xorg-x11-server Local Privilege Escalation
Posted by deepcore under exploit (No Respond)
xorg-x11-server versions prior to 1.20.3 local privilege escalation exploit.
Archive for October, 2018
xorg-x11-server Local Root
Posted by deepcore under exploit (No Respond)
xorg-x11-server versions prior to 1.20.3 local root exploit.
Linux systemd Line Splitting
Posted by deepcore under exploit (No Respond)
Linux has an issue with systemd where overlong input to fgets() during reexec state injection can lead to line splitting.
Linux systemd Symlink Dereference Via chown_one()
Posted by deepcore under exploit (No Respond)
Linux suffers from an issue with systemd where chown_one() can dereference symlinks.
Libtiff Decodes Arbitrarilly-Sozed JBIG Into A Target Buffer
Posted by deepcore under exploit (No Respond)
libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size.
Open STA Manager 2.3 Arbitrary File Download
Posted by deepcore under exploit (No Respond)
Open STA Manager version 2.3 suffers from an arbitrary file download vulnerability.
Quick Count 2.0 SQL Injection
Posted by deepcore under exploit (No Respond)
Quick Count version 2.0 suffers from a remote SQL injection vulnerability.
MPS Box 0.1.8.0 Arbitrary File Upload
Posted by deepcore under exploit (No Respond)
MPS Box version 0.1.8.0 suffers from an arbitrary file upload vulnerability.
PHPTPoint Mailing Server Using File Handling 1.0 Arbitrary File Read
Posted by deepcore under exploit (No Respond)
PHPTPoint Mailing Server Using File Handling version 1.0 suffers from an arbitrary file read vulnerability.
Oracle Hyperion Planning 11.1.2.4 Cross Site Scripting
Posted by deepcore under exploit (No Respond)
Oracle Hyperion Planning version 11.1.2.4 suffers from a cross site scripting vulnerability.