.:[ packet storm ]:.
                         
security in numbers
security in numbers

 Section:  .. / 0906-advisories  /

Page 17 of 19
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 >> Files 400 - 425 of 463
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: sa35628.txt
Description:
 Secunia Security Advisory - Gabriel Menezes Nunes has discovered a security issue in Gizmo, which can be exploited by malicious people to conduct spoofing attacks.
Homepage:http://secunia.com/
File Size:2302
Last Modified:Jun 30 09:33:54 2009
MD5 Checksum:5e62f4150bd4b5f4eb701fdbd2d433f8

 ///  File Name: sa35653.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in the Vote For Us module for PunBB, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/
File Size:2413
Last Modified:Jun 30 08:03:22 2009
MD5 Checksum:e3ab4a599e4f2b37ad3af9e72f810fca

 ///  File Name: sa35654.txt
Description:
 Secunia Security Advisory - Some vulnerabilities have been reported in the Affiliation module for PunBB, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/
File Size:2423
Last Modified:Jun 30 08:03:19 2009
MD5 Checksum:2b61394e7a4a9f332e29281bae598085

 ///  File Name: secunia-aqtmsadpcm.txt
Description:
 Secunia Research has discovered a vulnerability in Apple QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the processing of MS ADPCM encoded audio data. This can be exploited to cause a heap-based buffer overflow via a specially crafted AVI file. Successful exploitation may allow execution of arbitrary code. Apple QuickTime version 7.6 is vulnerable.
Author:Alin Rad Pop
Homepage:http://secunia.com/
File Size:4352
Related CVE(s):CVE-2009-0185
Last Modified:Jun 3 00:35:54 2009
MD5 Checksum:bba7b7ba0ebec430741e19399bfc6b88

 ///  File Name: secunia-arjtrs.txt
Description:
 Secunia Research has discovered a vulnerability in Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of Huffman encoded JBIG2 text region segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Adobe Reader version 9.1.0 is affected.
Author:Alin Rad Pop
Homepage:http://secunia.com/
File Size:4200
Related CVE(s):CVE-2009-0198
Last Modified:Jun 11 15:45:09 2009
MD5 Checksum:2df93232ed06ea203880ac98c1100cdd

 ///  File Name: secunia-erpai.txt
Description:
 Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an array-indexing error when processing certain records. This can be exploited to corrupt memory via a specially crafted Excel file. Successful exploitation may allow execution of arbitrary code. Microsoft Office Excel 2000 is affected.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:4372
Related CVE(s):CVE-2009-0558
Last Modified:Jun 10 18:19:20 2009
MD5 Checksum:f200feb35442de991e57dab923c23bb9

 ///  File Name: secunia-espi.txt
Description:
 Secunia Research has discovered a vulnerability in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error when processing the number of strings in a file and can be exploited to cause a heap-based buffer overflow via a specially crafted Excel file. Successful exploitation allows execution of arbitrary code. Microsoft Office Excel 2003 is affected.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:4269
Related CVE(s):CVE-2009-0561
Last Modified:Jun 10 18:21:12 2009
MD5 Checksum:27408fa1d094f3ed35f6a89be39b3bbb

 ///  File Name: secunia-mfjal.txt
Description:
 Secunia Research has discovered a vulnerability in Firefox, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a race condition when accessing the private data of an NPObject JS wrapper class object if navigating away from a web page while loading a Java applet. This can be exploited via a specially crafted web page to use already freed memory. Successful exploitation may allow execution of arbitrary code. Firefox versions 3.0.7, 3.0.8, and 3.0.9 for Windows with JRE 6 Update 13 are affected.
Author:Carsten Eiram,Jakob Balle
Homepage:http://secunia.com/
File Size:4338
Related CVE(s):CVE-2009-1837
Last Modified:Jun 12 12:21:28 2009
MD5 Checksum:86583e692885ba5d5de81c21c268bcc3

 ///  File Name: secunia-mppflp.txt
Description:
 Secunia Research has discovered a vulnerability in Microsoft PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an array-indexing error in the Microsoft PowerPoint Freelance Windows 2.1 Translator (FL21WIN.DLL) when parsing layout information and can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code. PowerPoint versions 2000 and 2002 are affected.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:5339
Related CVE(s):CVE-2009-0202
Last Modified:Jun 11 15:42:54 2009
MD5 Checksum:5089a34d96af6297be5f17cb456365a6

