what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files Date: 2010-07-14

Secunia Security Advisory 40610
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun GlassFish Enterprise Server and Java System Application Server, which can be exploited by malicious, local users to manipulate or disclose certain data.

tags | advisory, java, local
SHA-256 | 145eb52a4799c0a95d8f1674427088f8da0ad0d33bb972225cbfc4050015fff3
Secunia Security Advisory 40602
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to manipulate or disclose certain data and cause a DoS (Denial of Service), by malicious users to cause a DoS, and by malicious people to conduct cross-site request forgery attacks, cause a DoS, or to compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability, csrf
systems | solaris
SHA-256 | bfd947a8098a77dac5684b952f4d97e3b3c4f8ea5ea7ba8f1b689606bd2f35ed
Secunia Security Advisory 40557
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for qt. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 5dff9eb9e1a44f4b0fc5b2c713a7e7def47e2971ed3342b2ecebc00ec7a7f7a8
Secunia Security Advisory 40574
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in I2P, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 2b9046434e4a29264c4cf0db1d8f582890fb0fa4bdce3fdfe4f9e0e86a9eae58
Secunia Security Advisory 40612
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OlyKit eBay Clone Script 2010, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ff949c9fe3a10a15c5d4424d9502a8ee1eaa7fcd640bae6a106a5845cedd8071
Secunia Security Advisory 40613
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Mortgage and Amortization Calculator Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 2c5fb3cd2cd274b639a7af55ed8109fc69f589e38f1a69ecfbdef86fd4147003
Secunia Security Advisory 40587
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in 2daybiz Custom Business Card Script, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | ef06d97be93e122446f81e853aaf55710e50e9776204b692f98c634ad76e6062
Secunia Security Advisory 40581
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledge a vulnerability in RealPlayer, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | 668a9fe13ca28e02b9f92932b216801b98415f946a11b5a361314b091fca6e03
Secunia Security Advisory 40583
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledge a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise an application using the affected library.

tags | advisory
systems | solaris
SHA-256 | de7cc1675c8ee2e99f6a38a0681b744f5e7504a67c415c7a6d16e53e40a8a2fa
Secunia Security Advisory 40586
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
SHA-256 | f13fb1602cacd20209f7400f95d487444768ab9194876eab54e2210ce2c3555b
Secunia Security Advisory 40580
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ghostscript. This fixes multiple vulnerabilities which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 3f9a8f84cea48760244ca91070f3a82a0b3b302bf519e40ec9f445cd91119178
Secunia Security Advisory 40589
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Campsite, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e9ff24860ec16780e5fbcec629b8f97b1514a7852a8cf22560f4433d545ba0b1
Zero Day Initiative Advisory 10-125
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the solid.exe process which listens by default on TCP port 1315. The code responsible for parsing the first handshake packet does not properly validate the length of the username field. By crafting an overly long value in the request an attacker can exploit this to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 09a594428fe5144b5d55c44a064d4fd3f3446333fdced8903b468d07f28a9aa3
Zero Day Initiative Advisory 10-124
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-124 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit these vulnerabilities. The specific flaws exist due to how the application passes CGI parameters to the internal obtool binary running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

tags | advisory, remote, arbitrary, cgi, vulnerability
SHA-256 | f3eb8b93e738858b3c6e2a5e1d54e8b3d36f41f83639ca0370ec81c55f379812
HP Security Bulletin HPSBOV02539 SSRT090267
Posted Jul 14, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS Auditing. The vulnerability could result in a local disclosure of information or elevation of privilege. In addition, a potential vulnerability has been identified with HP OpenVMS on Itanium platforms. This vulnerability could be exploited locally resulting in a Denial of Service (DoS).

tags | advisory, denial of service, local
SHA-256 | 39c0d11da89787baaf3c0b0dac7b12f69810b7a422b6fbe96bac6ceb6c5154b0
WebLogic Plugin HTTP Injection Via Encoded URLs
Posted Jul 14, 2010
Authored by George D. Gal, Timothy D. Morgan | Site vsecurity.com

