The ginkgosnmp.inc PHP script in HP System Management Homepage is vulnerable to OS command injection.

This vulnerability allows remote authenticated attackers to execute arbitrary code on the affected machine with SYSTEM privileges.

Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 encodings that cause arbitrary heap data to be overwritten.

This update modifies the runtime value for this exploit.

An error in the way that Java implements dynamic binding can be abused to overwrite public final fields. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.



This update adds the CVE number to the exploit.

A Buffer Overflow exist in Mediacoder when parsing .LST files. The vulnerability is caused due to a boundary error in Mediacoder when handling .LST files beginning with http://, when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .LST file.

This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.



This update adds support to Windows 2003, Windows 2008 and Windows Vista

Google Sketchup fails to validate the input when parsing an crafted skp file with Pict texture, leading to an arbitrary stack offset overwrite and finally to an arbitrary code execution.

AudioCoder contains a buffer prone to exploitation via an overly long string. The vulnerability is caused due to a boundary error in AudioCoder when handling .m3u files beginning with http://, when the application tries to obtain a stream from an url. This can be exploited to cause a stack-based buffer overflow via a specially crafted .m3u file.

This module exploits a vulnerability in the Linux kernel. The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

This module exploits a vulnerability in win32k.sys when the EPATHOBJ::pprFlattenRec() doesn't initialize the pointer to the next memory chunk.



This update adds support to Microsoft Windows 8.

This module exploits a vulnerability in FreeBSD.



The FreeBSD virtual memory system allows files to be memory-mapped. All or parts of a file can be made available to a process via its address space.



The process can then access the file using memory operations rather than filesystem I/O calls. Due to insufficient permission checks in the virtual memory system, a tracing process (such as a debugger) may be able to modify portions of the traced process's address space to which the traced process itself does not have write access.