 ///  File Name: secunia-qtsv3.txt
Description:
 Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error in the parsing of Sorenson Video 3 content. This can be exploited to corrupt memory by tricking a user into viewing a specially crafted movie file. Successful exploitation may allow execution of arbitrary code. Apple QuickTime version 7.60 is vulnerable.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:4221
Related CVE(s):CVE-2009-0188
Last Modified:Jun 3 00:37:22 2009
MD5 Checksum:717f4e6658c04ae1104827bf33967f99

 ///  File Name: TA09-160A.txt
Description:
 Technical Cyber Security Alert TA09-160A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, and Internet Explorer.
Homepage:http://www.us-cert.gov/
File Size:3121
Last Modified:Jun 10 16:55:09 2009
MD5 Checksum:e5fa18f50a8adaf9f35ce4ba972b5386

 ///  File Name: TA09-161A.txt
Description:
 Technical Cyber Security Alert TA09-161A - Adobe has released Security Bulletin APSB09-07, which describes several buffer overflow vulnerabilities that could allow a remote attacker to execute arbitrary code.
Homepage:http://www.us-cert.gov/
File Size:4754
Last Modified:Jun 10 19:14:07 2009
MD5 Checksum:ff843ccb5243fcdd30e539e63c991d17

 ///  File Name: TPTI-09-03.txt
Description:
 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple iTunes. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the URL handlers associated with iTunes. When processing URLs via the protocol handlers "itms", "itmss", "daap", "pcast", and "itpc" an exploitable stack overflow occurs. Successful exploitation can lead to a remote system compromise under the credentials of the currently logged in user.
Author:James King
Homepage:http://www.tippingpoint.com/
File Size:1422
Related CVE(s):CVE-2009-0950
Last Modified:Jun 2 23:55:01 2009
MD5 Checksum:bf4323c20227c41523e353888628e369

 ///  File Name: TPTI-09-04.txt
Description:
 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Terminal. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of 'CSI[4' xterm window resizing escape code. When a very low negative value for (x, y) size is set, an integer overflow occurs resulting in a memory corruption. This can be further leveraged to execute arbitrary code under the context of the logged in user.
Author:James King
Homepage:http://www.tippingpoint.com/
File Size:1411
Related CVE(s):CVE-2009-1717
Last Modified:Jun 2 23:56:15 2009
MD5 Checksum:fe479568157a907ee1d8c47c9ea58674

 ///  File Name: trillian-ssl.txt
Description:
 Trillian does not check SSL certificate before sending MSN user credentials. An attacker is able to obtain MSN username and password with a spoofed certificate and no alert is generated to the user. This vulnerability was found in Trillian Basic 3.1. Other versions and/or protocols may also be affected.
Author:Gabriel Menezes Nunes
File Size:580
Last Modified:Jun 26 14:59:57 2009
MD5 Checksum:c5845f3fe75f5c87dd98becb5c8c5fe4

 ///  File Name: TZO-30-2009.txt
Description:
 It looks like all Kaspersky products suffer from a PDF evasion vulnerability.
Author:Thierry Zoller
File Size:6927
Last Modified:Jun 15 15:31:53 2009
MD5 Checksum:b7ca6e277bb317779cd28ed6f185aae5

 ///  File Name: TZO-31-2009.txt
Description:
 The Ikarus parsing engine versions below 1.1.58 suffer from CAB, RAR, and ZIP related bypass vulnerabilities.
Author:Thierry Zoller
File Size:2559
Last Modified:Jun 15 15:34:27 2009
MD5 Checksum:9df94167b6400befdf5b2e7d8cce8fdd

 ///  File Name: TZO-32-2009.txt
Description:
 Norman with decompression engine versions below 5.99.07 suffer from a RAR related bypass vulnerability.
Author:Thierry Zoller
File Size:5226
Last Modified:Jun 15 15:36:20 2009
MD5 Checksum:6a04a629931602a57fe538358c9d2b32

 ///  File Name: TZO-33-2009.txt
Description:
 The F-prot parsing engine can be bypassed by a specially crafted and formatted TAR archive.
Author:Thierry Zoller
File Size:4550
Last Modified:Jun 15 15:37:35 2009
MD5 Checksum:a42f87225e85949db3a6b29608d84885

 ///  File Name: TZO-34-2009.txt
Description:
 The F-prot parsing engine can be bypassed by a specially crafted and formatted RAR archive.
Author:Thierry Zoller
File Size:4568
Last Modified:Jun 19 00:09:28 2009
MD5 Checksum:04e793af5b90c24ce140f84d464250ea

