Out projects:

WLB2 (World Laboratory of Bugtraq 2)

, CVEMAP (CVE Map), cIFrex (cIFrex Free Security Research Tool)
English Version
WLB2

CVE WLB2

WLB2
Full List
Bugs
Bogus
Tricks
Exploits
CVE MAP
Full List
Vendors
Products
Tools
CWE Dictionary
Google Hacking
Search
General
CVE
CWE
RSS
Full List
Bugs
Exploits
Dorks
Information
Our services
Add note
About
Submit

To add a note,

use this form

or send email to

submit@cxsecurity.com

When contacting via email, we recommend coded messages.

Get our PGP public key
[ Bugs ]   [ Exploits ]
World Laboratory of Bugtraq 2 [2012-05-17] WLB2RSS
[ Bogus ]   [ Tricks ]
High Risk

OpenOffice.org Memory Overwrite Vulnerability
17.05.2012
Kestutis Gudinav...
Medium Risk

OpenOffice.org Powerpoint Denial Of Service
17.05.2012
Sven Jacobias
High Risk

OpenOffice.org vclmi.dll Integer Overflow
17.05.2012
Tielei Wang
Medium Risk

FlashPeak SlimBrowser 6.0.1.38 Denial Of Service
17.05.2012
demonalex
Low Risk

Unijimpe Captcha Cross Site Scripting
17.05.2012
Daniel Godoy
Low Risk

Drupal Aberdeen 6.x Cross Site Scripting
17.05.2012
Jakub Suchy
High Risk

Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass
17.05.2012
Steven Jones and...
High Risk

Drupal Post Affiliate Pro 6.x Cross Site Scripting / Access Bypass
17.05.2012
Lee Rowlands
Low Risk

Drupal Advertisement 6.x Cross Site Scripting
17.05.2012
Andrew Berry
High Risk

Drupal Ubercart Product Keys 6.x Access Bypass
17.05.2012
Daniel Glucksman
Low Risk

Drupal Smart Breadcrumb 6.x Cross Site Scripting
17.05.2012
coltrane
High Risk

Linux Kernel 3.3.x <= 3.3.4 Buffer overflow in HFS plus filesystem
16.05.2012
Timo Warns
High Risk

Artiphp CMS 5.5.0 DB Backup Disclosure Exploit
16.05.2012
Gjoko 'LiquidWor...
Low Risk

Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities
16.05.2012
Gjoko 'LiquidWor...
Low Risk

backupDB() v1.2.7a (onlyDB) Remote XSS Vulnerability
16.05.2012
Gjoko 'LiquidWor...
Low Risk

phpThumb() v1.7.11 (dir & title) Cross-Site Scripting Vulnerability
16.05.2012
Gjoko 'LiquidWor...
[ CVE Products ]
CVEMAP [2012-05-18] WLB2RSS
[ CVE Vendors ]
Medium Risk  
 
[ CVE-2011-3637 ]
Linux kernel
  
The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.
Medium Risk  
 
[ CVE-2011-4097 ]
Linux kernel
  
Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termin...
Medium Risk  
 
[ CVE-2011-4112 ]
Linux kernel
  
The net subsystem in the Linux kernel before 3.1 does not properly restrict use of the IFF_TX_SKB_SHARING flag, which allows local users to cause a denial of service (panic) by leveraging the CAP_NET_...
High Risk  
 
[ CVE-2011-4131 ]
Linux kernel
  
The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial of service (OOPS) by sending an exc...
Medium Risk  
 
[ CVE-2011-4326 ]
Linux kernel
  
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial o...
Medium Risk  
 
[ CVE-2011-4594 ]
Linux kernel
  
The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an inco...
Medium Risk  
 
[ CVE-2011-4611 ]
Linux kernel
  
Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhand...
Medium Risk  
 
[ CVE-2011-4621 ]
Linux kernel
  
The Linux kernel before 2.6.37 does not properly implement a certain clock-update optimization, which allows local users to cause a denial of service (system hang) via an application that executes cod...
CVE related WLB2

High Risk
 CVE-2012-2149
OpenOffice.org Memory Overwrite Vulnerability
 
Medium Risk
 CVE-2012-2334
OpenOffice.org Powerpoint Denial Of Service
 
High Risk
 CVE-2012-1149
OpenOffice.org vclmi.dll Integer Overflow
 
High Risk
 CVE-2012-2319
Linux Kernel 3.3.x <= 3.3.4 Buffer overflow in HFS plus filesystem
 
High Risk
 CVE-2012-0671
Apple Quicktime .pct Parsing Memory Corruption
 
Low Risk
 CVE-2012-2629
Axous 1.1.1 Cross Site Request Forgery / Cross Site Scripting
 
Medium Risk
 CVE-2011-3659
Firefox 8/9 AttributeChildRemoved() Use-After-Free
 
Low Risk
 CVE-2012-2371
WordPress WP-FaceThumb Gallery 0.1 Cross Site Scripting
 
CWE related WLB2

Low Risk
CWE-79
 		 Unijimpe Captcha Cross Site Scripting

Low Risk
CWE-79
 		 Drupal Aberdeen 6.x Cross Site Scripting

High Risk
CWE-79
 		 Drupal Hostmaster 6.x Cross Site Scripting / Access Bypass

High Risk
CWE-79
 		 Drupal Post Affiliate Pro 6.x Cross Site Scripting / Access Bypass

Low Risk
CWE-79
 		 Drupal Advertisement 6.x Cross Site Scripting

Low Risk
CWE-79
 		 Drupal Smart Breadcrumb 6.x Cross Site Scripting

Low Risk
CWE-79
 		 Artiphp CMS v5.5.0 Multiple XSS POST Injection Vulnerabilities

Low Risk
CWE-79
 		 backupDB() v1.2.7a (onlyDB) Remote XSS Vulnerability
Dorks

Low Risk
 Unijimpe Captcha Cross Site Scripting
allinurl: "captchademo.php...
 
Medium Risk
 TunInfo SQL Injection
inurl:"/sejour-destination...
 
Medium Risk
 NTDS WebStudio SQL Injection
inurl:"/pacotes.php?pagina...
 
Medium Risk
 Vallarta Web Services SQL Injection
inurl:"/realestate_listing...
 
Low Risk
 Sockso 1.51 Cross Site Scripting
inurl:"4444" sockso
 
High Risk
 eLearning Server 4G Remote File Inclusion / SQL Injection
intitle:"eLearning Server...
 
Low Risk
 X7 Chat 2.0.5.1 Cross Site Request Forgery
intitle:"Chat Room" "Pow...
 
Low Risk
 Andromeda Streaming MP3 Server 1.9.3.6 Cross Site Scripting
"powered by andromeda vers...
 
Medium Risk
 Bagler CMS Cross Site Scripting / SQL Injection
inurl:"/baglercms.php?arti...
 

 

Copyright 2012, cxsecurity.com