ManageEngine ServiceDesk Plus version 8.0 allows a user with limited privileges access to certain functionality that should only be available to administrative users. Proof of concept included.
e8ccc4a1e95942aa9e19d5eff1d90052cd550386db0397b0735cad9c2fbbea44Apple Security Advisory 2011-07-25-1 - A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains. The iOS 4.3.5 software update addresses this issue.
f271d72e253f45b8bffad97ab4c2940113b5aed5d35f40980c0aa9611dd0e416Apple Security Advisory 2011-07-25-2 - The iOS 4.2.10 software update addresses a certificate chain validation issue. The issue existed in the handling of X.509 certificates where an attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.
a9341b8d975d38e6fee68438897e57464648354bf839acda89e25f93a633a05bApple Security Advisory 2011-07-20-2 - An iWork 9.1 update addresses multiple security issues. A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution.
a73deccbc64afb80a87bd72b01aefd8124e910e61fa03497792581196667db65Online Grades version 3.2.5 suffers from multiple cross site scripting vulnerabilities. The issue is triggered when input passed via multiple parameters to the 'admin/admin.php' script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
97dac1462d3751baa282b6d6356f3f5c1af9936b2fe7fc9e1f21af38da27da98During a test of the OCSP support in FreeRADIUS, a security vulnerability has been found in the way the FreeRADIUS code parses the replies from an OCSP responder. This allows a remote attacker to use a revoked certificate from an otherwise trusted certification authority (CA) to successfully authenticate against the FreeRADIUS server if it is configured to use EAP-TLS with OCSP certificate validation.
5b65d36c4e76607a595656693bfddbeb502cec23fc2d22af359d05dff8140b17Sites designed and developed by Ileys Technology Inc. suffer from a remote SQL injection vulnerability.
f5c5795f4799531b10ab5b60389356d527141c28b8db81608bbedd4cc4ca160eThe Joomla VirtualMoney component suffers from a remote SQL injection vulnerability.
03f6319bc05fc54dba06c1d4a6dd5f08ff0d4b8d782727541609acab884b8e55The AJAX Chat/Shoutbox module in phpBB suffers from a cross site request forgery vulnerability.
177fc6233cf9c093a8506ad4594022e02d79d4edac20c5789a3406d47894ab7fAndy Davis of NGS Secure has discovered a High risk vulnerability in Oracle Solaris. A local attacker can send a malformed USB configuration descriptor via a malicious USB device and trigger a kernel stack overflow, which could potentially result in arbitrary code execution.
2e244e1f7808afb57fa4c7f833f7a8baf74cd735eb3add71bdb930774f307ca4Ubuntu Security Notice 1173-1 - It was discovered that FreeType did not correctly handle certain malformed Type 1 font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
5bac17a6d756ec96bf4ab033ae33038414812531bb4a71656a50f898c8fc0067Mandriva Linux Security Advisory 2011-119 - An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the libsndfile library processed certain Ensoniq PARIS Audio Format audio files. An attacker could create a specially-crafted PAF file that, when opened, could cause an application using libsndfile to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
f4d92c8716e0f50d58737fbae451fe31de12be5ea09eaecb84a3ce88e907f530Debian Linux Security Advisory 2284-1 - Juraj Somorovsky, Andreas Mayer, Meiko Jensen, Florian Kohlar, Marco Kampmann and Joerg Schwenk discovered that Shibboleth, a federated web single sign-on system is vulnerable to XML signature wrapping attacks.
e7e29a14f09078b7346c427e7da3140ccf2014154e01b80f3e6807390a769f89Ileys Web Control version 2.0 suffers from a remote SQL injection vulnerability in view.php.
81709688b764ddd05b612936fde604a2f3403bb13b6cfce1432fa37ed8d98702TinyCrypt is a fast, simple encryption algorithm that delivers high security for encryption at the file level. Files are compressed using fast LZO compression.
1d2b1c7779504226efd02e9ea71c66f10b90709132a734d176e87df5bb5a2edcWebkit memory corruption proof of concept exploit that can be leveraged against Safari versions prior to 5.1 and 5.0.6.
7cbbe6a6e224542c1004153d9ed66d546c29d2059231bcdba385d168b24ca219Musicbox versions 3.7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.
178f919ecec97ccf820b8d2936995ae9880edb66381726875324f63d281dce0dDebian Linux Security Advisory 2283-1 - Tim Zingelmann discovered that due an incorrect configure script the kerborised FTP server failed to set the effective GID correctly, resulting in privilege escalation.
54a0abc706eb732a9dc25bd170e5de3023ee6c3006e83c57538633b71c12de24Debian Linux Security Advisory 2282-1 - Two vulnerabilities have been discovered in KVM, a solution for full virtualization on x86 hardware.
4fa44e9efca1c5b557bed9d0c7b29b0c56e7c7e66d15cbe2066edfaf181e51e0Go Null Yourself E-zine Issue 5 - Topics in this issue include Public-Key Encryption and RSA, Iridium Satellite Network, An Introduction to x86 NASM, Hacking 15A Announcements, and more.
86f3bb26476e3e5a2ec562ce0ca774593bcf9c31e7989e41d26f503db919ad81Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When processing DOM queries to SVG tags, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by query some properties of SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.
620665bfdb86a30421dd34b615a797945553c63b075518ac3852faa9ab9219e1Funnel Web suffers from a remote SQL injection vulnerability in products.php.
4e7da8bd33a7441783b1992aa3b7b71135c68f2470bd8b90008a116b7b420409WOC Consulting suffers from a remote SQL injection vulnerability in search_result.php.
f72179650bef9e50fbdf1ee5dbb61f57345ab33b822fc1b1367529b515af745bCanoy Softwares suffers from a remote SQL injection vulnerability in search_result.php.
7e8fd134503776bf8a4ef281fe891c3572c09643ac96c5ae472adbdbbc1beae6Nexus Nepall suffers from a remote SQL injection vulnerability in directory.php.
fd8786cb7785ae112346ad7ec622d2795b3202d3d4a2de0b98ba2f12bb94b722
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed