Zero Day Initiative Advisory 11-268 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles DEFINEFONT fields in Flash Files. When the process parses corrupt a ShapeRecord with the DefineFont record it reads outside a stack buffer and uses a random stack value as a heap pointer. Later this pointer will be used to write data into. The resulting corruption can lead to remote code execution under the context of the current user.
5e61aa1c0dd0d3322339a2871be565333c58e9361524ac932545f51995f4cb78Red Hat Security Advisory 2011-1167-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. A flaw was found in the way SeaMonkey handled malformed JavaScript. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey.
2870e5c70954b126aed022e80d7fb0433ac5d1859390db856c4a5ae980865df9Red Hat Security Advisory 2011-1166-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A dangling pointer flaw was found in the Thunderbird Scalable Vector Graphics text manipulation routine. An HTML mail message containing a malicious SVG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
d07229aa2330f70302700aa4bfbf13bacc4cf2d26907cbd137d72e160c3cfdd4Netplanet suffers from a remote SQL injection vulnerability.
791b56b0b9344149c4de14c3653b6caf155f5d9a65d1bdf92d13e26f4aaa4541Zero Day Initiative Advisory 11-267 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Realplayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way RealPlayer handles ID3v2 Tags. RealPlayer creates a fixed size buffer for certain tags and will then populate them with the data from the file. It uses a call to WideCharToMultiByte to convert the data, but fails to take into account that converting a single wide char might result in more then two multi-byte chars. This causes more data to be written into the fixed buffer then anticipated resulting in a heap buffer overflow.
5385faa2d7dde38ad73a22ef3b8f23f66bab1cde6cff8768488cb79618bfe0e3Code Widgets Multiple Question - Multiple Choice Online Questionaire suffers from a remote SQL injection vulnerability.
0318bfb4cfdc80387f104ef561dd1133a04e04c172dd79b88ea01bd32af2dc34Code Widgets DataBound Index Style Menu suffers from a remote SQL injection vulnerability.
a08157d34b3038a71365eed7e228fb47a5ff5d1f3c33eac71cbb3460fc03e2a5Zero Day Initiative Advisory 11-266 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists due to the application using a size defined in a header in order to allocate some number of bytes. When processing an AAC raw_data_frame, the application will use the product of the original length and a field inside one of its elements. During the copy operation, this length will be larger than the amount that was allocated for which will cause a buffer overflow and can lead to code execution under the context of the application.
a998f646bb1270ea83464962d917e05f0291127b3e16d665205fc3e7ef88b7e2InYourLife suffers from multiple remote SQL injection vulnerabilities.
678103d7da66f300b30eaf0972d7bca88619a79fc3062cee580ea77ec976dc09Red Hat Security Advisory 2011-1165-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled malformed JavaScript. Malicious content could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
3cd6ca66f068b1b2fe5726f2d8a9a5ad9561c628bc1d7331dc50d6af1daab8d9Zero Day Initiative Advisory 11-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within qcpfformat.dll, which is responsible for parsing QCP media files. The process creates a static 256 byte allocation on the heap and trusts a user-supplied counter from the file within a memory copy loop. As the source data is also user-supplied from the file, this can be abused by a remote attacker to execute arbitrary code running in the context of the web browser.
b7524be329d663793a9abbc11c46bee42745e99635cdcb27b6bb37952693a381Zero Day Initiative Advisory 11-264 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe process. The problem affecting the part of the server running on tcp port 2148 is an integer overflow in the function vxveautil.kv_binary_unpack where a 32-bit field is used to allocate an amount of memory equal to its value plus 1. This can be made to miscalculate a heap buffer which can be subsequently overflowed allowing an attacker to execute arbitrary code under the context of SYSTEM.
a9d18a1310ab066fd02701b485717fbb174c7976f45ca111320b8a6740eae98aMuzedon suffers from a remote SQL injection vulnerability.
50f10f0b5ca487619beda5b2d0bbc96039a967c73c1f18f7e2db3977e34e1e32Red Hat Security Advisory 2011-1164-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A dangling pointer flaw was found in the Firefox Scalable Vector Graphics text manipulation routine. A web page containing a malicious SVG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
773f2e4dd7737076c22577213e613c524818da6fe7791e5fcf2502dfd46dc22cCode Widgets DataBound Collapsible Menu suffers from a remote SQL injection vulnerability.
5f733832e96eb0428e0c1ca89cc0017367fa5def25aaf5806a606f70bca2914cCode Widgets Online Job Application suffers from a remote SQL injection vulnerability that allows for authentication bypass.
1a5bb687b34722c0f36474acc005c68cda516a1781f31ef466a68fe736e2d76a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed