Microsoft Internet Explorer is prone to a use after free vulnerability caused by an object that was not properly allocated or is deleted.



This update adds support for additional target platforms.

This module exploits a buffer overflow in the Foxit Reader Plugin npFoxitReaderPlugin that is exposed when loading PDF files from remote hosts with overly long query strings within the URL.

This update modifies the description in the file header.

This module exploits a remote buffer overflow in Novell eDirectory by sending a malformed packet to the 524/TCP port.

This module exploits a remote PHP code injection vulnerability in Elastix PBX by uploading a renamed PHP file and leveraging a local file inclusion vulnerability to execute the PHP file. It also exploits a bad configuration in the /etc/sudoers file to elevate privileges from 'asterisk' user to 'root'.

BigAnt IM Server is prone to a buffer-overflow within AntDS.exe component when handling a specially crafted filename header.

The vulnerability is caused due to a boundary error in PrintControl.dll ActiveX control when processing the ServerResourceVersion property and can be exploited via an overly long string.

This module exploits a memory corruption vulnerability in Adobe Flash Player when parsing a specially crafted .SWF file, which can be leveraged to execute arbitrary code on vulnerable machines by convincing an unsuspecting user to visit a malicious web site.

This module exploits a privilege escalation vulnerability in Panda Internet Security.

Buffer overflow in the ISSymbol ActiveX control in ISSymbol.ocx in Advantech Studio allow remote attackers to execute arbitrary code via a long String argument in the InternationalOrder method.

This verions adds suppport for Internet Explorer 8 and 9 and Windows 7.