iDefense Security Advisory 10.13.09 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Acrobat and Reader Firefox plugin could allow an attacker to execute arbitrary code with the privileges of the current user. When Adobe Acrobat/Reader is installed, it also installs various browser plugins that allow PDF documents to be viewed in the browser. This vulnerability occurs within the Firefox browser plugin. The Internet Explorer version is not affected. The vulnerability occurs when Firefox attempts to navigate away from a page and unload the PDF viewing plugin. When Firefox calls the plugin's destroy method, the plugin does not properly free its resources. Specifically, a function pointer for the window update routine is not properly freed. This results in uninitialized memory being used when the window is redrawn, which leads to attacker supplied data being executed when the function pointer is dereferenced. iDefense has confirmed the existence of this vulnerability in Acrobat and Reader versions 8.1.3, 8.1.4, 8.1.5, and 8.1.6. Previous versions are also likely affected. Version 9.1.3 and previous 9.x versions are not affected.
26d2526e5fa4a158dc90e307c84a2c19f9b708a1d9689add295e4f768fab5f65
iDefense Security Advisory 10.13.09 - Remote exploitation of an invalid array index vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a U3D file embedded inside of a PDF. U3D is a file format used to represent 3D images. When parsing a U3D file, the parsing code fails to validate a value from the file used as index into a list of objects. This results in an attacker being able to specify an arbitrary value for a function pointer, which leads to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in Reader and Acrobat versions 9.1.3 and 8.1.6. Previous versions may also be affected.
036e3aa6e99462fba57e81b58b99274ca7837766dda18884ae3b383d0ebe33ff
Secunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow when processing the number of colours used in a bitmap image. This can be exploited to cause a heap-based buffer overflow via a specially crafted bitmap image. Successful exploitation may allow execution of arbitrary code.
7ac964e9487782914de260d54de860d87bab4cfc1cce6ada1a75a68e768c7a21
Millenium MP3 Studio version 2.0 .mpf file local stack overflow exploit.
655419f8a0e1fca0cb189c78d9acab447223ab9026bd99e33cc3ab0cbefa5a0a
OBOphiX version 1.0 suffers from a cross site scripting vulnerability.
36cedb1adc618168b836d1bbb8dc4f7cb3696ec3b39fb9083ff37169682ce1f7
Dit.CMS version 1.3 suffers from a cross site scripting vulnerability.
97cd0944e692928caaefdd70942128c76aa2a750f4f4b6ba69a3a8b51fe51dd2
Zainu version 1.0 suffers from a cross site scripting vulnerability.
8f3e9ac3843fc0bd7714db4c0675eb8422d3c85e3ef9187e9b8e421c794972c9
QuickTeam version 2.2 suffers from a remote SQL injection vulnerability.
d9a3340ab24c2632c8810bbe0305e462797494800df884bd7ab1c58333e64c00
FreeSchool version 1.1.0 suffers from a cross site scripting vulnerability.
f93f691abfc44196b2579d083d55065f4ff1fc9b5474ad3f7d5a675578c97a7a
BlooFox CMS version 0.3.5 suffers from a cross site scripting vulnerability.
4e11c6164d92713395047d679fa23f2cfb7f85d51fc075bb910c9ff5a96e5b99
AdaptBB version 1.0 suffers from a cross site scripting vulnerability.
8c9da2589096f0b9ef84fe2729fe14cc13240207dfdcd41d80e12284edbeddaa
Improper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component leads to heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system.
68c74583d8c2259e62743fb500c3ba5a7a8e32c2b91f70c32aba0e9279bc5cbd
Achievo versions 1.3.4 and below suffer from a remote SQL injection vulnerability.
601108b4918110ff0f704baaeb33c9ddbd86e763546225f6eab6beb4fffb82b0
Achievo versions 1.3.4 and below suffer from cross site scripting vulnerabilities.
3e43ab73bbfe81f99529b6bc033331b6c29d92371b634c150f94a3d775774c3f
ZoIPer Call-Info remote denial of service crash exploit.
da07ba37ad8d279a04d17faa083e14c5633a40b4a2ff338042a2578719cb4167
Palm Pre WebOS versions 1.1 and below suffer from a floating point exception vulnerability when attempting to view a specially crafted web page.
dd042c88bda6f549aaa01d65ffda9b44dc9e53448662e02889031eeb13be9744
NaviCOPA versions 3.0.1.2 and below suffer from a remote source disclosure vulnerability.
3fc6e9da9a800d9bf3d42dbffadb1678a521d4c9617fb7f80e73ec9f6667301f
Quick Heal suffers from a local privilege escalation vulnerability. Antivirus Plus 2009 for Desktop version 10.00 SP1 and Total Security 2009 version 10.00 SP1 are affected.
a7e12ae7f3325df3946da4bb5dfa8911981f261769814d18eb97809b70621b55
DedeCMS version 5.1 suffers from a remote SQL injection vulnerability.
602919dfe71a1750eb7645144191fface54e8b2b0d148a8043bbe004dfccb4be
Technical Cyber Security Alert 2009-286B - Adobe has released Security bulletin APSB09-15, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
696ccab68a7a2925c13a6849c57b7f5cac307c65febb16925ea4750d03362283
Technical Cyber Security Alert 2009-286A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.
bdfbe54040dd0fb5f33c52a245fac35493463d0100e4227101155b3f24873276
Zero Day Initiative Advisory 09-073 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a PDF file containing a malformed Compact Font Format stream. While decoding the font embedded in this stream, the application will explicitly trust a 16-bit value used to index into an array of elements. Usage of the object later will cause heap corruption which can be leveraged to achieve code execution under the context of the current user.
f5b15979453779951c6615a8065d41b0917042b56b721df3bbc4be4c0c3e8a33
Zero Day Initiative Advisory 09-072 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted TIFF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.
cef542a7264618845484af621f80dc5063484429e3b09b1772f806f2b4927ea2
Zero Day Initiative Advisory 09-071 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a user must visit a malicious web page. The specific flaw exists in the parsing of CSS style information. When a writing-mode style is used with a specific combination of HTML tags, memory corruption occurs. Exploitation of this vulnerability will lead to remote system compromise under the credentials of the currently logged in user.
25d87ea8df06335805a6073612747ed29b5c890a35c65a1121ce86d7287b0c64
Zero Day Initiative Advisory 09-070 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the copy constructor for a specific DOM object. When duplicated, more than one reference can be made of anything assigned to it's properties. When the variable/object goes out of scope, these properties will be deallocated twice. This results in a heap corruption which can lead to code execution under the context of the current user.
e34a0ecf7e6e4857c86a7a862d7ba941e58653e04ba89adf332e7b9a933d2e22