VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.
330ad2faec658aa70f9c70da1561497c7262a8b59546d2216438b7b6ffe83195VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
43aac8ed8976ed13ccda0e97861b2b3709629169f2556b198b2d482442b2cbaaVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
603e49d5fa7011c1d086f935bb72cb2deb90d9588947988c40c05def92caa937VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
591d6c511bb8a6f88dba0fe4856dfb099b7d1dc89c130d5503e1e15766321d24VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
346bc82297626beb2fbe7a81582c8835f6d44e92821bfd9f647b17eefd9bbb86Ubuntu Security Notice 1033-1 - It was discovered that Eucalyptus did not verify password resets from the Admin UI correctly. An unauthenticated remote attacker could issue password reset requests to gain admin privileges in the Eucalyptus environment.
aa93d4e58bf0f16527a4bd871d05ccec8f42aa8838181244caa4e816a8a2e784Zero Day Initiative Advisory 10-292 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of URL parameters when posting to the login form of the web based management web server. Proper bounds checking is not applied when parsing the Login variable which can result in an exploitable stack overflow. Successful exploitation can lead to complete system compromise under the SYSTEM credentials.
7603b259a27c7b72030c41173d6dcc10d07372d3faf4ab86bf2d90626588ffcaHP Security Bulletin HPSBUX02451 SSRT090137 4 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.
2974503ed85abbfb35af3cc0ad6fc4f63b6d035432f9ec878a658627f540f4e4HP Security Bulletin HPSBUX02351 SSRT080058 6 - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to cause DNS cache poisoning. Revision 6 of this advisory.
6e8f4adb26ce8cc79500fd1bf1929d520aa0fc5884ea250e266b7016d1893279Mandriva Linux Security Advisory 2010-256 - A cross-site scripting vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables. The updated packages have been patched to correct this issue.
12cc44b1f8163524c2c9ae6870b8f546fbe57f84baf66e8584fb168f16d0fad7HP Security Bulletin HPSBMA02617 SSRT100338 - A potential security vulnerability has been identified with HP Discovery & Dependency Mapping Inventory (DDMI) running on Windows. The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Revision 1 of this advisory.
05198b3253d8ebef9f6132d98dcdb651928590311060d3a38b99ba81888e9aeeHP Security Bulletin HPSBMA02545 SSRT100139 - A potential security vulnerability has been identified with HP Power Manager (HPPM) running on Linux and Windows. The vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
6e2988d31244a442c93893529f8e3f1ec635acdaceb8cb692d8eac66b7eec1daHP Security Bulletin HPSBST02620 SSRT100356 - A potential security vulnerability has been identified with HP StorageWorks Modular Smart Array P2000 G3. This vulnerability could be exploited to allow remote unauthorized access. Revision 1 of this advisory.
a51c5d9bff567dbf2478a76a0ada928af384ca136dab3254ac9bfffb82332c31Altarsoft Audio Converter version 1.1 SEH overwrite buffer overflow exploit.
f16f0f363fef6668a5e70abd3c6a00b408121eaadcaa1a0c2e3d66990ee65a88This is a CSS parser exploit for Microsoft Internet Explorer 8.
bb93e5b0b97b3265146ab82a2666e6d12d20f24dd92dd3234811b9e3d14fce58Gitweb version 1.7.3.3 suffers from a cross site scripting vulnerability.
3ed463648b053ada81f47d5062c2c073c26f44f5eb1e4f00a348c171ca401103Aesop GIF Creator versions 2.1 and below buffer overflow exploit that creates a malicious .aep file.
61914cba537898b62cc6712d77ea4ba353aff9349752feb03f24d19053973d1bslickMsg version 0.7-alpha suffers from a cross site scripting vulnerability.
d6be37b63afeff30e7d9ca9a1ef68e86f48b4bcbc2499252f6bd6c4d3c022dceThe Joomla JRadio component suffers from a local file inclusion vulnerability.
aac4f7781d918cdd92d3ac53ac802b5532cc97fc3f84720acfa591ce3946d1bfphpRS suffers from a remote SQL injection vulnerability in model-kits.php.
b387f2049ee316321f253a3374aaec7cc0a4b250856fd1fddde2f69cca339647eWRC.cz Portal suffers from a remote SQL injection vulnerability.
0511e1957ec234062cff8993aeccf888efc4f2587a68c5e32b404cac7b9ccd8fThe Call for Papers for the third Swiss Cyber Storm Security Conference in Switzerland is now open where the eminent figures in the international security industry will get together and share best practices and technology. The conference will be held at the University of Applied Sciences in Rapperswil lakeside of Lake Zurich on May 12th through the 15th, 2011.
29233772221917a46b1f9f91794ca46ed956babee68f2500e87bce97009b4cc4The Joomla Lyftenbloggie component suffers from a cross site scripting vulnerability.
74aacac0efc848b19ed3319b23dc16ab918331d64b7c64adf86d704ba0106a2bThe QualDev eCommerce script suffers from a remote SQL injection vulnerability.
13dcbe404016dabb654ca408e807871f75a29f71d7b84b3419b42b8e452dbcebPHP Universal Web Messenger suffers from a cross-domain redirect vulnerability.
3d11a6d4f9d5cdf42c90ac17922caf1bba35357aa4b5bbdfd7e1d98500977074
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed