Secunia Security Advisory - rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
8671cdfba5a1d649a9245090c2fd2a6c2c9ffc2c65d09094ed268ee04fb00744
Secunia Security Advisory - Some vulnerabilities have been reported in libXfont, which can be exploited by malicious, local users to gain escalated privileges.
2ce0d436ab1cfc0105249143db57a5088260f5c1bc175cd0e337a24320be8411
Secunia Security Advisory - A security issue has been reported in AlphaMail, which can be exploited by malicious, local users to disclose certain sensitive information.
1b749dbde3c661a6e2bfff57f6616186838d41a365693773f39eed844b1c6dab
Secunia Security Advisory - Ubuntu has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS (Denial of Service).
8302385a700fa7cd9e434645dfd16f69cd3a7ba34a8d5affebe28d8cb28ca120
Secunia Security Advisory - Some vulnerabilities have been discovered in webSPELL, which can be exploited to by malicious people to disclose certain sensitive information and conduct SQL injection attacks.
0184b355645a9be994055913c6bf2ba9f0e17d9f983599bbb57060e89e872837
Secunia Security Advisory - CeNGiZ-HaN has reported a vulnerability in Vitrax Premodded, which can be exploited by malicious people to compromise a vulnerable system.
ed3aec8673ea554898a472fee515fa5214c3edc59b6efcbedd0f53147e900e96
Secunia Security Advisory - Red Hat has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
f19ae906e38bbd2f9fe2b5ca2dbe5f58679a518769094b6bf520c4b45fe14517
Secunia Security Advisory - Some vulnerabilities have been reported in XFree86, which can be exploited by malicious, local users to gain escalated privileges.
ca8d54b47f3d4d608b31a079a0c0dea8a487dcd372f7b9e3658f4088fd7ad028
Secunia Security Advisory - SHiKaA has reported a vulnerability in p4CMS, which can be exploited by malicious people to compromise a vulnerable system.
176590fd4f4898ec486733f1662e911b026a7086d41f76d184a4f3fbc3bf295d
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
ea1c441d4143aa10a8cea4ef9c5ea8db4ed4e985ac12634c0cbfa3738e7f0095
Secunia Security Advisory - Ubuntu has issued updates for libxfont / xorg. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
7f2e835549c166cecde4ef5df890284301ef79d5380eea7c88b9107e5f5f03d7
Secunia Security Advisory - NR Nandini has reported some vulnerabilities in PHP Event Calendar, which can be exploited by certain malicious users to conduct script insertion attacks.
49cc03799891d895030c211e1d36fc7f79ba60b287b3cbad104150ded23e7eae
Secunia Security Advisory - Some vulnerabilities have been reported in Moodle, which can be exploited by malicious people to disclose potentially sensitive information, and conduct cross-site scripting and SQL injection attacks.
05623b076a2c5b9c6bf0bb83c1f37343544d881409efefeaf49071806d6b779b
Secunia Security Advisory - Red Hat has issued an update for XFree86. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
3786f4ef9e7a609a986182ce4dd791fb36e71d1592b09209a253f5087cc00153
Secunia Security Advisory - Two vulnerabilities have been reported in ColdFusion, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).
bce0081e83f22a96f8cc04689f3c5ee21f7726c4b3f158cfb45dcf08e99aa8ce
This program exploits a design flaw in the Nokia mobile phones to remove the Phone Lock protection. The program was tested on the Nokia 6630 and the Nokia 6680. The program should work on any other Symbian based mobile phones (including Sony Ericsson and all modern Nokia phones amongst others). This tool does not remove the sim-lock.
c72774c2baaee67ee772961f2d4a822b6f50ba01987a154ae6eb67d5df242574
eEye Digital Security has discovered a second heap overflow vulnerability in the MS06-042 cumulative Internet Explorer update that would allow an attacker to execute arbitrary code on the system of a victim who attempts to access a malicious URL. Windows 2000, Windows XP SP1, and Windows 2003 SP0 systems running Internet Explorer 5 SP4 or Internet Explorer 6 SP1, with the MS06-042 patch applied, are vulnerable; unpatched and more recent versions of Internet Explorer are not affected.
69775c157322e3ccfd4e271a49bc2f9a19813713532ec62e509a70315569839c
Secunia Security Advisory - A vulnerability has been reported in ColdFusion, which can be exploited by malicious people to conduct cross-site scripting attacks.
a0e23465f6fc1c537a88d0b2f7411f18cb1a3d0dd7fac869842a57d22ff2daf2
iDefense Security Advisory 09.12.06 - Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability specifically exists in the 'CIDAFM()' function of the code responsible for handling AFM (Adobe Font Metrics) files. The number of character metrics is obtained from the "StartCharMetrics" line of an AFM file and that value is then multiplied by the size of a single character metric record in order to calculate the space required to store the metrics. If the result of the multiplication is larger than the largest value that can be held in an integer, the amount actually allocated will be much smaller. Following this, the function attempts to read as many metric records as were specified on the line into that memory. As the contents of the file can be specified by a local user, and as the function will stop reading if an error is detected in the input, a controlled heap overflow may occur which may allow the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in the X.org server version 6.8.2. Analysis of the source code for the current versions of the X.org and XFree86 servers indicates that current versions of both are vulnerable. Previous versions may also be affected.
ccf0dcb5b2cc8f9cd3b72c293e18629f9e83a0828d271c1333b0a60f54d0c4f7
iDefense Security Advisory 09.12.06 - Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability specifically exists in the handling of 'CMap' and 'CIDFont' font data. When parsing this information no checks are made that the count of items for the 'begincodespacerange', 'cidrange' and 'notdefrange' sections. In addition to a 'standard' integer overflow, the implementation of 'vm_alloc()' makes it possible to overwrite memory before the allocated region. iDefense has confirmed the existence of this vulnerability in the X.org server version 6.8.2. Analysis of the source code for the current versions of the X.org and XFree86 servers indicates that current versions of both are vulnerable. Previous versions may also be affected.
4d74767cdac26a116625a421d22fcff82253e08020f34d4b5b6bb44d5101c947
iDefense Security Advisory 09.12.06 - Remote exploitation of a heap-based buffer overflow in Apple Computer's QuickTime Player could allow attackers to execute code under the privileges of the affected application. A FLIC file is an animation file consisting of a number of frames, each of which is made up of an image and may contain other information such as a palette or a label. The vulnerability specifically exists in the handling of the COLOR_64 chunk in FLIC format files. QuickTime does not validate that the data size allocated to store the palette is large enough, allowing a malformed file to cause controllable heap corruption. iDefense Labs confirmed that version 7.1 of the QuickTime player is vulnerable. It is suspected that all previous versions are also affected.
8bcabb0d8beb068b97d485b6166612603ed049aad375daf5647a8eed72680052
Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
e58a2413da429eb2000ad56b2ae2e991399c730ac3aaa6967f6b7bdb7a8f48ec
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a vulnerable system.
8efde8b7c11c74e2c1584912b1b642eab122e221e2ab0e31f9c1eefbe55c5c9e
Apple QuickTime versions 7.1.3 and below suffers from a flaw where a carefully crafted H.264 movie can trigger an integer overflow allowing for arbitrary code execution.
6c090024f18a7c46674718dc456d8725aec97dea0295516493942ab00ae11cef
The Apple QuickTime Player H.264 Codec suffers from a remote integer overflow.
5ea34f1a02017755ab163173409e709d33150801387d77325edd97397697b054