A memory corruption bug exists in games based on the Unreal Engine. When the game client connects to a server using an excessive length Unreal URL, it may be possible for the malformed URL to overwrite sensitive areas of stack memory, causing the client to crash.
The history object in Opera 7 browsers on Windows exposes the properties history.next and history.previous, which can be used by any website to track a user's web surfing habits.
Division by zero vulnerability during the handling of the (.mov) files. That will trigger a denial of service condition.
Remote attackers can view directory contents and disclose the contents of files by exploiting the vulnerability in Apache Tomcat.
This exploit allows an attacker to add unlimited votes to a Joomla poll component regardless of php.ini settings. It works by manipulating the pollid and voteid parameters in the URL.
A vulnerability has been reported in several games that support the use of the GameSpy network. The vulnerability allows a game server to respond with overly large responses to a simple query by a client, which can result in the saturation of available network bandwidth. This can be exploited to launch denial of service attacks against other hosts and networks.
This module exploits a buffer overflow vulnerability found in the PORT command in Turbo FTP Server 1.30.823 & 1.30.826, which results in remote code execution under the context of SYSTEM.
This exploit allows an attacker to execute SQL commands on a Joomla site using the com_commedia component. The exploit takes advantage of a vulnerability in the component to bypass authentication and gain access to the database.
BitKeeper is vulnerable to an input validation bug. When the software is run in daemon mode, it starts a service with an interface that can be connected to via HTTP. By sending specially crafted input to the service, it is possible to execute arbitrary commands.
A format string vulnerability has been discovered in the Half-Life AdminMod plugin. The problem occurs in commands which call the selfmessage() function, which is used by other functions to write a message to the users console. The format string occurs when the System_Response() function is called by selfmessage() to log the administrative command. An 'rcon' authenticated user may be able to exploit this issue to overwrite sensitive locations in memory. Successful exploitation of this issue would allow an attacker to execute arbitrary commands with the privileges of the Half-Life server.
Services By CQR