Category Archive for "Abysssec"

MOAUB #30 – Microsoft Unicode Scripts Processor Remote Code Execution (MS10-063)

muts
Abysssec Research 1) Advisory information Title Microsoft Unicode Scripts Processor Remote Code Execution (MS10-063) Version usp10.dll XP, Vista Analysis http://www.abysssec.com Vendor http://www.microsoft.com Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec CVE CVE-2010-2738 2) Vulnerable version Microsoft...
Read More

MOAUB #30 ASPMass Shopping Cart Vulnerability File Upload CSRF

muts
Abysssec Research 1) Advisory information Title ASPMass Shopping Cart Vulnerability File Upload CSRF Affected ASPMass Shopping Cart 0.1 Discovery www.abysssec.com Vendor http://www.joenasejes.cz.cc Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec 2) Vulnerability Information Class CSRF Impact...
Read More

MOAUB #29 – Microsoft Excel SxView Record Parsing Memory Corruption

muts
Abysssec Research 1) Advisory information Title Microsoft Excel SxView Record Parsing Memory Corruption Version Excel 2002 SP3 Analysis http://www.abysssec.com Vendor http://www.microsoft.com Impact High Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec CVE CVE-2010-1245 2) Vulnerable version Microsoft Open...
Read More

MOAUB #28 – AtomatiCMS Upload Arbitrary File Vulnerability

muts
Abysssec Research 1) Advisory information Title AtomatiCMS Upload arbitrary file Vulnerability Affected AtomatiCMS 10_all Discovery www.abysssec.com Vendor http://www.atomaticsoftware.com Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec 2) Vulnerability Information Class File Upload Impact Exploiting this issue...
Read More

MOAUB #28 – JE CMS 1.0.0 Bypass Authentication by SQL Injection Vulnerability

muts
Abysssec Research 1) Advisory information Title JE CMS 1.0.0 Bypass Authentication by SQL Injection Vulnerability Affected JE CMS <= 1.0.0 Discovery www.abysssec.com Vendor http://www.joenasejes.cz.cc Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec 2) Vulnerability Information Class...
Read More

MOAUB #27 – Microsoft Internet Explorer MSHTML Findtext Processing Issue

muts
Abysssec Research 1) Advisory information Title Microsoft Internet Explorer MSHTML Findtext processing issue Analysis http://www.abysssec.com Vendor http://www.microsoft.com Impact Medium Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec CVE CVE-2010-2553 2) Vulnerable version Internet explorer 6 Internet explorer 7...
Read More

MOAUB #27 – ndCMS Sql Injection Vulnerability

muts
Abysssec Research 1) Advisory information Title ndCMS Sql Injection Vulnerability Affected ndCMS(Nickel and Dime CMS) v0.4rc1 Discovery www.abysssec.com Vendor http://souurceforge.net/projects/ndcms-net Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec 2) Vulnerability Information Class SQL Injection Impact Exploiting...
Read More

MOAUB #26 – Microsoft Cinepak Codec CVDecompress Heap Overflow (MS10-055)

muts
Abysssec Research 1) Advisory information Title Microsoft Cinepak Codec CVDecompress heap overflow (MS10-055) Version iccvid.dll XP SP3 Analysis http://www.abysssec.com Vendor http://www.microsoft.com Impact High Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec CVE CVE-2010-2553 2) Vulnerable version Microsoft Windows...
Read More

MOAUB #26 – Zenphoto Config Update and Command Execute Vulnerability

muts
Abysssec Research 1) Advisory information Title Zenphoto config update and command execute Vulnerability Affected Zenphoto <= 1.3 Discovery www.abysssec.com Vendor http://www.zenphoto.org Impact Critical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec 2) Vulnerability Information Class Remote Config Update...
Read More

MOABU #25 – Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

muts
Abysssec Research 1) Advisory information Title Mozilla Firefox CSS font-face Remote Code Execution Vulnerability Version Firefox Discovery http://www.abysssec.com Vendor http://www.mozilla.com Impact Ciritical Contact shahin [at] abysssec.com , info [at] abysssec.com Twitter @abysssec CVE CVE-2010-2752 2) Vulnerable version Ubuntu Ubuntu Linux...
Read More