Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747. Date published : 2012-09-16 http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html
Cisco NX-OS 5.2 and 6.1 on Nexus 7000 series switches allows remote attackers to cause a denial of service (process crash or packet loss) via a large number of ARP packets, aka Bug ID...
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Banana Dance, possibly B.1.5 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) q or (2) category parameter. Date published...
SQL injection vulnerability in search.php in Banana Dance, possibly B.1.5 and earlier, allows remote attackers to execute arbitrary SQL commands via the category parameter. Date published : 2012-09-15 http://www.doyoubananadance.com/Program-News/Important-Notice-About-SQLi-Exploit http://packetstormsecurity.org/files/115772/Banana-Dance-CMS-B.2.1-XSS-SQL-Injection.html
Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450...
Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field in a bed...
Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and possibly StoryBoard Artist and StoryBoard Studio, allows remote attackers to execute arbitrary code via a long string in the string element field in a...
Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file....
Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execute arbitrary code via a long track name in an m3u playlist. Date published : 2012-09-15 http://www.exploit-db.com/exploits/18178 http://www.exploit-db.com/exploits/18195
SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWall ViewPoint 6.0 SP2 allows remote attackers to execute arbitrary SQL commands via the scheduleID parameter. Date published : 2012-09-15 http://www.securityfocus.com/bid/49906 http://www.securityfocus.com/archive/1/519983/100/0/threaded
SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2012-09-15 http://www.securityfocus.com/bid/49903 http://www.bananadance.org/Program-News/Minor-Update-and-New-Theme
Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code...
Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary code via a long string to the (1) USER, (2) PASS, (3) REIN, (4) QUIT, (5) PORT, (6) PASV, (7) TYPE,...
Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file. Date published : 2012-09-15 http://www.securityfocus.com/bid/39672...