Packet Storm new exploits for May, 2009.
8094b4223f4932026e1619c596b049a1ICQ 6.5 URL Search Hook / ICQToolBar.dll .URL file processing Windows Explorer remote buffer overflow proof of concept exploit.
c0a02aafeb98eb98618163c8a654c93cTraidnt Up version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
81cf1d750609e820630cb06f18c44e8cMillion Dollar Text Links versions 1.0 and below suffer from a remote SQL injection vulnerability.
e9a3d73679d0a220564590ac30b1abe6ZeusCart versions 2.3 and be low suffer from a remote SQL injection vulnerability.
7ba0ced4ae21c430b4b5bcbab3e8ebaeThis is a pdf proof of concept exploit that demonstrates a stack overflow crash in Adobe Acrobat versions 9.1.1 and below. Written to work on Mac OS X and Microsoft Windows.
94013e47acd5f59b99c80e6cd7d1d558Arab Portal version 2.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
fe748293544a340c7f17c33647897567The SonicWALL SSL-VPN suffers from a format string vulnerability.
6794399b8f40d95dc448414867b8a1d8Zen Help Desk version 2.1 suffers from a remote SQL injection that allows for authentication bypass.
2b33feb207e3e1a9d3d95e5124dde3c4Webboard versions 2.90 Beta and below suffer from a remote file disclosure vulnerability.
adbb7087a5404c91447d73c4da57ddd7The Joomla JVideo component version 0.3.x suffers from a remote SQL injection vulnerability.
16a8427704f3a638e37455e70d6fe8a6Roxio CinePlayer version 3.2 remote buffer overflow exploit that leverages SonicMediaPlayer.dll.
c950fee15ba2d7f253e740cdfdee4a76ECShop version 2.6.2 suffers from a remote php code execution vulnerability.
df020383cc6c76fe3d4fb8fa9d93298bMozilla Firefox 3.x suffers from a remote denial of service vulnerability.
3a26a60360148b584c4f5fdbf57a81e4Small Pirates version 2.1 suffers from SQL injection and cookie stealing vulnerabilities.
4943da5943d5edd9d5fad62b3d1502d6AdPeeps version 8.5d1 suffers from cross site scripting and HTML injection vulnerabilities.
8626e73850ae667047d9d42da7838f5eEvernew Free Joke Script version 1.2 suffers from a remote SQL injection vulnerability.
cef5fb6e5c78bdf0efe4eacbc80d4d1bSiteX versions 0.7.4.418 and below suffer from local file inclusion vulnerabilities.
82ed168b791b4a9073c9a1c2d46c0838Vanilla version 1.1.7 suffers from a cross site scripting vulnerability.
9566c74d4f1cda3be4421831c0dc8e36PHP-Nuke version 8.0 suffers from a REFERER related SQL injection vulnerability.
e36014ecc8d013471d40dd73b7eac4e2Easy Px 41 CMS version 09.00.00B1 suffers from a local file inclusion vulnerability.
fce54d2bd31222bd803e98632d355c8cThe Joomla AgoraGroup component version 0.3.5.3 suffers from a blind SQL injection vulnerability.
ca6b5eb5e3de1082bff7ac0b83e6e1bcMillion Dollar Text Links version 1.x suffers from an insecure cookie handling vulnerability.
c5159665b29be5422918ad1478323e4dSEC Consult Security Advisory 20090525-4 - A format string vulnerability exists in the logfile parsing function of SonicOS. An attacker could crash the system or execute arbitrary code by injecting format string metacharacters into the logfile, if an administrator subsequently uses the SonicOS GUI to view the log.
005de32cf9aa6bac47c19749c615aa31SEC Consult Security Advisory 20090525-3 - The SonicWALL Global VPN Client versions 4.0.0.835 and below suffer from a local privilege escalation vulnerability.
bbd35e1bde27297e6c6e49b09c81ff6a
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed