GDivX Zenith Player AviFixer Class (fix.dll version 1.0.0.1) buffer overflow proof of concept code.
bc6dbf15c2f3f1fba616663b1700daaa7f2f4b1bfa8a240b2907e182febb247aMonth of ActiveX Bugs - BarCodeWiz ActiveX Control version 2.0 remote buffer overflow exploit proof of concept code.
1f90274bb566b88a182b7200de331f57d0d4800cc7505c47f890c853ae628970Month of ActiveX Bugs - SmartCode VNC Manager version 3.6 denial of service exploit.
2587ae2ba958f345fcef63ef0299b9d92a030fb2ad3ae3e93c16472c96ecee07iDefense Security Advisory 05.08.07 - Remote exploitation of a buffer overflow in an ActiveX control distributed with McAfee Security Center could allow for the execution of arbitrary code. iDefense confirmed the existence of this vulnerability using McAfee Virus Scan 10.0.27 running on Windows XP SP2. However, many additional McAfee products are reported to install this component.
e0b63ce8dab1d5c412d486aca7e7be5a5fc80ee519b246ecb9c10879fee082f3Mandriva Linux Security Advisory - An off-by-one error was discovered in the PyLocale_strxfrm function in Python 2.4 and 2.5 that could allow context-dependent attackers the ability to read portions of memory via special manipulations that trigger a buffer over-read due to missing null termination.
dd41e54ae7130a49a2fbead064931c74e417371e6cec07091d882cda95862338Mandriva Linux Security Advisory - iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c.
f779297792f061a11dc7ac1e1518200bcda326bb25d5bdc314f18267458a8b86Determina Security Research has discovered a denial of service vulnerability in the code responsible for parsing iCal email attachments in Microsoft Exchange. This vulnerability can be exploited by a malicious email message and results in a denial of service. The vulnerable code is present in Exchange 2000 and 2003.
ebab06b649822f2a01004927c501873f74ff5954cdb57c27bd9b844708cd3c6aDebian Security Advisory 1288-1 - It was discovered that the PoPToP Point to Point Tunneling Server contains a programming error, which allows the tear-down of a PPTP connection through a malformed GRE packet, resulting in denial of service.
2ac42127e0d3137816a79db85a306356b5f16334c41f2199c63ff0b5410afbf2Technical Cyber Security Alert TA07-128A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Office, Exchange, Cryptographic API Component Object Model (CAPICOM), and BizTalk. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
14ce72bcd7d50ce8e2f7d3c0e24a631b7a9855570bec28fb5e90f800b6bc4982HP Security Bulletin - A potential security vulnerability has been identified with the HP Tru64 UNIX Operating System running the dop command. The vulnerability could be exploited by a local, authorized user to execute arbitrary code with the privileges of the root user.
5eecd75382a9f10d9bc5ee55f4ad373b9fe173b2f8c74648a93b5afebb4f873fA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
67fd809dbbdf32f17c02256186fd27b1873f2f320b68c5554425abb1092380a9A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file.
ef669ce4d1bccbba916110c3a7f7c8ba06b3b023b92af428a7bd333bf935c949The AP Newspower software installs with a MySQL instance that has a blank root password, allowing for remote attackers to manipulate the news.
144c6b63952b1f12725c1e1545c227016bd7406767f9ebe534c45c7d13b1e817Gentoo Linux Security Advisory GLSA 200705-11 - mu-b discovered a NULL pointer dereference in item_cmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when sorting certain types of queries on the database metadata. Versions less than 5.0.38 are affected.
ca576939c2f74544cd1e9574e4596fa1836ee93bb2aeef2c794307e0b17e4a2bGentoo Linux Security Advisory GLSA 200705-10 - The libXfont code is prone to several integer overflows, in functions ProcXCMiscGetXIDList(), bdfReadCharacters() and FontFileInitTable(). TightVNC contains a local copy of this code and is also affected. Versions less than 1.2.9-r4 are affected.
2fc25a79b7ffa81e21e6c4c5e2b22c388fa4a3033e765361858a4ee48158de8aUbuntu Security Notice 458-1 - A flaw was discovered in MoinMoin's error reporting when using the AttachFile action. By tricking a user into viewing a crafted MoinMoin URL, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user's authentication information for the domain where MoinMoin was hosted. Flaws were discovered in MoinMoin's ACL handling for calendars and includes. Unauthorized users would be able to read pages that would otherwise be unavailable to them.
79ff4007940ac7bc6cb3a1e7d6bfafb16c9d212d42fe70817b345ccb7b9731deGentoo Linux Security Advisory GLSA 200705-09 - The isakmp_info_recv() function in src/racoon/isakmp_inf.c does not always check that DELETE (ISAKMP_NPTYPE_D) and NOTIFY (ISAKMP_NPTYPE_N) packets are encrypted. Versions less than 0.6.7 are affected.
d546c79fb30a05d6b8a9f99fd305b1fac26040a9680632212873bc9048a2a90aThe Web Application Security Consortium (WASC) is pleased to announce the inital release of data collected by the Distributed Open Proxy Honeypot Project. This first release of information is for data gathered from January - April, 2007. During this timeframe, they had 7 internationally placed honeypot sensors deployed and sending their data back to our central logging host.
700323b4962f1da896339127c4ec5bc96ddcf8fd5e289d977d332392c31a9d24Secunia Security Advisory - Secunia Research has discovered a vulnerability in BearShare, which can be exploited by malicious people to compromise a user's system.
90046eff12efb6ce1bed899d807733f0bfdb2cef135af60c14f63236078c33e6Secunia Security Advisory - Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
b30536e07d8c945b64f8e3ce3351e84916a2d41d3b0e5550ed7e463450035014Secunia Security Advisory - Jean-Sebastien Guay-Leroux has reported a vulnerability in Barracuda Spam Firewall, which can be exploited by malicious people to cause a DoS (Denial of Service).
3ff5c5a83adec7b447859fb62cfad429dd5560ce6153e602557739d88793a5d5Secunia Security Advisory - Jean-Sebastien Guay-Leroux has reported a vulnerability in avast!, which can be exploited by malicious people to cause a DoS (Denial of Service).
96d086906a9f44733c11d507428072e86dfb8dc35a4d6b079ec5fee1471e4e22Secunia Security Advisory - John Martinelli has reported a vulnerability in Bradford Campus Manager, which can be exploited by malicious people to gain unprivileged access to restricted data.
1b4644c3295ba2b90b3c7b940765373f795314eb6c32547dec037cf1b9a2dc5dSecunia Security Advisory - Gentoo has issued an update for ipsec-tools. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
3d411ea2174dab5d56506686d54178eb2e96419b11839da4d3cb281acbec0e53Secunia Security Advisory - A vulnerability has been reported in IBM DB2, which can be exploited by malicious people to compromise a vulnerable system.
0a4cc39a8ebbe1047719f9cc94617f3c83e7428cf10c601c88035e47c5401c43
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed