Zero Day Initiative Advisory 10-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will trust a length specified in the file in order to read a number of bytes into a statically allocated buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.
07a662e823b1c48b0488fa5bf4785655dac16efed3acf3a179e4943e49c57461
Zero Day Initiative Advisory 10-158 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will mistrust a length used to allocate a buffer. Later, the application will use a differently calculated length in a copy used to initialize that buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.
aa87f560104a2a07040f49eb78c2fb02bb94b9f1b12d0051ae242816f00c2219
Secunia Research has discovered three integer overflow vulnerabilities in libgdiplus for Mono, which can be exploited by malicious people to compromise an application using the library. Version 2.6.7 is affected.
ea9c0dd4e0ae6caef818713363a025771127f81ca5d4db62da1b8b3654b2e0ee
Zero Day Initiative Advisory 10-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a Word document containing a malformed shape. The application will calculate a length incorrectly when using it to copy data into an allocated buffer. This can lead to code execution under the context of the application.
7eaf4e9fe75b91866e7e1361b85fa2bbff07b8b435ecbe5a0e508954308f6770
Zero Day Initiative Advisory 10-156 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed Word document. The application will copy an arbitrarily sized ASCII string representing the font name into a constant sized buffer located on the stack. If large enough this will lead to a buffer overflow and can lead to code execution under the context of the application.
1949c349f722e2055cfd9da3a013ef7d87d2575f0c7c3471abed500176d2f4ea
Whitepaper called Security Mitigations for Return-Oriented Programming Attacks.
41f3edf0bb4f700984a9301ce40e45539890331a9b270c62e5aff98dc0a80763
Whitepaper called Binary Code Modification. Written in Turkish.
49805184f64edbdcb7348ceb0f235ba851a2bb0a8153b48cd0f1b6972aeffb5a
OpenBlog versions prior to 1.2.1 suffer from bypass authentication, cross site scripting and cross site request forgery.
081d63ce75bf6ae7371626e05df2d9b71077e0b5d07c591a6e1a41f00e95a97e
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The function exposes a GetDriverFile method. When this method is invoked for the first time a pointer in the .data section is mapped to an external function within another module. When invoked the second time, the process fails to load the library and assumes the pointer is still valid. When the uninitialized pointer is called the process jumps to an address space easily controlled by an attacker. This can be leveraged to execute remote code under the context of the user running the browser.
e0cfa3e2cd1ddcbcc01059726eacacbe82ac5d6853c2f30996a1f6f81e23e936
Mandriva Linux Security Advisory 2010-159 - GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. This update provides gv 3.7.1, which is not vulnerable to this issue.
3b8275578b70c3d4d40eee96a64eeaff2db63bc968db4b5f2d80fe1c1abc58e9
Whitepaper called Cracking Salted Hashes. The Do's and Don'ts of "Salt Cryptography".
2994290c21b4a94ba28fba881b3dd0dc6662a6442242e2f9b7f809a064ad0377
Brief whitepaper touching on how to use Wireshark for password sniffing. Written in Arabic.
7eacf1df077b891bea39f52dc68658cd50ef625393d0cb2f6198e31cb0b0c56d
Debian Linux Security Advisory 2095-1 - Alasdair Kergon discovered that the cluster logical volume manager daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service.
97b1dd1b6c2d96ccbdc89dc1e7aef5cdb030d254fff753d47754000812aa70c2
VWar suffers from cross site scripting, remote SQL injection, broken access controls and weak password generation vulnerabilities.
340cfcbbdfb9644effebb0512c1fe8ff862d9442b4ea2ba49f74bc3aab9d6bc7
3D FTP Client version 9.0 build 2 suffers from a directory traversal vulnerability.
868f391598d9f4bdb9b15447548cd654613dff4f6412410becde33ad634856f9
Microsoft Windows IcmpSendEcho2Ex interrupting denial of service exploit.
bfe682637a30a40efe730c2072a6c4328d1d0d540323d45a9459237bcc64a59b
Abyssal Metal Player version 2.0.9 denial of service exploit that creates a malicious .avi file.
2a195406d01d94ee193f522339cc1f1724d6579bb4cf1bab820d7af4d37de69f
Tplayer V1R10 denial of service exploit that creates a malicious .mp3 file.
49b7972127296e6bcb4aaafb6c4f72bb8aa04f7dd1109bcdf9dc5df59e191f0e
Mandriva Linux Security Advisory 2010-158 - functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service by making many IMAP login attempts with different usernames, leading to the creation of many preferences files. This update provides squirrelmail 1.4.21, which is not vulnerable to this issue.
6c9fba4124976b0bdd310cef7966a54550356155dee580b085e917c4282f3ee0
T-Dreams Announcement Script suffers from a remote SQL injection vulnerability.
e1e7ff3bbcd70b49f674f486481ea71fd2282fd1ce59675868efe7bd61d4f4c3
netStartEnterprise version 4.0 suffers from a remote SQL injection vulnerability.
021191cca2ef7c4e03149b0001779f290e2a096a46db7fa165a8a9d5df8e6e95
The Joomla Fabrik component suffers from a remote SQL injection vulnerability.
25af988561d1aba631680416fc9ed4dba53b08c8a30b4023d1ef9c3acfef20b3
e107 version 0.7.22 suffers from cross site request forgery and cross site scripting vulnerabilities.
18d87a1b6633c7641658c0f1c3580accf0a28d401bcf0ac63de69bd33dc3896f
Whitepaper called SDRF Vulnerability in Web Applications and Browsers. Like the known CSRF (Cross-Site Request Forgery) vulnerability, SDRF falsifies HTTP requests of users, but in contrast to CSRF, it forges the requests, that are send by a user to the same domain, where the malicious code, that exploits the vulnerability, is located.
2bbcbc1e7df3589650f1f93ca4947b1b1933ac3ec1b1c76dbcedd97997b7f901
AutoFTP Manager version 4.31 suffers from a directory traversal vulnerability.
53f94940c4fbf3cbb4c2d8ae6d4d882877de52e1f3a78c2919e60d62b8335aa1