A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's handling of Internet Video Recording (.ivr) files. While parsing the MLTI chunk the process trusts the field responsible for denoting the size of an embedded MDPR chunk. By modifying this value in an IVR file an attacker can force a misallocation on the heap. The process can then be made to write past the bounds of the buffer, corrupting memory. This can be leveraged to execute arbitrary code under the context of the user invoking RealPlayer.
ef22d184b5a4a171517add373ae6dc8fd3d072df971cf7a90421dcccf5664ddcLiteSpeed Web Server version 4.0.17 with PHP remote exploit for FreeBSD that uses a reverse shell.
b0012b61c33fd5c2dc2a099bfb8c36b4de98d5171a58428b919cf7223ecaadd4A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's handling of Internet Video Recording (.ivr) files. While parsing the MLTI chunk the process trusts the field responsible for denoting the number of streams within the chunk. By modifying this value in an IVR file, an attacker can force a processing loop to overrun and corrupt heap memory. This can be abused to execute arbitrary code under the context of the user invoking RealPlayer.
6ed8ef7f4d23f0fee569702d8aba5ef2ba635dcf17e9a56a9b184e9acc1c3004Joomla versions 1.5.22 and below suffer from abuse of functionality and cross site scripting vulnerabilities.
3d6c162096d77deb10c8a77a3b58b9d47de91da5158318bb42645b5a3b69f440Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the windows binary release.
4cfa61d55987c4bf069662dc1c30e6c0faf532d55dedfc3af8bdfdadea41f160Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release.
790089a6b37cb6940e2218fe426932092d202eb51608d26002a2219c50e57ae8Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark.
d257270879533212d7fec9f5260b4d3163e0822f8ffdde0fa3f96779fd12e1bbPHP 5.3.3 suffers from a GD extension imagepstext stack buffer overflow vulnerability.
dd471798a94019e55c17a159a67a7b668dc2b65a5268afe78a02db0606ae93bcA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the drv1.dll module. Code responsible for parsing SIPR stream metadata trusts frame width and height values from the input file. By crafting particular values an integer value used in a loop can be made to wrap negatively. The loop will subsequently overflow a static heap buffer during an inline memory copy. By crafting a malicious .rm file an attacker can exploit this vulnerability remotely using the RealPlayer ActiveX control.
9008fd6701a36aedb79d1920596baf54f3e5c2c61a1f4933ad72ba730297ce9aThe Joomla Redirect component suffers from a local file inclusion vulnerability.
f5e16a32e232c7b86fa162046047fee285a2a477fef1753ae87ce6414c3addbcCMS Articles NA version 1.4 suffers from a remote SQL injection vulnerability.
54bccc80ec75c87314f22778b93627ca97d8858ade981c6dc4eb85e081856f04Novell Vibe version 3 BETA OnPrem suffers from a stored cross site scripting vulnerability.
38d0853e67710878d23cc032e0905d8715455a8808a2d048463114929f781f0ePHP version 5.3.3 suffers from a NumberFormatter::getSymbol integer overflow vulnerability.
1df59e17c946c51528d4029507cbbbe55391b84ff9525a5af9000a7bc64461a6slickMsg version 0.7-alpha suffers from a cross site scripting vulnerability.
05f71f01e1129b895a298a759b4e9e4e600acac2041a51ab717be52077de08deSulata iSoft suffers from a local file disclosure vulnerability in stream.php.
0ccda2ac70c51aec68ad2416f65d43d903a1d928e638ddfea4ca1f7c896e52cdBizDir version 5.10 suffers from a cross site scripting vulnerability.
d846d7b63465d18d943007a50e20c237dea459e54e488848145dc85a72ebecfaThe Joomla Billy Portfolio component version 1.1.2 suffers from a remote blind SQL injection vulnerability.
df056ca38fdfc77b1691d2f5f92458740f8b5fa05e8ea171129a2cd4e6cdc6d6ManageEngine EventLog Analyzer version 6.1 suffers from a syslog related denial of service vulnerability.
9f4921e40b2aa8b7483acda6af72d4fa70c77ca1e595b48731a77471bae50f5aZero Day Initiative Advisory 10-263 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA ARCserve Replication and High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "create_session_bab" SOAP operation, which is handled by the xosoapapi.asmx process that is crucial to the remote administration of both the High Availability and the Replication products. By sending a specially crafted POST request to the xosoapapi.asmx process a remote, unauthenticated attacker can trigger a buffer overflow condition that results in arbitrary code execution under the context of the SOAP server process.
732bf3442e6da2fe98cceb20002cd9124a7abfd5f86bcb66579eb08e7127f203Ubuntu Security Notice 1031-1 - Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. It was discovered that an off-by-one error in the icon_cb function in pe_icons.c in libclamav could allow an attacker to corrupt memory, causing clamav to crash or possibly execute arbitrary code. In the default installation, attackers would be isolated by the clamav AppArmor profile.
d0f9bc4b01b56f6c35bd1a69cb58cd5c1ff58f1214a2c3965971aaddf9b5ea2bUbuntu Security Notice 1020-1 - Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Marc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues.
58125ecef67a854a08073ba14044044eff383049ce27f28c18c034a16b68f915Mandriva Linux Security Advisory 2010-251 - Security issues were identified and fixed in firefox. Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other issues were also addressed.
16122a701f5f539a783c5b878ccf9fe72cee3d02e7ec9741e38419714da1014aZero Day Initiative Advisory 10-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
75b03482e75543985b5e511481850aa72e3865412d33cf8444b5cf97d0d8ca83Zero Day Initiative Advisory 10-264 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the NodeIterator API used for element traversal. Due to a particular element not implementing functionality required by the API, a use-after free vulnerability can be forced to occur. This can be used to achieve code execution under the context of the application.
7b5bb458fc4220d1f9db581ca89419c0f49e85793d1c5dc4993db945e7802b26Mandriva Linux Security Advisory 2010-250 - The multipart_init function in Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172. The updated packages have been patched to correct this issue.
b7f64cfb55262b0406f6c5964fd0e2fb06ab945161587fa019059be5d48fad83
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed