Secunia Research Advisory - A vulnerability has been identified in Net-SNMP that is caused due to an unspecified error. This reportedly makes it is possible for a user or community to gain access to data in MIB objects that they explicitly have been restricted from accessing.
75b4a2a5da5d69c52c7ff2aa190ab3025cf4c580fd544d378b42cf0c27d80e72Secunia Research Advisory - KokeshCMS 0.2 and below has a content editing vulnerability where the edit.php included with it does not force a remote user to be authenticated.
1ba33b1e220ef0cdd0c44479f4e3c8071fb35e31ab2440839c370ecbe0ba93e4RedHat Security Advisory - New GtkHTML packages have been released that fix a vulnerability discovered by Alan Cox. The problem discovered allowed certain malformed messages to cause the Evolution mail component to crash due to a null pointer dereference in the GtkHTML library.
687951c367693bd2cc06136f6a39fdbddaad047dbee9294ec0328820e048e077Debian Security Advisory DSA 378-1 - Two vulnerabilities have been found in the Mah-Jong server version 1.4 and below. One enables a remote attacker to gain privileges of the user running the server while the other leads to a denial of service.
e161375ef6c09ff61f2b741e2582fbe332bd1e3fe1defc1ddc1487c6dd51bda2Secunia Security Advisory - b2evolution versions 0.8.2 and prior have been found vulnerable to cross site scripting and SQL injection attacks.
59a5b8a155051613d73dfe8647ac6f7c5dac547fe83ce6caad2ad5b13bf62dbfSecunia Research Advisory - OSSIM, or Open Source Security Information Management, version 0.x is vulnerable to multiple SQL injection attacks.
8314c356a3099a783137c34457c8be16febc4795cee9980efdebc73d5864b4d5MyServer 0.4.3 is vulnerable to a denial of service attack when a malicious payload is sent to the web server.
18a96487b52cee3084b1e1ffafcc979a14878ee6126a4e71869ff7c8fa0610e0Winamp 2.91 uses a default plugin called IN_MIDI.DLL used to play MIDI files. Version 3.01 and below for this plugin lets an attacker execute code by simply setting the "Track data size" value of a MIDI file to 0xffffffff.
2fc9611bfeadcb58fcff68ffdc0d8096baf4de99bb06c1985fae64101ac4c175Conectiva Security Advisory CLA-2003:736 - Stunnel v3.25 and below is vulnerable to two denial of services attacks. A race condition exists in handling of the SIGCHLD signal and a file descriptor leak allows a local attacker to hijack the server.
1cf728e386cb8898872bdc731824de89264bb5babd2198ae576289a98c7dffaeISS Server Sensor version 7.0 XPU 20.16 and 7.0 XPU 20.18 are vulnerable to a denial of service attack when a properly malformed URL is submitted via SSL to the underlying Microsoft IIS server causing it to shut down.
cf59a86c78129d05f3e03a7951390576cc8459296c094f26713223ffb646f0e0Scan Associates Sdn Bhd Security Advisory - A buffer overflow vulnerability has been discovered in Foxweb 2.5 for Microsoft Windows that will allow a remote attacker to execute commands as the web server id.
1437120ee0c894dc2a4177fb6df3c7840922cfbe2b2abd05c1f3f8d85c291ae3Atstake Security Advisory A090403-1 - The Asterisk software PBX has a flaw in its SIP protocol implementation that could allow an attacker to obtain remote and unauthenticated access to the system.
e061dbc54a00034594ef6c63ace2f2be44df7efdf3eda421fd1ced83e4fab944fetchnews, the NNTP client from leafnode, suffers from a possible denial of service vulnerability that can be triggered via malformatted Usenet news articles. Affected version: 1.01.
7942d464cd35c3cc8520ff12dc5a2bdaa10ee01de0f4d9457c7d2142218dcc81STG Security Advisory SSA-20030902-04: A control vulnerability exists in Wrapsody Viewer version 3.0 that allows a malicious user to bypass the copy and paste restriction.
708e5c36a624c352569629ea7c63257c01c3681b06721bf4d3d4fa7c4980d409The Visual Basic Design Time Environment library (VBE.DLL and VBE6.DLL), used by the Microsoft Office series and other Microsoft applications, contains an exploitable heap overflow vulnerability. If a malicious Office file such as .doc, .xls, etc. is opened, there is the ability for an attacker to execute arbitrary code. This buffer overflow bug also affects Internet Explorer, because some Office files are executed automatically by a helper-application when these files are received. Systems Affected: Microsoft Access 97/2000/2002, Excel 97/2000/2002, PowerPoint 97/2000/2002, Project 2000/2002, Publisher 2002, Visio 2000/2002, Word 97/98(J)/2000/2002, Works Suite 2001/2002/2003, Business Solutions Great Plains 7.5, Business Solutions Dynamics 6.0/7.0, Business Solutions eEnterprise 6.0/7.0, Business Solutions Solomon 4.5/5.0/5.5.
9e5f80b9bc14a6f7598d5bb35cf2dd5cd9f097f59982f22db987246519d4d267The Microsoft Word WordPerfect document converter included in Microsoft Word has a buffer overflow bug. If the WordPerfect document converter is installed, which by default it is in Office 2000, and a malicious .doc file is opened, there exists the ability for an attacker to execute arbitrary code.
01b4f751a89cd097f31a7c747ac7d0760d2324742380f9b6d7d7acc6daac7241
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed