This exploit is a denial of service vulnerability in Linux. It is triggered by writing 'n' to the file descriptor of a process that is running 'sleep 1'. This causes the process to terminate, resulting in a denial of service.
Multiple cross-site scripting vulnerabilities (both stored and reflected) have been found in the web interface of Hyperic HQ, which can be exploited by an attacker to execute arbitrary JavaScript code in the context of the browser of a legitimate logged in user.
The “include file” SSI directive of html2ps does not check for directory traversal, allowing an attacker to include and disclose any file in the directory tree. The vulnerability requires that “ssi” in the @html2ps block in the html2psrc file is set to 1, which is the default.
Multiple security vulnerabilities have been identified with certain HP LaserJet printers, HP Color LaserJet printers and HP Digital Senders. The vulnerabilities could be exploited remotely by Cross Site Scripting (XSS). Multiple Linked Stored XSS vulnerabilities found in script support_param.html/config. Attacker can inject XSS in parameters 'Product_URL' and 'Tech_URL'. After applying support parameters configuration (parameter 'Apply') script code will inject in support page (support.htm).
This module exploits a stack buffer overflow in Free Download Manager 3.0 Build 844. Arbitrary code execution could occur when parsing a specially crafted torrent file.
I discovered a number of XSS and SQL Injection vulnerabilities in the application. These vulnerabilities could be exploited to make unauthorized changes to a web site or compromise a client accessing a site that utilizes the application. Details of the vulnerabilities are as follows: XSS File: index.php Variable: recordsPerPage Example: GET /index.php?action=loginsortField=poll_default&sortDesc=1&recordsPerPage=1>?><ScRiPt%20%0d%0a>alert(911)%3B</ScRiPt> Blind SQL/Xpath Injection File: index.php Variable: sortField Example: GET /index.php?action=loginsortField=poll_default+and+31337-31337=0&sortDesc=1&recordsPerPage=20 Blind SQL Injection (Timing) File: index.php Variables: sortField, sortDesc, pageNumber Example: GET /index.php?action=loginsortField=poll_default+and+sleep(3)%23&sortDesc=1&recordsPerPage=20
This exploit triggers a remote kernel crash on Win7 and server 2008R2 due to an infinite loop in KeAccumulateTicks() caused by an NT_ASSERT()/DbgRaiseAssertionFailure(). No BSOD is displayed, and the user must pull the plug to stop the crash.
The jet command in Dopewars 1.5.12 is vulnerable to a segmentation fault due to a lack of input validation. The exploit can be triggered by sending a crafted input to the application using the 'nc' command.
Attackers can exploit this issue by enticing an unsuspecting victim into following a malicious URI. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.
The Cisco ACE XML Gateway is a key component of the Cisco Application Control Engine (ACE) family of products. It brings application intelligence into the network and enables efficient deployment of secure, reliable, and accelerated Web service environments based on XML (Extensible Markup Language) and SOAP (Simple Object Access Protocol) using a shared network infrastructure. The ACE XML Gateway helps you to secure, manage, monitor, and accelerate an SOA. It provides a comprehensive set of features to secure and manage XML traffic and to accelerate XML-based applications.