Can crash msn and execute commands
Windows has a buffer overflow vulnerability in the processing of embedded ICC Profiles
inside images (jpeg, tiff, etc…)
To test – create a jpeg in adobe photoshop and save it with the ICC checkbox enabled,
make sure you set it to RGB (that does not really matter, just so you can find which
bytes [...]

Posted in Windows Products No Comments »

Application: Skype for Linux
Version affected: < = 1.1.0.20
Vendor website : http://www.skype.com
Author: Giovanni Delvecchio
e-mail: badpenguin at zone-h.org
About Skype
==========
Skype is a free program that uses the latest P2P technology to bring affordable and high-quality voice communications to people all over the
world. It also provides a service of Instant Messaging.
More details: Insecure temporary file creation in Skype for [...]

Posted in Linux No Comments »

Desc: Invision PowerBoard 1.3.x – 2.x Privilege escalation through SQL injection
Risk: High
Invision PowerBoard exploit

Posted in Message Boards No Comments »

Go to /admin/login.asp and type in password field:
‘ or ”=’
Also in some version of ASPjar , Attackers can delete messages .
Go to /admin/delete.asp

Posted in Exploits and Bugs No Comments »

Severity: High
Title: MIT Kerberos 5: Multiple vulnerabilities
Date: July 12, 2005
Bugs: #98799
ID: 200507-11
- – – – – – – – – – – – – – – – – – – – – [...]

Posted in Exploits and Bugs No Comments »

Severity: High
Title: Dragonfly Shopping Cart Multiple vulnerabilities
Date: 11/07/2005
Vendor: DragonFly Shopping Cart
Vendor Website: http://www.incredibleinteractive.com/Active/dc_Productsview.asp?key=5
Summary: Vulnerabilities exist in Dragonfly Shopping Cart that allow modifiying of prices along with Sql injection vulnerabilities.
Proof of Concept Exploits:
Hidden Price Value Vulnerability
You can modify these fields to modify the price of the product and thus be able to purchase the biggest and [...]

Posted in Exploits and Bugs No Comments »