Whitepaper called CRLF Injection Attacks. Written in Persian.
1509c9511fea5145f36d6659fb23e61045c085533bc60b87c71b869a8193189dWhitepaper and presentation called Exploitation on ARM.
358de2730a3bfe6eb9b8b1f0d6bebc97b3a16eee2036fa3fb4fdfd88adf6c167AtomixMP3 version 2.3 buffer overflow exploit for Microsoft Windows XP3 FR.
9fdb40040f82ff59d065c3e16cb9f542a73b406e8ad65f714d618c2ad8925b4cMicrosoft Windows win32k.sys driver "CreateDIBPalette()" suffers from a buffer overflow vulnerability.
052b6e13ef068fcae01d15156200b91b305d0259552ddd6a0264d9a524e80261Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
df152eb282e18a93d369d9d2a4b5080144ecc1e024ca75649e2b5307ca065711This is a whitepaper about breaking reCAPTCHA along with the presentation given at Defcon 18 (showing how the author broke it a second time right before the conference). There is also the word list included that was used for the crack and a video demonstrating this in action.
96be8e82237fc662626c7481c5331dbc1f5b7a900942251c08e22c1a07bb875cMandriva Linux Security Advisory 2010-146 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file. Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file. tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service via a crafted TIFF file, a different vulnerability than CVE-2010-2443. The updated packages have been patched to correct these issues.
97281473d38a1c17020486c8ef8d34328b374f039467458966916cddef933680Mandriva Linux Security Advisory 2010-145 - The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF file that triggers a heap-based buffer overflow. Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values. The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error. The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.
25f14ded470d4ea2318841b1889fdb846d07a7f1783d57bb25b0010d9d997aa0HP Security Bulletin - A potential security vulnerability has been identified in ProCurve 2626 and 2650 Switches. The vulnerability could result in remote unauthorized access.
05e02f24e43d1005816cfa24824554c6cf86f4e59ccfbf020c6870c11a3e1db7RSA enVision versions prior 3.7 SP1 may contain potential denial of service vulnerability.
7566319f767757867865456f7784400be8a8be03606701a7b11d6e60fb586707KDPics version 1.11 suffers from a remote file inclusion vulnerability.
c1ad5f6b885bff1b78c90b17e69d370b769e56b38b12c045569f2fcb875cfce8The Joomla Main component suffers from a remote SQL injection vulnerability.
95642c1060ff97f5284fc377799e558c8baf91ee009e4f0d840c1a63cd609e9a37 bytes small sethostname to c0debreaker Linux shellcode.
503a2c0b7310baafb5afce9928d525d7be73f0a0625fd756db4188bd83e03c91Dataface version 1.0 suffers from cross site scripting and path disclosure vulnerabilities.
f70cfd09b2107b8d417410ba24076a80e8da87195d21e359c0f69ff9e0ba3f2bUbuntu Security Notice 969-1 - It was discovered that the PC/SC service did not correctly handle malformed messages. A local attacker could exploit this to execute arbitrary code with root privileges.
7811f87951b4936291b4ef97a6c80e9a730967846266aa52690d1e839a0dc730This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control. The control accepts a 'debug' parameter that is expected to be either "yes" or "true". If a string of a specific length is provided instead, a processing loop within the ExecuteRequest method can be made to corrupt a stack-based buffer. This can be leveraged by a remote attacker to execute arbitrary code under the context of the user running the web browser.
8dbb5d8b6807df3734afa4e092b527b75a911323e3f79ba1f93c76c5ff72e259This vulnerability allows remote attackers to delete all files on a system with a vulnerable installation of the Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the nipplib.dll module that can be reached via the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The CleanUploadFiles method appears to be used to remove temporary files within a contained directory. However, due to a logic flaw a remote attacker can abuse the function to force the process to recursively delete all files on the target system.
cafa8a25eb9d3c6fd19ac0c1402793019299c2574d4537a71493b15337af1324HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve 2610 Switches running DHCP. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS).
433e52cff1bbe7d663d27b5238a8a1b3dedcbc5b57fe8ed4fc3be66d84ff3768HP Security Bulletin - A potential security vulnerability has been identified in the ProCurve 2610 Switch In-band Agent. The vulnerability could be remotely exploited resulting in a Denial of Service (DoS).
bd5a315e95471482f3190a2fca7b76e9902be99eb297f04e6d862bf2643a3a02Frigate version 3.36 suffers from a directory traversal vulnerability.
3956532e3bbee40bfe758fbcb71671930a76b645d5a2d25a808f85195a9fc5cfThis program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.
df5f88350c8557ac3ddf7b31863da8cc0cf9163ec0473d04dbc559eea9ed7902Debian Linux Security Advisory 2089-1 - Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor.
0ce5b16b55beed371cfcf51be1ebd61a21cffafa2fb657fbe3999380c36cd4d0Zero Day Initiative Advisory 10-142 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of the first-letter style in the context of an SVG text element. Upon applying the style to this element, the library will calculate the height for determining the overflow for an inline box. While traversing the elements for the height, the library will utilize data from a non-existent linebox. Successful exploitation will lead to code execution under the context of the application.
08f506cbb1ba71097c06089086918680a3ac1c63e340bde4925c0cc9d05b3885Zero Day Initiative Advisory 10-141 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's layout implementation of an particular tag used for embedding a foreign document into the SVG namespace. Later when the application attempts to calculate layout information for rendering the contents of the tag, the application will attempt to access a linebox that was previously destroyed. Successful exploitation can lead to code execution under the context of the application.
e19313bc4dfe7e353f078dc197a46a139920c1adcff50c447522e6e7908af4e4Ubuntu Security Notice 968-1 - It was discovered that the Ubuntu image shipped on some Dell Latitude 2110 systems was accidentally configured to allow unauthenticated package installations. A remote attacker intercepting network communications or a malicious archive mirror server could exploit this to trick the user into installing unsigned packages, resulting in arbitrary code execution with root privileges.
6cb7cb1dcfeabb850f3a2dfbe5e6c6aefbaa092250dd76574e4071f9233bc069
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed