Section:  .. / 1005-exploits  /

Page 1 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 1 - 25 of 489
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: psstyle-overflow.txt
Description:
Adobe Photoshop CS4 Extended suffers from a buffer overflow vulnerability when dealing with .ASL (styles) format file. The application fails to sanitize the user input resulting in a memory corruption, overwriting several memory registers which can aid the attacker to gain the power of executing arbitrary code or denial of service. Version CS4 Extended 11.0.0.0 is affected.
Author:LiquidWorm
File Size:324954
Related CVE(s):CVE-2010-1296
Last Modified:May 26 20:39:32 2010
MD5 Checksum:0e3ce2d176b2742a2a979c21fe005fb4

 ///  File Name: cybsecironmail-access.pdf
Description:
CYBSEC Security Advisory - The McAfee Email Gateway suffers from a web administration broken access control.
Author:Nahuel Grisolia
Homepage:http://www.cybsec.com/
File Size:207411
Last Modified:May 19 22:22:43 2010
MD5 Checksum:2df0dd4f2760e3625784fa642b5e0bd5

 ///  File Name: bypassing-chrome.pdf
Description:
Google Chrome 4 suffers from a javascript filter bypass vulnerability.
Author:Manuel Fernandez
File Size:184813
Last Modified:May 26 20:23:35 2010
MD5 Checksum:4bd84749b0a8d69ff082269bc52ca4c4

 ///  File Name: tenable-xss.pdf
Description:
Tenable Network Security suffers from cross site scripting vulnerabilities. They should really get some sort of scanner to check for these things.
Author:d3v1l
File Size:134203
Last Modified:May 28 16:57:44 2010
MD5 Checksum:ecd4fadf2e70e4d415f28d3903b08a89

 ///  File Name: MOPS-2010-012.pdf
Description:
Month Of PHP Security - PHP sqlite_single_query() Uninitialized Memory Usage Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Mateusz Kocielski
Homepage:http://www.php-security.org/
File Size:100533
Last Modified:May 10 22:04:56 2010
MD5 Checksum:aa12ff328dec0510ef39eac183277639

 ///  File Name: MOPS-2010-013.pdf
Description:
Month Of PHP Security - PHP sqlite_array_query() Uninitialized Memory Usage Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Mateusz Kocielski
Homepage:http://www.php-security.org/
File Size:100532
Last Modified:May 10 22:04:57 2010
MD5 Checksum:8f1d95e8d75d04df0c3b6e7c8ad3a7ca

 ///  File Name: MOPS-2010-031.pdf
Description:
Month Of PHP Security - An SQL Injection vulnerability was discovered in the user settings dialog of e107 that allows any user to become an admin easily. Versions 0.7.20 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:76232
Last Modified:May 25 17:38:51 2010
MD5 Checksum:80e955f1e398e050dc783afd88d7e583

 ///  File Name: MOPS-2010-035.pdf
Description:
Month Of PHP Security - It was discovered that access control to the [php] bbcode which allows executing PHP code is wrongly implemented in e107. This allows unauthenticated users to execute arbitrary PHP code easily. e107 versions 0.7.20 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:73511
Last Modified:May 25 18:15:53 2010
MD5 Checksum:4346bfb6d6ada1280a974af5e3c38c10

 ///  File Name: MOPS-2010-014.pdf
Description:
Month Of PHP Security - PHP ZEND_BW_XOR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:72236
Last Modified:May 10 22:04:58 2010
MD5 Checksum:54f5428f283bb9755f186f85a2c3673b

 ///  File Name: MOPS-2010-016.pdf
Description:
Month Of PHP Security - PHP ZEND_SR Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:71363
Last Modified:May 10 22:04:59 2010
MD5 Checksum:72ee1ada922e6ede446c924b32191d9e

 ///  File Name: MOPS-2010-028.pdf
Description:
Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_wrapper_open_url() function. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:71149
Last Modified:May 25 17:24:04 2010
MD5 Checksum:acdaf9ccac055cc91b5f298f13f30ec9

 ///  File Name: MOPS-2010-015.pdf
Description:
Month Of PHP Security - PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:71140
Last Modified:May 10 22:04:59 2010
MD5 Checksum:c0ef111f1139396f25d6844904f1801e

 ///  File Name: MOPS-2010-027.pdf
Description:
Month Of PHP Security - The new phar extension in PHP 5.3 contains several format string vulnerabilities in the internal phar_parse_url() function. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:70574
Last Modified:May 25 17:23:59 2010
MD5 Checksum:f462a1cdc1c6472c8d3b233582b1f2ec

 ///  File Name: MOPS-2010-019.pdf
Description:
Month Of PHP Security - Serendipity WYSIWYG Editor Plugin Configuration Injection Vulnerability. Versions 1.5.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:69994
Last Modified:May 10 22:05:02 2010
MD5 Checksum:3ac6ad61bfc977429b547f511a6972d8

 ///  File Name: MOPS-2010-009.pdf
Description:
Month Of PHP Security - PHP shm_put_var() Already Freed Resource Access Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:69508
Last Modified:May 10 22:04:53 2010
MD5 Checksum:c0f93b3aeb008f2cd175c2ff11fe23ed

 ///  File Name: MOPS-2010-020.pdf
Description:
Month Of PHP Security - Xinha WYSIWYG Plugin Configuration Injection Vulnerability. Versions 0.96 Beta 2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:69341
Last Modified:May 10 22:05:02 2010
MD5 Checksum:99c162db3f34e64da1fc142cbc9e0a32

 ///  File Name: MOPS-2010-025.pdf
Description:
Month Of PHP Security - The new phar extension in PHP 5.3 contains a format string vulnerability in the internal phar_wrapper_open_dir() function. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:68877
Last Modified:May 25 01:19:24 2010
MD5 Checksum:d0ac40b5cd3d8f7524dbc123581a6c67

 ///  File Name: MOPS-2010-024.pdf
Description:
Month Of PHP Security - The new phar extension in PHP 5.3 contains a format string vulnerability in the internal phar_stream_flush() function. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:68547
Last Modified:May 25 00:27:28 2010
MD5 Checksum:5b93e5818bcf5b0b9f8840853997dc2c

 ///  File Name: MOPS-2010-038.pdf
Description:
Month Of PHP Security - PHP's http_build_query() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:68257
Last Modified:May 25 23:19:30 2010
MD5 Checksum:174e7f2d708eed382f8512559f3fbdad

 ///  File Name: MOPS-2010-026.pdf
Description:
Month Of PHP Security - The new phar extension in PHP 5.3 contains a format string vulnerability in the internal phar_wrapper_unlink() function. PHP versions 5.3 through 5.3.2 are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:67912
Last Modified:May 25 01:22:59 2010
MD5 Checksum:19cb5a4deeb4170dcda854149e84b8d2

 ///  File Name: MOPS-2010-034.pdf
Description:
Month Of PHP Security - PHP's iconv_mime_encode() function can be abused for information leak attacks, because of the call time pass by reference feature. This vulnerability also demonstrates that fixing zend_parse_parameters() is not enough to kill some of these vulnerabilities. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:67606
Last Modified:May 25 18:10:05 2010
MD5 Checksum:9867aef6cb0e23eb7e1c90501a688b87

 ///  File Name: MOPS-2010-040.pdf
Description:
Month Of PHP Security - PHP's strtr() function can be abused for information leak attacks, similar to all the other interruption exploits. However the interruption is not triggered inside the zend_parse_parameters() function and therefore another fix is required. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:66939
Last Modified:May 25 23:25:13 2010
MD5 Checksum:07349a70c2ec4dae56e786408452609f

 ///  File Name: MOPS-2010-033.pdf
Description:
Month Of PHP Security - PHP’s iconv_substr() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:66362
Last Modified:May 25 18:05:07 2010
MD5 Checksum:1a1045191cfaa946584ed44708cbb48c

 ///  File Name: MOPS-2010-032.pdf
Description:
Month Of PHP Security - PHP’s iconv_mime_decode() function can be abused for information leak attacks, because of the call time pass by reference feature. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65929
Last Modified:May 25 17:42:04 2010
MD5 Checksum:8f24b17078f4235b786eab6a5ba37659

 ///  File Name: MOPS-2010-017.pdf
Description:
Month Of PHP Security - PHP preg_quote() Interruption Information Leak Vulnerability. PHP versions 5.2.13 and below and 5.3.2 and below are affected.
Author:Stefan Esser
Homepage:http://www.php-security.org/
File Size:65748
Last Modified:May 10 22:05:00 2010
MD5 Checksum:d2306775906d7a6c6caa0a2258c8f8d9