Zero Day Initiative Advisory 10-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will trust a length specified in the file in order to read a number of bytes into a statically allocated buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.
07a662e823b1c48b0488fa5bf4785655dac16efed3acf3a179e4943e49c57461Zero Day Initiative Advisory 10-158 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will mistrust a length used to allocate a buffer. Later, the application will use a differently calculated length in a copy used to initialize that buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.
aa87f560104a2a07040f49eb78c2fb02bb94b9f1b12d0051ae242816f00c2219Secunia Research has discovered three integer overflow vulnerabilities in libgdiplus for Mono, which can be exploited by malicious people to compromise an application using the library. Version 2.6.7 is affected.
ea9c0dd4e0ae6caef818713363a025771127f81ca5d4db62da1b8b3654b2e0eeZero Day Initiative Advisory 10-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a Word document containing a malformed shape. The application will calculate a length incorrectly when using it to copy data into an allocated buffer. This can lead to code execution under the context of the application.
7eaf4e9fe75b91866e7e1361b85fa2bbff07b8b435ecbe5a0e508954308f6770Zero Day Initiative Advisory 10-156 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed Word document. The application will copy an arbitrarily sized ASCII string representing the font name into a constant sized buffer located on the stack. If large enough this will lead to a buffer overflow and can lead to code execution under the context of the application.
1949c349f722e2055cfd9da3a013ef7d87d2575f0c7c3471abed500176d2f4eaWhitepaper called Security Mitigations for Return-Oriented Programming Attacks.
41f3edf0bb4f700984a9301ce40e45539890331a9b270c62e5aff98dc0a80763Whitepaper called Binary Code Modification. Written in Turkish.
49805184f64edbdcb7348ceb0f235ba851a2bb0a8153b48cd0f1b6972aeffb5aOpenBlog versions prior to 1.2.1 suffer from bypass authentication, cross site scripting and cross site request forgery.
081d63ce75bf6ae7371626e05df2d9b71077e0b5d07c591a6e1a41f00e95a97eThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The function exposes a GetDriverFile method. When this method is invoked for the first time a pointer in the .data section is mapped to an external function within another module. When invoked the second time, the process fails to load the library and assumes the pointer is still valid. When the uninitialized pointer is called the process jumps to an address space easily controlled by an attacker. This can be leveraged to execute remote code under the context of the user running the browser.
e0cfa3e2cd1ddcbcc01059726eacacbe82ac5d6853c2f30996a1f6f81e23e936Mandriva Linux Security Advisory 2010-159 - GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. This update provides gv 3.7.1, which is not vulnerable to this issue.
3b8275578b70c3d4d40eee96a64eeaff2db63bc968db4b5f2d80fe1c1abc58e9Whitepaper called Cracking Salted Hashes. The Do's and Don'ts of "Salt Cryptography".
2994290c21b4a94ba28fba881b3dd0dc6662a6442242e2f9b7f809a064ad0377Brief whitepaper touching on how to use Wireshark for password sniffing. Written in Arabic.
7eacf1df077b891bea39f52dc68658cd50ef625393d0cb2f6198e31cb0b0c56dDebian Linux Security Advisory 2095-1 - Alasdair Kergon discovered that the cluster logical volume manager daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service.
97b1dd1b6c2d96ccbdc89dc1e7aef5cdb030d254fff753d47754000812aa70c2VWar suffers from cross site scripting, remote SQL injection, broken access controls and weak password generation vulnerabilities.
340cfcbbdfb9644effebb0512c1fe8ff862d9442b4ea2ba49f74bc3aab9d6bc73D FTP Client version 9.0 build 2 suffers from a directory traversal vulnerability.
868f391598d9f4bdb9b15447548cd654613dff4f6412410becde33ad634856f9Microsoft Windows IcmpSendEcho2Ex interrupting denial of service exploit.
bfe682637a30a40efe730c2072a6c4328d1d0d540323d45a9459237bcc64a59bAbyssal Metal Player version 2.0.9 denial of service exploit that creates a malicious .avi file.
2a195406d01d94ee193f522339cc1f1724d6579bb4cf1bab820d7af4d37de69fTplayer V1R10 denial of service exploit that creates a malicious .mp3 file.
49b7972127296e6bcb4aaafb6c4f72bb8aa04f7dd1109bcdf9dc5df59e191f0eMandriva Linux Security Advisory 2010-158 - functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service by making many IMAP login attempts with different usernames, leading to the creation of many preferences files. This update provides squirrelmail 1.4.21, which is not vulnerable to this issue.
6c9fba4124976b0bdd310cef7966a54550356155dee580b085e917c4282f3ee0T-Dreams Announcement Script suffers from a remote SQL injection vulnerability.
e1e7ff3bbcd70b49f674f486481ea71fd2282fd1ce59675868efe7bd61d4f4c3netStartEnterprise version 4.0 suffers from a remote SQL injection vulnerability.
021191cca2ef7c4e03149b0001779f290e2a096a46db7fa165a8a9d5df8e6e95The Joomla Fabrik component suffers from a remote SQL injection vulnerability.
25af988561d1aba631680416fc9ed4dba53b08c8a30b4023d1ef9c3acfef20b3e107 version 0.7.22 suffers from cross site request forgery and cross site scripting vulnerabilities.
18d87a1b6633c7641658c0f1c3580accf0a28d401bcf0ac63de69bd33dc3896fWhitepaper called SDRF Vulnerability in Web Applications and Browsers. Like the known CSRF (Cross-Site Request Forgery) vulnerability, SDRF falsifies HTTP requests of users, but in contrast to CSRF, it forges the requests, that are send by a user to the same domain, where the malicious code, that exploits the vulnerability, is located.
2bbcbc1e7df3589650f1f93ca4947b1b1933ac3ec1b1c76dbcedd97997b7f901AutoFTP Manager version 4.31 suffers from a directory traversal vulnerability.
53f94940c4fbf3cbb4c2d8ae6d4d882877de52e1f3a78c2919e60d62b8335aa1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed