Whitepaper discussing how to make a backdoor with return oriented programming and ROPgadget. Written in French.
359f35beea9bb5e9dd45e28409ccda1fe40ca5f1e3ecfdbb92abacf00fc0bf60HP Security Bulletin HPSBUX02655 SSRT100353 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
e346b8b46ce9d883703929cb0f1c0ade0f563cfcc5e2c9c8d0e3866d7db8386aiDefense Security Advisory 04.12.11 - Remote exploitation of a use-after-free vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when an object is exchanged during a call to a certain function. The object's memory is freed, however a reference to the object remains. When the reference is later used to access the object, this now invalid memory is treated as a valid object and one of the object members is used to make an indirect function call. This may result in the execution of arbitrary code. Internet Explorer versions 6 and 7 are vulnerable.
ee1c187d4880611f77e4216b21f1e62e5843ac4ca0b80b7c4c52c115321f230bUbuntu Security Notice 1109-1 - It was discovered that GIMP incorrectly handled malformed data in certain plugin configuration files. If a user were tricked into opening a specially crafted plugin configuration file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that GIMP incorrectly handled malformed PSP image files. If a user were tricked into opening a specially crafted PSP image file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
77f492130e2dc376e1d8736c48fb2cf8934f9e3604d40847c960256ebf2893ecTinyBB version 1.4 suffers from path disclosure and remote blind SQL injection vulnerabilities.
5824faed8f48f9b5f4365dcb4e716b045a828bbada6e6fc54626c55ce7ffe0d0nSense Vulnerability Research Security Advisory - A PDF file format parsing vulnerability exists in the pdf2tif parser and can be exploited with a specially crafted input file. The plugin suffers from a buffer overflow flaw. Many server side applications use the library when converting pdf files to images. If an attacker is able to send the application a malicious file, successful exploitation leads to code being executed in the context of the running application.
6d62e5ba3582674b5aac158e6513d08ef73fcc69b021c695bef4f4ea131dc703Secunia Security Advisory - IBM has acknowledged a vulnerability in Virtual I/O Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
f685dd1c5f6e98ab20e5f70f4a817c29d0f1541e61d0109dd127cc042161047aSecunia Security Advisory - Debian has issued an update for gitolite. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
b66174312be6c3a4e18784ecb0294b1ec9f7598bf62004b5bc576d25764ae88bSecunia Security Advisory - nSense has reported a vulnerability in PDF Extract TIFF, which can be exploited by malicious people to compromise an application using the library.
f11d62c066c0aaeff407b86e98aded5415ff4525cdccc6f23ef1f0be46953d6bSecunia Security Advisory - Some vulnerabilities have been reported in multiple HP Photosmart printers, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and manipulate certain data.
17f7ee803196101033f7ee4e975b745e54b6627fe8e6ddef6cd6107aec1f49f1Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
85548ebcc3d402a18377376d58d9ed7e2583150ac4d5f3ff797a5eaecd7f2c66Secunia Security Advisory - A vulnerability has been reported in Adobe Acrobat/Reader, which can be exploited by malicious people to compromise a user's system.
f7bda4a047c27a6de7c2cb855c341d71b3eaf220435b1361b68c8ecd582b9791Secunia Security Advisory - A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a vulnerable system.
47039b0d8bdd74899622377e13f58fdf81b5994b3bc3ae0c809fe29f8dfb24ffSecunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.
877f2db93bcc46a32f3697d123e7c695c5acaa42d8d051a6b76694aa6348d629Secunia Security Advisory - Parvez Anwar has discovered two vulnerabilities in ISIS Papyrus AFP Viewer, which can be exploited by malicious people to compromise a user's system.
f9d7d9b485732f28496b8f80152bcf01c0465b5da2ca7980961bd539895df300Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
7e50c95497e62b74a46824f82da6d4896ad31c2e1c9c5352c2bbbd4b19a231e8Secunia Security Advisory - Red Hat has issued an update for xorg-x11. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
460c6b8c128dcdc37f85fd7503393af058bea455ebbccd2adea904895225170bSecunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious users to cause a DoS (Denial of Service).
6f142c7ae5f679b70420d8fcb12746d9782d192c598c76ee7ee108cb8196d467
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed