PHP Apps Links suffers from an insecure cookie handling vulnerability.
92284a5de7c51f029615734d3f1cc759271141719791df4cf5e830d1c20d9e6b
Yes Solutions suffers from a remote SQL injection vulnerability.
fa8362ac6b7518d3a13e2040e7c0eb6ca591065b14ae08bca687fc272e75afe4
Mojo's IWMS versions 7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
2ed6cdf1d5bb6b48bbbe4348df210f8fc54a7d21bc55a798774f2de197aba05f
Technical Cyber Security Alert 2010-40A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.
0d49afe2af08b5325f8b6061009d19ad3d2c3337315a2884da34bc08e8de01d9
Zero Day Initiative Advisory 10-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious presentation. The specific flaw exists in the handling of TextBytesAtom records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy() copies user data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the context of the currently logged in user.
e66f5708444afbb8a61a86f354075f2e3c535010d167c5534163b79119e45335
Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.
cbead906d997ee76877af1d55e446626a519eb77a9753cd8dd8b5595996a9469
UltraISO version 9.3.6.2750 local buffer overflow exploit.
bd57eec4e2084ff888f186ef5a94a351746bbbfe3542359ada2785b0666a8bbe
Secunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when handling file paths and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Microsoft Powerpoint 2002 is affected.
4ab67aead2a10a87a263653a9e1d2c62ed128edce724d1df60f7bca4e22e07dc
Newsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.
05823bc3f8b1a57206d81340808b740d3fa302331ec2464459967caa1426d34a
Newsletter Tailor suffers from remote database backup and disclosure vulnerabilities.
f7dc04d8896706c2cb84f60c4233f35656911bb6b59d31db01a2fbd35e2689ab
Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.
d40c00bfca38691caa302cc240a65cfb4055b89ee51b20a1b18ce6051b11c60e
Zero Day Initiative Advisory 10-015 - This vulnerability allows attackers to execute arbitrary code on applications that utilize DirectShow for rendering video on Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must be coerced into decompressing a malicious video. The specific flaw exists within the decompression of a specific type of video stream contained in an .AVI file. The application misuses a length field for an allocation causing the memory allocation to be too small to contain the subsequent data. During population of this buffer, the application will copy more data than allocated for leading to memory corruption with the potential for code execution.
1b5465d57ec60943e234e5d054de35549b804f4f09c061ee64c2c50e4f728fa3
43 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.
de7500ae0726581b49c0f823c1ea34c0093776ca11b5329ed06e55f9179a1bf9
Whitepaper called spoofing technique.
9cf5bb03c9b206a026568fc09c49e0e27937b42598a05896f187da1388b29970
LDAP injection proof of concept exploit.
2431e5ecf0cce38a31875fd868f239dfc6e6328d965b87e14b451c25e2173acb
FlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.
05adef10ce58d8f94f7f0ccf20a5cb6e9406c3968e96cd1a72af118ab81f3bf4
The Oracle E-Business Suite suffers from a cross site scripting vulnerability in the error details page.
cfb0d08a1aea903cb859eb27a83251c33db45a11685d30d5bcb2dc4bcf049053
ThinkPHP versions 2.0 and below suffer from cross site scripting vulnerabilities.
a7208e5112a62b9ed7872de827624e94648b6e690b6581cc22685d4380ec8629
Proposals are solicited for workshops to be held in conjunction with ACM CCS 2010. Each workshop provides a forum to address a specific topic at the forefront of security research. A workshop must be one full day in length. Proceedings of all workshops will be available (on a CD) to the workshop attendees. Each workshop will also have on-line proceedings through ACM Digital Library, with a separate ISBN.
acdd601dac84be7a44fbd3f5e99f18c1b4604e06b8706e5a43a9a11824d401cc
Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.
2d67857abdd78b103035140fd6f2853b5cd3c45fa600745b4d134a306fedd23e
Aruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.
22e3177636fc7aa2f310bbb771660dd68a2953ca6c2b727698e76ee120c2a131
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks or to cause a DoS (Denial of Service).
ed158b5e0d8f9b326366dc957840b691418249a25aab5730f1cdfedcb997bfa2
Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
18d551acaee0a1840a30dba8a3f5dc1b983144a0a8a56d90a156be1d64064d88
Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).
3cf3aa0fa33d7cbd101a0206114d61dd7c22ed4ae4c47841bc768dd2a9c45169
Secunia Security Advisory - A vulnerability has been reported in Microsoft Data Analyzer, which can be exploited by malicious people to compromise a user's system.
4b3c7107a36fd881027fc459a9998ae9e8303f6dc2d81c9836d0d01831f0596d