 ///  File Name: TZO-37-2009.txt
Description:
 Calling a CSS attr attribute with a large number leads to memory corruption in Apple Safari.
Author:Thierry Zoller
File Size:1770
Last Modified:Jun 15 15:40:22 2009
MD5 Checksum:239eae608801a793ff06d147365fbeb4

 ///  File Name: TZO-40-2009.txt
Description:
 The parsing engine in ClamAV versions below 0.95.2 can be bypassed by manipulating RAR and ZIP archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.
Author:Thierry Zoller
File Size:2290
Last Modified:Jun 16 13:00:07 2009
MD5 Checksum:0c6887eff3574e35f1f4c2a19967e516

 ///  File Name: TZO-43-2009.txt
Description:
 The parsing engine in ClamAV versions below 0.96 can be bypassed by manipulating CAB (Filesize) archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.
Author:Thierry Zoller
File Size:2203
Last Modified:Jun 19 00:10:37 2009
MD5 Checksum:7242218b2c2ca2c21567709b7cf4ceef

 ///  File Name: USN-775-2.txt
Description:
 Ubuntu Security Notice USN-775-2 - USN-775-1 fixed vulnerabilities in Quagga. The preventative fixes introduced in Quagga prior to Ubuntu 9.04 could result in BGP service failures. This update fixes the problem. It was discovered that the BGP service in Quagga did not correctly handle certain AS paths containing 4-byte ASNs. An authenticated remote attacker could exploit this flaw to cause bgpd to abort, leading to a denial of service.
Homepage:http://security.ubuntu.com/
File Size:6122
Last Modified:Jun 10 16:56:44 2009
MD5 Checksum:bf73c613046ab783bee26825e20f9910

 ///  File Name: USN-778-1.txt
Description:
 Ubuntu Security Notice USN-778-1 - It was discovered that cron did not properly check the return code of the setgid() and initgroups() system calls. A local attacker could use this to escalate group privileges. Please note that cron versions 3.0pl1-64 and later were already patched to address the more serious setuid() check referred to by CVE-2006-2607.
Homepage:http://security.ubuntu.com/
File Size:6860
Related CVE(s):CVE-2006-2607
Last Modified:Jun 3 00:01:43 2009
MD5 Checksum:9a90bfa2fa5d4a31828bfbed7898710e
 

 ///  Last 10 Files
  1. :· MDVSA-2010-142.txt
  2. :· uplusftp-overflow.txt
  3. :· symantecams-flaw.txt
  4. :· jira-xss.txt
  5. :· secunia-autonomykvrp.txt
  6. :· secunia-autonomykvindex.txt
  7. :· zemana-escalate.txt
  8. :· ceteraecommerce-sqlxss.txt
  9. :· secunia-wkssriu.txt
  10. :· secunia-autonomywosr.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2010-142.txt
  2. :· secunia-autonomykvrp.txt
  3. :· secunia-autonomykvindex.txt
  4. :· secunia-wkssriu.txt
  5. :· secunia-autonomywosr.txt
  6. :· secunia-autonomyrtfsigned.txt
  7. :· secunia-autonomywkssr.txt
  8. :· secunia-autonomycfp.txt
  9. :· dsa-2076-1.txt
  10. :· dsa-2075-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· uplusftp-overflow.txt
  2. :· symantecams-flaw.txt
  3. :· jira-xss.txt
  4. :· zemana-escalate.txt
  5. :· ceteraecommerce-sqlxss.txt
  6. :· apachetomcat-traversal.txt
  7. :· joomlaphotomapgallery-sql.txt
  8. :· avarcade-insecure.txt
  9. :· nubuilder-rfi.txt
  10. :· punbbpunpm-sql.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· AdminLoginFinder.tar.gz
  2. :· fbruteforcer.py.txt
  3. :· stackbf.c
  4. :· fuzzdiff.py.txt
  5. :· dff-0.7.0-src.tar.gz
  6. :· RewriteProxy.tar.gz
  7. :· watobo_0.9.2rev149.zip
  8. :· PHPJackal.php.gz
  9. :· skipfish-1.52b.tgz
  10. :· webenum-0.1.py.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· NocON2010-CFP.txt
  2. :· transparent-medical-devices.pdf
  3. :· my-sql.pdf
  4. :· H2HC-CFP-2010.txt
  5. :· CVP-HackersPerspective.pdf
  6. :· buffer_overflow_edisi_ketiga.txt
  7. :· simple-sqlinj.txt
  8. :· clickonce-mitm.txt
  9. :· kiwicon2010-cfp.txt
  10. :· clubhack2010-cfp.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice