Red Hat Security Advisory 2013-1505-01 - The java-1.6.0-openjdk packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Java Software Development Kit. Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine.
137ac951545bcbeeb9b3abee7aad4ad67ff4489910b522d8f4f21cc4926d5992Core Security Technologies Advisory - A security vulnerability was found in Vivotek IP cameras that could allow an unauthenticated remote attacker to bypass the RTSP basic authentication and access the video stream.
065e30843612a7e4fb764cec626223e6530980e8429e2fcb08a39b7da3c52b90EMC Documentum eRoom versions prior to 7.4.4 P11 suffer from multiple cross site scripting vulnerabilities.
fa7a2bc5df2b5b44b6d15812a6fb71508a9ed67eb2888a6d9476fa16a00f5627A cross site scripting vulnerability has been found in Cisco Security Monitoring, Analysis and Response System. The issue is due to the input passed via several fields (eg: isnowLatency) to the /Query/NewQueryResult.jsp page are not properly sanitised before being returned to the user. Other pages could be affected by this issue.
a744cb9f4e5080fb1ab9d2c85ce572685f55379db22e423d3575ad8d31beec81A cross site scripting vulnerability exists in a request parameter of EMC Documentum products that could potentially be exploited by a malicious user.
07e14a31060060889ad8c141cf858c77a2a9c93806c6fd62b2bd3f847db0de53Project'Or RIA version 3.4.0 suffers from a remote SQL injection vulnerability.
994b42a23c4f6da7f39c572a3975c13a575414930eac772b4f02905a50d8c355This is a special release of the ICS/SCADA toolkit for the speech being given at the Power of Community conference. It includes S7 for 1500 PLC offline password brute force toolkit and IEC-60870-5-104 and IEC-61850-8-1 fingerprint tools and nse plugins.
bab629e4195c125aadff4dd4c3647c75a57c85b37dc3cc6a5246eeae440d3797Project'Or RIA version 3.4.0 suffers from multiple cross site scripting vulnerabilities.
4939ebe50ee1824f871a19246958da91b44eab3ea21fdd422e8494f230995c9aLBG Zoom In/Out Effect Slider plugin for Wordpress suffers from cross site scripting and path disclosure vulnerabilities.
12d3b33513334dd4e4056c4abafe19c65e20a2bc662cf1eed2bb677267d039b9LinkedIn suffered from multiple persistent cross site scripting vulnerabilities in the contact management system.
5d52af56073787e068a19ad8edc3d714d24ca4095ed030ceb3ffcbd259e05d6aEnigmatic CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
a8cad47f6b7a1ce3c9a17883beb2e8ba1410ba6df3c8cc3a8dcba59ed9063ea3TinyMCE version 3.2.7 suffers from SQL injection bypass and remote shell upload vulnerabilities.
da157be90c213de25691605033cf76109eb9523b6e6b3a241e799fbda9a598d4This archive contains all of the 176 exploits added to Packet Storm in October, 2013.
ef07cf144b79094e303b73f5ae6e362022c891d6dfde623eff42c78d2b9a884eThis Metasploit module exploits a stack-based buffer overflow in StoryBoard Quick 6.
be9f8f5b5e74ec032e061db1790ee6ae7ad5663dd6c25860b0832e0efd98f2d3This Metasploit module exploits a stack-based buffer overflow in Final Draft 8. Multiple fields are vulnerable to the overflow, however Word in IgnoredWords is the only field to accept mixed-case characters.
1b1e0b81bd8090ce9c13897364857d059b72e2077047d444b433511ccd5550d8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed