Nortel VPN Router products are susceptible to a denial of service attack via a malformed IPsec IKE packet.
694371b7cc4e532f1c43ee6a09be63bcMyBB 1.0 RC4 suffers from cross site scripting bugs.
822b63981e5b81faf560178efd374648Stronghold 2 versions 1.2 and below suffers from a denial of service flaw due to memory allocation issues with the STLport library.
18011e11f3a74ecf86536aa93e51f233Compuware Softice (DbgMsg driver) is susceptible to a local denial of service flaw.
3b0f39c9a3084473a4db0ac5503b9f30Peercast versions 0.1211 and below suffer from a format string vulnerability.
a8b77e5a50d38906c841e0a9b92448b9PicoWebServer 1.0 suffers from a remote unicode stack overflow.
85bba124bac603180f95070226a1b91eMicrosoft Internet Explorer crashes when it attempts to handle more than 110 stack overflows.
21a763cdb259adc22559f52afbbf4213There is a bug in Microsoft Internet Explorer, which causes a crash in it. The bug occurs, because Microsoft Internet Explorer doesn't limit the depth of embedded files.
9cc988fcb01c012bcfda305eb4a75920A crash causing flaw exists in Microsoft Internet Explorer when calling a javascript function with the name of the window() object.
aaca6719dea74885d4328eff5ddfadc9A crash causing flaw exists in Microsoft Internet Explorer when adding a specially formed URL to a restricted zone.
7bd278d45c815d2c2b8c59d700331d39Invision Power Board versions 1.x and 2.x allow users to move themselves into the root group.
352ec85077d27e408e241bb0bbab5ab2A vulnerability was discovered in ClamAV during a code audit. This vulnerability could allow a local attacker on a MacOS system to elevate privileges to that of a user running a ClamAV process. This problem affects ClamAV versions 0.80rc4 through 0.84rc2, and is fixed in versions 0.84 and later.
3b014ba67b42f66b1bacf9796ed7a467PHPMailer versions 1.72 and below suffer from a denial of service flaw.
5eb9cd013685782c932e19ebe9f6c70eUbuntu Security Notice USN-136-1 - Tavis Ormandy found an integer overflow in the Binary File Descriptor (BFD) parser in the GNU debugger. The same vulnerable code is also present in binutils.
2158dfdc9d139d49d27eb9c134d84441Ubuntu Security Notice USN-135-1 - Tavis Ormandy found an integer overflow in the GNU debugger. By tricking an user into merely load a specially crafted executable, an attacker could exploit this to execute arbitrary code with the privileges of the user running gdb. However, loading untrusted binaries without actually executing them is rather uncommon, so the risk of this flaw is low.
e929cb22ddaa0349b801e71f137dfad2C'Nedra versions 0.4.0 and below suffer from a buffer overflow in READ_TCP_STRING.
3028186d9255282c94bcc56c62b8fffdTerminator 3: War of the Machines versions 1.16 and below suffer from a buffer overflow vulnerability and a big nickname access violation flaw.
80efe66a6d9769f182108aed0fc4b1c5Avast Antivirus version 4.6 is susceptible to a memory overwrite flaw.
365a366d526dc05ee7ad43d53a39aecduser32.dll suffers from an Icon size crash.
a2755481c57695cfd6e62aa215b62503shtool suffers from an insecure temporary file creation vulnerability. Versions 2.0.1 and below are affected.
818e07746e4f48fed9bb37ae74e7ab1diDEFENSE Security Advisory 05.25.05-4 - Remote exploitation of a format string vulnerability in the imap4d server within version 0.6 of the GNU Project's Mailutils package could allow an unauthenticated attacker to execute arbitrary code. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
b60b850cbcf684a4f2ee2a660a97cedaiDEFENSE Security Advisory 05.25.05-3 - Remote exploitation of an input validation in the FETCH command of the imap4d server from the GNU Project's Mailutils package error may allow an authenticated remote attacker to perform a denial of service against an affected system. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
4314775f97f82a80feddc729ebb9d083iDEFENSE Security Advisory 05.25.05-2 - Remote exploitation of an integer overflow in the fetch_io function of the imap4d server from the GNU Project's Mailutils package error may allow an authenticated remote attacker to execute arbitrary code. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions which contain the imap4d server are also affected.
cbba4652d269f465cc35b50e60349fe7iDEFENSE Security Advisory 05.25.05-1 - Exploitation of a buffer overflow vulnerability in the mail binary of the GNU Projects Mailutils package may allow a remote attacker to execute commands with the privileges of the targeted user. iDEFENSE Labs has verified the existence of this vulnerability in versions 0.5 and 0.6 of the GNU Mailutils package. It is suspected that any previous versions may also be affected.
6d88e0c7252ec5049ac63ef65dd35299A security vulnerability existed in the anti-virus engine of specific versions of ZoneAlarm Anti-Virus and ZoneAlarm Security Suite (ZoneAlarm and ZoneAlarm Pro are not affected.) The vulnerability was caused due to an integer overflow in the Vet anti-virus engine (VetE.dll) when analyzing OLE streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted Microsoft Office document.
49ef7d5ed7e6c196691fc1abf59e2689
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed