e3fbdc9175331d326885723618784c03d94a63f57634836e991c01df9cSecunia Security Advisory - Luigi Auriemma has reported a vulnerability in Glider collect'n kill with an unknown impact.
11d3be34117ce2c719bcd833f04799a2a1a4b27246faa686dd54107d638ee4dcSecunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Scorched 3D, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
0f86d60fe52da8430c449b1954abfdc479600960c961481ce13bfece04db0baaSecunia Security Advisory - Luigi Auriemma has reported a vulnerability in GO-Global for Windows, which potentially can be exploited by malicious users to compromise a vulnerable system.
d92de07a0031b91e83a38295fcb846f8f244ee48b3a7db5b23eab660e0ee7fb0Secunia Security Advisory - Piotr Bania has reported some vulnerabilities in Apple QuickTime, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
07991a9bcb1d89aa89fc1823d52f3173fc04a38bd5a1529ae3c3a35ecaa815a4Secunia Security Advisory - Some vulnerabilities have been reported in Lotus Domino, which potentially can be exploited by malicious users to cause a DoS (Denial of Service), or with unknown impact.
a481f73b4c7577f88f1218b994ccbd5f840dff244e14b0d6fb2820846ddb0ad6Secunia Security Advisory - cumhur onat has reported a vulnerability in Cerberus Helpdesk, which can be exploited by malicious users to disclose sensitive information.
0947d4ed0cde711c5eff56c3d1c7e54a5f5642080d4f576e80119bba9513207bSecunia Security Advisory - Blue Coat has acknowledged a vulnerability in some products, which potentially can be exploited by malicious people to bypass certain security restrictions.
bdbd6d3f5fc505d3b5043dbd7d0797e64cf80228e84cd3210486ca9622156e6cSecunia Security Advisory - Some vulnerabilities have been reported in Clam AntiVirus (clamav), which potentially can be exploited by malicious people to cause a DoS (Denial of Service), or with unknown impact.
9ebb6859b21d9d2b03511a96e39a1eeca82ba4d66e892b3b5a4e9e77404c89d0Secunia Security Advisory - rgod has discovered a vulnerability in CuteNews, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
f96d8e6fd9fd9616e2d4dbbfc38f831a1002008370897b880a7b28d6b2a3c722Secunia Security Advisory - Chris Evans has reported two vulnerabilities in libungif, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
fbb6ae955d8b115c7036aeb4e0abffde5c8bed8a55343d9df938515753f8368bSecunia Security Advisory - Fedora has issued an update for libungif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
7a6a063cad4a7371c6a7ce066eda87043f6403c59fcbfa3e0e05d6f7e12b570cSecunia Security Advisory - A vulnerability has been reported in AIX, which has an unknown impact.
8c20a1d7f68fb751c42480b48a30afe6e60090e6768e3b3b8912d12368a849f5Secunia Security Advisory - Red Hat has issued an update for libungif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system.
6b512beefb4437454d289fde92a0b7412832d26b8efc461ab84a2bf030a99cf6Remote exploit that makes use of a buffer length checking issue in the Microsoft UMPNPMGR PNP_GetDeviceList (services.exe - ms05-047).
345a0d8ab4a6509f06d6a75f4f2eae744f2bf4df914b5e46c61fd00ce658368cQBrute 1.0 is a MD5 Calculator and Cracker written in Perl.
65394b99d0a0d96d30c6a74bbe2e27f3d15b005c38b3ba5d01f215770dad82d0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed