what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2012-02-15

Red Hat Security Advisory 2012-0135-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0135-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506
SHA-256 | 03a52258048d18b15e6ac5ca0a3669a39f7dda305c6e46f2a57b7e2a22041bd8
Red Hat Security Advisory 2012-0116-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0116-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3347, CVE-2011-3637, CVE-2011-3638, CVE-2011-4110
SHA-256 | 71cb08ef2d809cd41a86b8da8e6cf0581e7d7544405546ba07d973f409a56d8f
Debian Security Advisory 2410-1
Posted Feb 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2410-1 - Jueri Aedla discovered an integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3026
SHA-256 | 8b675f5eee2d9f754d3134353417faeb1e97a65426cf2aec875a9a2292eec7ee
Ubuntu Security Notice USN-1366-1
Posted Feb 15, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1366-1 - Paul Wise discovered that debdiff did not properly sanitize its input when processing .dsc and .changes files. If debdiff processed a crafted file, an attacker could execute arbitrary code with the privileges of the user invoking the program. Raphael Geissert discovered that debdiff did not properly sanitize its input when processing source packages. If debdiff processed an original source tarball, with crafted filenames in the top-level directory, an attacker could execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0210, CVE-2012-0211, CVE-2012-0212, CVE-2012-0210, CVE-2012-0211, CVE-2012-0212
SHA-256 | 40bfda9eabf67eda5f80bb688e78213248741ec5b1e9125cf6217c996c46b807
Red Hat Security Advisory 2012-0137-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0137-01 - TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
SHA-256 | b811af510a4450cdfa8f0478df6a3e2ec1303502c4a2f0b164a2de49291aa9d1
Red Hat Security Advisory 2012-0109-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0029
SHA-256 | 8da6bc236f0922d833448e86579690e72584546abfdf7d9e503f684883a37b08
Debian Security Advisory 2409-1
Posted Feb 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2409-1 - Several vulnerabilities have been discovered in debdiff, a script used to compare two Debian packages, which is part of the devscripts package.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-0210, CVE-2012-0211, CVE-2012-0212
SHA-256 | 393e38747adacb3663fd8270685e5895f4cff4332f8a6bd2ef1b06fb628341d2
Red Hat Security Advisory 2012-0136-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0136-01 - The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. A heap-based buffer overflow flaw was found in the way the libvorbis library parsed Ogg Vorbis media files. If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libvorbis should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-0444
SHA-256 | a7c0d3490864f1b414b91819fc65ca0f07506a135da1b6cae025b0ee2e2d093c
FreePBX Credential Disclosure
Posted Feb 15, 2012
Authored by Doug W

FreePBX suffers from a remote credential disclosure vulnerability via the web interface.

tags | exploit, remote, web, info disclosure
SHA-256 | 986a288fdcbc5a09424b1c75b72e3a792b623c2cfae4c5430ae2a3d6ac579056
360-FAAR Firewall Analysis Audit And Repair
Posted Feb 15, 2012
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

tags | tool, perl
systems | unix
SHA-256 | 64bffff846447bb8306c598f559f3e17b61db919815528d529d814378b55e3c5
Adobe Shockwave Player Parsing block_cout Memory Corruption
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a memory corruption vulnerability when parsing the field of KEY_ATOM of Director File.

tags | advisory
advisories | CVE-2012-0759
SHA-256 | af4574067944693d217e9b7ad5562a6fcb4b45eb39479343f7c42d4faa4f340b
Adobe Shockwave Player Parsing Heap Overflow
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a parsing cupt atom heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2012-0758
SHA-256 | 89f2974076f1ab581944249d3d66ef695b2f6a4ebb34ac4f04d4a2b08cf2e461
Fink Project Cross Site Scripting
Posted Feb 15, 2012
Authored by Am!r | Site irist.ir

Fink Project suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f517cef126f228397794c9d105b79286d8a859815aca7ce410f912bf3ae80758
Grady Levkov Cross Site Scripting
Posted Feb 15, 2012
Authored by Am!r | Site irist.ir

Grady Levkov suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8e78a196e0d6149db1e8d50455a2cb0d84b46d60d6c83a4bbe4f70ae0cd7e267
Besancon Groupe Cross Site Scripting
Posted Feb 15, 2012
Authored by Atmon3r

Besancon Groupe suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5f8f23f32d01106f603b86e783a9575b9d850a24fcc9d38853eba80fce0ab5cd
Firaxis Game SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

Firaxis Game suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | af5b02b13c83698aa4da4c8dc6ee84fb7e9d5f768b615bc2e45c11a9f2d3278f
The Greenroof SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

The Greenroof suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4cea30abef20bfc9233eab36023dae50ed6d2e521e695f1e23173df23a9ce04c
Tube Ace Cross Site Scripting
Posted Feb 15, 2012
Authored by Daniel Godoy

Tube Ace, the adult PHP tube script, suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 55bb50d24265cf559f05e85db818b999d36761dd5732d8739bf33553b3d3a544
Xenon Web Services SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

Xenon Web Services suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 3d33767f4a578d0396bd14474c0dabb2ff9c65c903526f927fb489e8564d0660
Secunia Security Advisory 47890
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for php5. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, debian
SHA-256 | 08d4bc2e6f04ad0d8a9f780b7105f099b6c6badeea975def913bb409f4aaa64e
Secunia Security Advisory 47960
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information or manipulate certain data or by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | e513a0c4c1be9f88345d00e8fd6d4f149fb0dabcd2e400c0cfd5ed646104a2ad
Secunia Security Advisory 47953
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | f36e05cbba2a87d69e21c19ee4360c957489322af62350754d2172ad79524fed
Secunia Security Advisory 48009
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Java SE, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
SHA-256 | 11af876c48785f92e290aa80fb1aae1fea120e21ee37f163d30124f252f16590
Secunia Security Advisory 47984
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the cformsII plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 6771201e9f6ad3021c289b6de76bd7b56516fc4965ae5d4819d9347b5390b63b
Secunia Security Advisory 47951
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Mumble, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
SHA-256 | c2f0ab19a4657ad26c8543e9e4bcd0979af62592b47e9720425a757911b89efc
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close