Secunia Security Advisory - HP has acknowledged a vulnerability in the Java Runtime Environment software for HP-UX, which can be exploited by untrusted applets to gain escalated privileges on a vulnerable system.
8a1f0dd9976436d8006d7b9f61d29202c89299f1c3e00c4d3e5f5d17bc776f75Secunia Security Advisory - HP has acknowledged a vulnerability in HP CIFS Server, which can be exploited by malicious users to access arbitrary files and directories.
c5f938975f08469002f4c6ad60ebbf43cb6a34091c3291745ffdc2bba25e0b72Secunia Security Advisory - A vulnerability has been reported in Gaim, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the handling of MSN SLP messages. This can be exploited to cause a buffer overflow by supplying a specially crafted sequence of MSN SLP messages.
a445e88daa8f998fa4d71dba317f2414590f8caba3490b4e5a9c86da9b13ce1fSecunia Research Advisory - Multiple browsers suffer from multiple vulnerabilities. It is possible for a inactive tab to spawn dialog boxes e.g. the JavaScript Prompt box or the Download dialog box, even if the user is browsing/viewing a completely different web site in another tab. It is also possible for an inactive tab to always gain focus on a form field in the inactive tab, even if the user is browsing/viewing a completely different web site in another tab.
256a9cf72b138de62766e62d9cf3c869c5b78f2856b27be8a21cff2091527c98Technical exercise demonstrating the enormously elaborate methods required to defeat the current security mechanisms in place in both Microsoft Windows XP SP2 and Internet Explorer 6.00 SP2 fully patched.
6fb0a58cc4a94db5f5ff84d35499da125dd5fa0ff5907d7c79123a8216912a11Netscape.net Webmail is susceptible to a cross site scripting attack.
9b1f9e465e7432d50eb6a8447f25d19cc5a5eca1095f5f58d2e8c658a7225e7cAOL Webmail suffers from cross site scripting flaws.
aa11806659a7b31d1900f61f5ac6a0d36b32706fdcc06cc4aae18348d7972568Due to a mishandling of malformed streams, Vypress Tonecast versions 1.3 and below suffer from a denial of service vulnerability.
d3a7fe0efbddaae4a3879f2a9ee50f3d27c512f6f0a410cc2667ec3bcbe9c395Google's custom websearch does not prevent javascript from being inserted into the url of the image, allowing malicious users to modify the content of the google page allowing in phishing attacks, or silently steal search terms/results/clicks or modify actual searches to always contain controlled results.
d9c65461a1497fbc4f6cd40c0919403531daf6ed450070d82214e35566cf98a1An attacker can bypass native Lotus Notes HTML encoding in a computed value by adding square brackets to the beginning and end of a field of the following types computed, computed for display, computed when composed or a computed text element, Injecting HTML and JavaScript as desired.
9a7f30ad0770b3d630b3e6ee62d6e44a413988b48b90cf3a0cff46fcc0ad1239The mod_include module in Apache 1.3.31 is susceptible to a buffer overflow that allows for arbitrary code execution.
055d7f5955acdb2a54ae5d8fe0303663f38e57ee7640eff8edfe63a8e6520dedSecunia Security Advisory - Zero X has discovered a vulnerability in Anaconda Foundation Directory, which can be exploited by malicious people to disclose sensitive information.
a0ef54041ecd40b594594451a9f47586ee72cb9b5e627aac0c5b818874730b9dSecunia Security Advisory - A vulnerability has been reported in cabextract, which potentially can be exploited to overwrite arbitrary files on a vulnerable system.
7f5bdbb6f9617ddce32f0cc8102893ce32e02bff274fb769e7bb9ab35e988032Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in PBLang 4.x.
1aa89cbcc4ff2cdd1ea76b7e6302a2dec0202a3e0846863ca9e31c777fa4157eSecunia Security Advisory - A weakness has been reported in Windows XP, which can be exploited to bypass certain rules in the Internet Connection Firewall (ICF). The problem is caused due to the firewall by default accepting incoming connections to ports listened on by the "sessmgr.exe" process.
e5962b504f3c20958450194746491a476cc2bbfa287a9717900f3ffb75ce0384Sun Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to escalate their privileges. The vulnerability is caused by an unspecified problem when LDAP and RBAC (Role Based Access Control) is used together. This can be exploited to execute certain commands with root privileges.
d8107da6eaef0edb6088236b4f57984ff0c9fbff6dcf5bf35a59bee26c3f5de2Gentoo Linux Security Advisory GLSA 200410-16 - The make_oidjoins_check script, part of the PostgreSQL package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
2961095dd120f133faa907f59c957e950e366ddc2cfbe07e149a3f52fe415917Gentoo Linux Security Advisory GLSA 200410-14 - Squid contains a vulnerability in the SNMP module which may lead to a denial of service.
f15bd0c23293fb103141cd6651afc8a9c261757e238fca1ef9e069eb9d07f93diDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability. Multiple anti-virus vendors including McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV are affected. The problem specifically exists in the parsing of .zip archive headers. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.
9e1955876761267e6f0d00cd7477263281b313c1febd690795708c4ecf029042Secunia Security Advisory - A vulnerability has been reported in Gnofract 4D, which potentially can be exploited by malicious people to compromise a user's system.
71f8614128153fe3bd2feacfff8f4799295c04b98a7506fa927b96b601cda848Secunia Security Advisory - A security issue has been reported in ClientExec, which can be exploited by malicious people to gain knowledge of various system information.
e34f9f7c210030fa2a146be5aaac788f3ddaeb44c8e541a5f34e9fe987be9dc6Secunia Security Advisory - Doubles has discovered a vulnerability in Unzoo, which potentially can be exploited by malicious people to compromise a user's system.
3cdabeba3d1dc3dffb169bbd5bd0b58c2185742b4fe785e4011e6d760822aae1Exploitation of design vulnerabilities in various AntiVirus products could allow malicious code to evade detection.
5898f2fbe542b139be43a7c88281c41740d27dda7118eceef4fc2ac0a8b500ceThe 3COM 3crwe754g72-a has a flaw with handling DHCP requests that allows an attacker to inject code into the administration interface.
280e58d7692513ce37b35eb0eebfe4976fc07c5de3e8002b238daf76d8bcc6faThe 3COM 3crwe754g72-a products suffers from information disclosure, clear text information text storage, and bad authentication design.
b1fb66a6be2e7d57fed5cdea33bf6148a8a23f8f7598e22ff9e1572cdf898b89
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed