Secunia Security Advisory - A vulnerability has been reported in TortoiseCVS, which potentially can be exploited by malicious people to compromise a user's system.
abeb478d83817f707e6e7da7e31dcd3f420db10ecbd36d7eb01529f4e414dec7Secunia Security Advisory - Colin Phipps has reported a vulnerability in catdoc, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
da205ab7f335e2cc51639d366d79aeae3bde8fc48eed6264bc8fa295258d9b1dGentoo Linux Security Advisory GLSA 200410-31 - Email virus scanning software relying on Archive::Zip can be fooled into thinking a ZIP attachment is empty while it contains a virus, allowing detection evasion.
2623e61baab34edd9c702613e81159a5c563b62dbda3c1bd21ed88cb2cc55649Secunia Security Advisory - Ziv Kamir has discovered a vulnerability in Cyber Web Filter, which can be exploited by malicious people to bypass certain security restrictions.
fa973fc63c033d4ea61bccaf3053ac6b62dab0dc60213975b3565109b245acc4It appears that the new Apache release 1.3.33 still is susceptible to a local buffer overflow discovered in htpasswd under release 1.3.31.
e6a9149037f4b1d66672b62767ea68f40b7ee59f1984ddb9aa2e324192efe4efMicrosoft Internet Explorer 6.0.2800.1106 and possibly earlier versions fail to properly handle links embedded within links, allowing for spoofing of target addresses.
7da3421a41e8b0ac88ad9c7662f72ec0ea3556d9a28bc76b6d137f677fd27af2Secunia Security Advisory - Andrew Nakhla has discovered a vulnerability in Apple Remote Desktop, which can be exploited by malicious users to gain root access on a vulnerable system.
85d9f76ff37293d5d50d230cfe7e4cfa2a63d003085dd41515fdd278773dbf18PHP4 cURL functions bypass open_basedir protection allowing users to navigate through the filesystem.
765016dae640f3bcadcb4d07c7fffcebbe55bd3c65241833d9335fe8ef0f2813Gentoo Linux Security Advisory GLSA 200410-30 - GPdf, KPDF and KOffice all include vulnerable xpdf code to handle PDF files, making them vulnerable to execution of arbitrary code upon viewing a malicious PDF file.
37d8a0de090ab75590e1883bb797ba812c0a2555a6b6148fd608d9234f590512Debian Security Advisory 574-1 - The upstream developers discovered a problem in cabextract, a tool to extract cabinet files. The program was able to overwrite files in upper directories. This could lead an attacker to overwrite arbitrary files.
fc4ac9837b143b972a1bcb9bb0d89273b2f8d3094c0a081df8b97ffeebd1a240A high risk vulnerability exists in Quicktime for Windows versions 6.5.2 and earlier.
e225e65e339978dc3071b9a5afce13c6687b3bd18967e4ff3e7c14bb2d873daaeEye Security Advisory - eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the player is running.
4228c29ddc8f4a770989a7a4523551435648a017959562fee57351d9d722789cMaster of Orion III versions 1.2.5 and below suffer from buffer overflow and allocation errors.
ff876d3954314db21a25e6da1cb8f530c0962204597ce6e7808b8f0024d379ccSecunia Security Advisory - A vulnerability has been reported in ImageMagick, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the EXIF parsing routine. This can be exploited to cause a buffer overflow via a malicious image file containing specially crafted EXIF information.
8715d7138e0a1afcb50b5318b61c96c373ce0df7259541e75860413034a6a339iDEFENSE Security Advisory 10.27.04 - Remote exploitation of a buffer overflow vulnerability in Simon Tatham's PuTTY can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on SSH2_MSG_DEBUG packets.
df688daac18818d72fcb49c9a410285b34da156af4509acd4f488baaf7beac1cKDE Konqueror 3.2.2-1 is susceptible to cross site scripting flaws.
e5b76811b57ff0415f7cefe4c0eba39cbed052df6432eb4dcac363b86a7d4310Secunia Security Advisory - A vulnerability has been reported in Horde Application Framework, which potentially can be exploited by malicious people to conduct cross-site scripting attacks.
21a8f64c43421710b104df637692afa1e23a8074c429ae36c2635b09edb21934Gentoo Linux Security Advisory GLSA 200410-27 - Buffer overflow vulnerabilities have been found in mpg123 which could lead to execution of arbitrary code. The flaws in the getauthfromURL() and http_open() functions have been reported by Carlos Barros. Additionally, the Gentoo Linux Sound Team fixed additional boundary checks which were found to be lacking.
d19d6e2e8821630d25f060dd2f72168a82e6d3ea1d05826d920fdab0dc15ee52Quake II version 3.2.x is susceptible to multiple vulnerabilities. Due to unchecked input at various stages in the server, remote users are able to cause the server to crash, reveal sensitive information or potentially execute arbitrary code.
aa196318fd4b9fd59881cfb79f905894a3974095c8a461f630b3f2b9e115a018Realplayer 10.5 permits execution of arbitrary code via a malformed skin.
b743a1d74b44fe7d8b975d6c7165caf91b93e5cc4d1f958f6e38c90fd2fdf13dPuTTY 0.56 fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it.
6665e8ecfa2ead715a3f5e65e4d4b2a25432c9051dca08b0ede08eb93fe32630HP Security Bulletin - A potential security vulnerability has been identified with HP Serviceguard running on HP-UX and Linux that may allow remote unauthorized privileges.
167d3c96e47585657c43ad7ec8d457955e1ad58f13124eb4596f791458793fdbzgv uses malloc() frequently to allocate memory for storing image data. When calculating how much to allocate, user supplied data from image headers is multiplied and/or added without any checks for arithmetic overflows. There are a total of 11 overflows that are exploitable to execute arbitrary code.
384321769122fcd48526d6ca52ea357c6591e42351db86b1769e1b9d247e3dd5A buffer overflow and two remote crashes were recently discovered in gaim's MSN protocol handler. An attacker could potentially execute arbitrary code with the user's privileges by crafting and sending a particular MSN message.
5ead7fe65eb992502164d98f2cb1d6f08423b64da5fe0968ece2c4f0d90cbba7Gentoo Linux Security Advisory GLSA 200410-23 - Multiple vulnerabilities have been found in Gaim which could allow a remote attacker to crash the application, or possibly execute arbitrary code.
b256226a83965d14697803beec897d977d3ec16e6b7268e3ec242dcef463c93f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed