Microsoft Office 2007 Groove contains a security bypass issue regarding 'Workspace Shortcut' files (.GLK) because it allows arbitrary (registered) URL Protocols to be passed, when only 'grooveTelespace://' URLs should be allowed, which allows execution of arbitrary code upon opening a 'GLK' file.
71de481eab5ab157ddf6152307b61745802702034930be3131e198e2871ee02fMicrosoft Excel contains a remote code execution vulnerability upon processing OLE objects. Versions 2007, 2010, 2013, and 2016 are affected on both architectures.
392bd639166e0212b119a8558394e917be8f6bb220eb43af93908f49838cb4c8Debian Linux Security Advisory 3988-1 - An integer overflow vulnerability was discovered in decode_digit() in libidn2-0, the GNU library for Internationalized Domain Names (IDNs), allowing a remote attacker to cause a denial of service against an application using the library (application crash).
223c21749aad145929d94c2aac54529a2af07a008228fcdbcdebee796213f148Microsoft Office 2007 Word suffers from an information disclosure vulnerability.
c9b6bb05b51dd531cede6d08c5bfdad7704a05145db11d28203d5380ae3673b9Debian Linux Security Advisory 3987-1 - Several security issues have been found in the Mozilla Firefox web overflows and other implementation errors may lead to the execution of arbitrary code, denial of service, cross-site scripting or bypass of the phishing and malware protection feature.
11fc86a96a04d34a498c7c42538f978c98e74c7c39ac944aa9e111fe36fe8f7eDebian Linux Security Advisory 3986-1 - Several vulnerabilities were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service if a specially crafted Postscript file is processed.
ccb478c2bdbe6ef0a6a8adc4d8bea69fa3b4cfb7241678cc199573dd5e93ef9fHBGK DVR version 3.0.0 build 20161206 suffers from an authentication bypass vulnerability.
cbec5a5cbc96516cebd8e8164aee8ee987d555b700864598423c92b3b41a5066ConverTo Video Downloader and Converter version 1.4.1 suffers from an arbitrary file download vulnerability.
d69a83695c43b790b3f26f2d3a9a8c4c2c3146b03848c4304229d93cdbc15a11Real Estate MLM Plan Script version 1.0 suffers from a remote SQL injection vulnerability.
df4c1985e13a6739552c0e7e82d6c8735e2fea13bc536936bbce6da6f6029805PHP Multi Vendor Script version 1.02 suffers from a remote SQL injection vulnerability.
1d1a8d276824b2273cf35a39e09719f50f0734493caeb12bc8f6e4bf6ee1c359SmarterStats version 11.3.6347 suffers from a cross site scripting vulnerability.
37505c706c421ad977ef03042a3c7d49076d78b520a7e0542fbb0b2216077529Sync Breeze Enterprise version 10.0.28 suffers from a buffer overflow vulnerability.
c698dacd2757e972b25a92870546093b6e1bcdcdbc41a04fbdc7ad6e9cc7aa6bDigital Whisper Electronic Magazine issue 87. Written in Hebrew.
e05786eae0cf78845c86048c68400bb259002a222d134f3f7145e827634a76f2This archive contains all of the 253 exploits added to Packet Storm in September, 2017.
cf73410fc26ecd79a5217066e7bb7e724776f0ab1f59d8b74bffe17e53495a59TrendMicro OfficeScan versions 11.0 and XG (12.0) suffer from a memory corruption vulnerability.
a3e63e809dd2f77a9acd338ac38043b79c71b205a4ebbe5fafecd0186aff1ce4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed