It appears that a number of vulnerabilities have been discovered in implementations of SSDT hooks in many different products. Vulnerable products range from BlackICE, Norton Internet Security, Process Monitor, and more.
10cab1f6a9cbfe4aa37ddf1207fd3c8ef40386c2d2758a0eadfeaeb9d168a631Creative Zen Vision M MediaExplorer version 5.x suffers from a buffer overflow vulnerability.
c47392dc69dac37cad3c421eede14a1ad0a8d696c1e116264d14c746987c65c3PwsPHP suffers from a remote SQL injection vulnerability in the sondages module.
4ffd0e47f2a18d22f34fda3092a5df54c6964d2db0fa957b1d43036be262de62Mandriva Linux Security Advisory - The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error.
2975f9882100605d91b524f1ccf697a2b0e184927a8e9ccc4e9208c694ed6e31Mandriva Linux Security Advisory - A vulnerability in Cacti 0.8.6i and earlier versions allows remote authenticated users to cause a denial of service (CPU consumption) via large values of the graph_start, graph_end, graph_height, or graph_width parameters.
9b303a50a2d12f8dd11369f54f215c3b446cd45fbc6b21d21c127ec173b0c2fbiDefense Security Advisory 09.17.07 - Remote exploitation of multiple integer overflow vulnerabilities within OpenOffice, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code. iDefense has confirmed the existence of these vulnerabilities in OpenOffice version 2.0.4. All versions prior to version 2.3 are suspected to be vulnerable.
80f35f17608e9804ce33065672ea577a22c9aa27649c9cffcf54c480734c87a7Coppermine versions 1.4.12 and below suffer from cross site scripting and local file inclusion vulnerabilities.
be1f842763f76400b99bb1cecc955baecaa6e424d2e684a4257d7f2240ba88a0b1gmail version 6.3.1 suffers from a cross site scripting vulnerability.
115173274ebdd10d0947b94c456abf8fcf3afb3f885203eec3ad433739e9ea49Symantec Vulnerability Research SYMSA-2007-009 - There exists a design flaw in RemoteDocs R-Viewer where code can be executed upon opening the RDZ file without any knowledge or warning to the user. Additionally, temporary files are not properly removed of disk exposing the encrypted data.
88568888c9cd8a24f0d26959541bf6bfe530ade1216a4b3297bc1b154a7f0932Debian Security Advisory 1375-1 - A heap overflow vulnerability has been discovered in the TIFF parsing code of the OpenOffice.org suite. The parser uses untrusted values from the TIFF file to calculate the number of bytes of memory to allocate. A specially crafted TIFF image could trigger an integer overflow and subsequently a buffer overflow that could cause the execution of arbitrary code.
d13e279ca1736063ab47b11e49cdd5989ea0d7a84f8198812e7218116705a0fdAlcatel-Lucent OmniPCX suffers from a remote command execution vulnerability. Details provided.
2f285ee1ca4f7cd8d73a0bd45509d5332a7980bc9f886d9b434baacc93dcccd6Secunia Security Advisory - Stelios Tigkas has reported a vulnerability in RSA enVision, which can be exploited by malicious people to conduct cross-site scripting attacks.
26610b644bb0f3eeb338d48d9f00091cd317f00302e2b0eb05021cd3b0b1807aSecunia Security Advisory - Debian has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
15d09b171251652b11811e1c515dc513234d33d2bf4b64bd820e2986740f28f8Secunia Security Advisory - shinnai has discovered two vulnerabilities in MW6 Technologies QRCode ActiveX control, which can be exploited by malicious people to overwrite arbitrary files.
01c77f784f8363409a53237a8890cac8c65d0efa1c5be0825164f38ccc1881a4Secunia Security Advisory - Raz0r has discovered some vulnerabilities in Shop-Script FREE, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system.
68e28cabdad65b9cef1c1ce847fc5862d0bc15d31e5c7453b71926cec51bf866Secunia Security Advisory - L4teral has discovered two vulnerabilities in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to disclose sensitive information.
cbae7d897ca0dc31c4d5c533a0c4da6691ca27374e3427c77f6e6b1070a98eb4Secunia Security Advisory - Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
60b5a3a332f1dc39ab2aa01f793d5ae71d06ebc5f795284d0dea7ef641ed2ff9Gentoo Linux Security Advisory GLSA 200709-09 - Dmitry V. Levin discovered a directory traversal vulnerability in the contains_dot_dot() function in file src/names.c. Versions less than 1.18-r2 are affected.
b8e752fcba39278680d125f89cbfaa590d77d56976332487c361a209614c28a1Gentoo Linux Security Advisory GLSA 200709-08 - Nikolaus Schulz discovered that the function RenderV2ToFile() in file src/tag_file.cpp creates temporary files in an insecure manner. Versions less than 3.8.3-r6 are affected.
5842cdac4061d9ada9eb0157fbdb5f626a28a6fb9cd4708399050328bc78f6b0Gentoo Linux Security Advisory GLSA 200709-07 - Bow Sineath discovered a boundary error in the file mod/server.mod/servrmsg.c when processing overly long private messages sent by an IRC server. Versions less than 1.6.18-r2 are affected.
cf4ee6d1d3d7ace2d5175b8a823dfe966d004aa562ae3d33f1579a19f2dae4b1Gentoo Linux Security Advisory GLSA 200709-06 - A possible buffer overflow vulnerability has been reported in the local__vcentry_parse_value() function in vorbiscomment.c. Versions less than 0.0.11 are affected.
9e6af0403420a5e2f5ae83576528313bc511a3e3bf9ea3feac396df8bd99100cGentoo Linux Security Advisory GLSA 200709-05 - A stack-based buffer overflow vulnerability has been reported in the SmilTimeValue::parseWallClockValue() function in smlprstime.cpp when handling HH:mm:ss.f type time formats. Versions less than 10.0.9 are affected.
41b064c7b9096997a93ba77fa4165fbcc165426dcf9d2e5af52acd18eebd40beUbuntu Security Notice 512-1 - It was discovered that Quagga did not correctly verify OPEN messages or COMMUNITY attributes sent from configured peers. Malicious authenticated remote peers could send a specially crafted message which would cause bgpd to abort, leading to a denial of service.
3cc3380feb4d04448cd6791b3410de869a29f2e008772ea7e280019194ce96feThe imageop.c module for Python contains a heap overflow.
490a5fbb25c077ee3a863970ba75b25a6cb3c948e7425377ae42565ce2687fffWinImage version 8.10 is susceptible to denial of service and directory traversal vulnerabilities.
89be441d7ec8a391773bc8232af0584811a2aad40f9cb06cd0bd23c9e44405a9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed