This archive contains all of the 127 exploits added to Packet Storm in June, 2014.
2c02e4f5eb7068baf2ad6bbbb22ced25a436d4f0acc4e7aeab31586717be6a8f
Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) resulting in stack overflow via nested calls to the window.print javascript function.
1648d8f4e73ede106fecb1b26df6c6ee26b52192d6775810b994868fb4f449ed
IBM Algorithmics RICOS versions 4.5.0 through 4.7.0 suffer from cross site scripting, cross site request forgery, information disclosure, data manipulation, broken encryption, and various other vulnerabilities.
945e5852d35d3f39d7bede3cae55f9fa93875250647822bf399c4895974db9cc
Gitlist versions 0.4.0 and below suffer from a remote code execution vulnerability.
00b7d366435cf917c8e9dd552a46f3409e889e65dde7d0753735ef2ebe2b6d00
WordPress Theme My Login plugin version 6.3.9 provides access to arbitrary files and could facilitate arbitrary code execution.
4c53920b98114515bc1f2346def95625fb01546704b44a6a30f469a4f29a1dea
Horde Framework unserialize PHP code execution exploit ported from Metasploit.
04bad0cd117b528d51842d12d0392390ff0e881a1fefd2c2400c4065f7fcbcbe
Nagios Plugins versions 2.0.2 suffer from a race condition in check_dhcp.
34515f9830172588d1778328a6fadb3d5847b8aa2cf072dc6aece33dec8c2b8e
Flussonic Media Server version 4.3.3 suffers from arbitrary file read and directory listing disclosure vulnerabilities.
323b1fc3337a1dd3bd64a5229229ef28f3d15ffc3c6d97910cf8661a9869059b
This module logs in to an Oracle GlassFish Server version 3.1 (Open Source or Commercial) instance using a default credential, uploads, and executes commands via deploying a malicious WAR.
6851a13991f49b0af3c5d0392bce666a0aa6af8ebe6ee9b821d2b10ab549425e
WordPress Blogstand Smart Banner plugin version 1.0 suffers from a cross site scripting vulnerability.
cea022d55ffed5b68965595427bf03deda620745cdb218ae892f0b98c6916a58
WordPress Easy Banners plugin version 1.4 suffers from a cross site scripting vulnerability.
028ce6555feac11a21c6a4c716b8bef856667894d5c2bd4171b89e010e8711c5
WordPress Random Banner plugin version 1.1.2.1 suffers from a cross site scripting vulnerability.
e8a222f00b2cb3c827d697cdf2819d9c4faa1ca71c06198bca0754f355c5833d
WordPress Custom Banners plugin version 1.2.2.2 suffers from a cross site scripting vulnerability.
c1385a981071b663fed344d722eddf7f5c270733c32e580c19f7c1ec13361380
Wordpress Bannerman plugin version 0.2.4 suffers from a cross site scripting vulnerability.
bf0c15829a7d36b2a5e96affd7487c23503c5a385af93312ea99b95382b97ddd
openSIS versions 4.5 through 5.3 suffer from a cross site request forgery vulnerability.
96832a560f3345db5869ead3d9a4399ba56b10f031249cff0743758a495d3da1
openSIS versions 4.5 through 5.3 suffer from a remote SQL injection vulnerability.
8567a5a673df813aeb01e01a3d9699bcd77e17a5d47d74efa6189141886beb0c
All versions of Reportico prior to version 4.0 leak administrative credentials.
bd1450f20357956964a7bd5ecdd048add4ad38d1adb05a2e8bd7b0372ebd710a
Wordpress ml-slider plugin version 2.5 suffers from a cross site scripting vulnerability.
139a4937e131843a2e87109d4a988f4dbfef2b7b634e0ffe77c5a422ab9d0b2a
Wordpress wp-construction-mode plugin version 1.8 suffers from a cross site scripting vulnerability.
7f6290f0e295a7d51dfcfc01cc96547945dc28fd594a0d36af609195dfa4d121
ZeroCMS version 1.0 suffers from a cross site scripting vulnerability.
feb6f6569634fb81cbb6803d7135c6a39dc36b0b93cab1a91415bc1bedadc704
LinkedIn suffered from a cross site request forgery vulnerability.
8e1a2fb106e3b781251ccf3ce81d2d5a89ef8abfb000cab08a05481218d5a170
This Metasploit module exploits a code execution flaw in HP AutoPass License Server. It abuses two weaknesses in order to get its objective. First, the AutoPass application doesn't enforce authentication in the CommunicationServlet component. On the other hand, it's possible to abuse a directory traversal when uploading files thorough the same component, allowing to upload an arbitrary payload embedded in a JSP. The module has been tested successfully on HP AutoPass License Server 8.01 as installed with HP Service Virtualization 3.50.
dd2fd87c80023443848e47bf145fc594ce2617436c0759a85eb64c8248dbcdb7
This Metasploit module abuses a process creation policy in the Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity. The problem exists in the .NET Deployment Service (dfsvc.exe), which can be run as Medium Integrity Level. Further interaction with the component allows to escape the Enhanced Protected Mode and execute arbitrary code with Medium Integrity.
566f2c34ce894a344de48e60acdf38825db4478f6732a3bdd3039b0e32d1cda3
This Metasploit module exploits a vulnerability in Internet Explorer Sandbox which allows to escape the Enhanced Protected Mode and execute code with Medium Integrity. The vulnerability exists in the IESetProtectedModeRegKeyOnly function from the ieframe.dll component, which can be abused to force medium integrity IE to user influenced keys. By using registry symlinks it's possible force IE to add a policy entry in the registry and finally bypass Enhanced Protected Mode.
c9f9dc448204fe8efbcb3d05352d9e8dff208d0ff120536098d4e6f8b8305895
The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root.
01a64b6c75c2c538d377c20d172e63cd36ed7553c62d8c8bc2aab7496757c955