Virtual Security Research, LLC. Security Advisory - Over the last several years, VSR analysts had observed unusual behavior in multiple WebLogic deployments when certain special characters were URL encoded and appended to URLs. In late April, 2010 VSR began researching this more in depth and found that the issue could allow for HTTP header injection and HTTP request smuggling attacks.

tags | exploit, web
advisories | CVE-2010-2375
SHA-256 | 5d7636d4025d8667dd9edaf1762d3650f321ba8bf02999b83dd50d2261a56eff
Technical Cyber Security Alert 2010-194B
Posted Jul 14, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-194B - A large amount of Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
SHA-256 | 5d39915f295318f0c13ddb691bc6cb2e44b7ba729140fe7a42d65b94d3861c77
ToolTalk rpc.ttdbserverd Database Parser Heap Overflow
Posted Jul 14, 2010
Authored by Rodrigo Rubira Branco

There exists a vulnerability within a function of the ToolTalk database server (rpc.ttdbserverd), which when properly exploited can lead to compromise of the vulnerable system. This vulnerability can be triggered by creating a fake database (.rec file) on the system and calling remote procedure 7 of ToolTalk database server pointing to this database, leading to a heap overflow.

tags | advisory, remote, overflow
SHA-256 | d52652680c2282a365582b370699c7a5d7ea1fad7ca3f74abec30bf475ffe69d
Secunia Security Advisory 40606
Posted Jul 14, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Java System Web Proxy Server, which can be exploited by malicious people to disclose potentially sensitive information or manipulate certain data.

tags | advisory, java, web
SHA-256 | 9e38ee7821a9e97f8ea435a18129da2d9107e23fd62c488d8c4f8ba1b999d99b
HP Security Bulletin HPSBMA02555 SSRT100064
Posted Jul 14, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP Client Automation Enterprise Infrastructure (Radia). The default configuration allows remote disclosure of information.

tags | advisory, remote
advisories | CVE-2010-1972
SHA-256 | 3b5831b3d034e6ac87804180979c6933c321dabfa21793949265ae24a6fbd436
Winamp Player FLV Data Processing Multiple Overflows
Posted Jul 14, 2010
Authored by Nicolas Joly | Site vupen.com

VUPEN Vulnerability Research Team discovered multiple vulnerabilities in Winamp. These issues are caused by integer and buffer overflow errors within the "vp6.w5s" component when parsing malformed Flash Video data, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted FLV file. Versions 5.572 and below are affected.

tags | advisory, overflow, arbitrary, vulnerability
SHA-256 | 8fbaac671d34798bc99f557cfffe222926f9d45cd0c0e2cf9cd4975d2e5732d4
Oracle Secure Backup Scheduler Service Remote Code Execution
Posted Jul 14, 2010
Authored by Cody Pierce | Site dvlabs.tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the parsing of commands sent to the obscheduled.exe service listening by default on TCP port 1026, or 1027. Due to a lack of bounds checking on a specific command sequence the program stack can be overwritten with user controlled data. Successful exploitation can lead to remote system compromise under the SYSTEM credentials.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2010-0898
SHA-256 | b97beb4e58e46d6a4719bd8417540a0d0f63bac1d2dbac31e1272e615cc3a6b5
Arora Browser 0.10.0-1 Denial Of Service
Posted Jul 14, 2010
Authored by D4rk357

Arora Browser version 0.10.0-1 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 464a693b68d3103f918fcc7e499c7c5254f3704fc1386ad5554d93f7f6e7452d
Diferior CMS 8.03 Cross Site Request Forgery
Posted Jul 14, 2010
Authored by 10n1z3d

Diferior CMS version 8.01 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 68862d8b3ca0cb1db27ff9190373f9678f4390b26c98b6114cd729d40e073a6d
Zero Day Initiative Advisory 10-123
Posted Jul 14, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-123 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials.

tags | advisory, remote, arbitrary, vulnerability
SHA-256 | 1b6cb7c2d8ebbfb8aa18f8b3517e80976924e54abe93a72aade5cc60697221de
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close