iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.
b770dc7b3597a8eddba091ed48f8c2ebe227fb5643add55bafe7f720d7437c26Cryus v2.2.8 and below contains four remote vulnerabilities, including one which is pre-authentication. Fix available here.
54d472e1537f333c599a3d7c14b3c297aa87884e8449678168feafb1d6d5a268SecureCRT v4.1 and below contains a remotely exploitable command execution vulnerability. Patch available here.
80795399469e1e338277c2f037190ee6918aae65b2a141bfe5ab27d0d50dbaf9A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.
99d0d7a37a9704572d57022f0d3742f404776b272e3755e80703ceb58318934bGentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.
00d28a18026243d507fbe200677f214b89fb74f4c7748c5f6654dddbe7e4b685A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.
d671cbd752252bb78a3d63491ad5f4be3c8c380bfeaa1eecfe09915f101df920Corsaire Security Advisory - The aim of this document is to define a vulnerability in the Netopia Timbuktu 7.0.3 product for Mac OS X that suffers from a buffer overflow.
cbc907a49668c0fcf9a73b904dee166db917a6d624962997421a44440286d2aeCorsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.
42db080f94b4a9d2053f5f711e043ba751541dcd77b4eb01d14059438cd13bceOpera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.
1f4ec2410d1b05e6a1c8e4034bf16cf1d34b5675d0c35d73f31016c81d7cf149ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.
6cdb000d655e7f0ca7361b33bdc652f24d545c5b63e5cd6664020f90d068fe59AppServ versions 2.5.x and below use a blank root password allowing for compromise.
bcef00af38b54207c93431630430ac96eb1b1336f0fb89132738ac874a8f83ffUnofficial addition to the NISCC DNS vulnerability advisory giving an additional list of vulnerable implementations.
9d1582d18317951d040e27cb9e70fc96fb6dc9de1d083244f6f511ef364afe1eFreeBSD Security Advisory FreeBSD-SA-04:16.fetch - The fetch utility suffers from an integer overflow condition in the processing of HTTP headers that can result in a buffer overflow.
6a018e23dd8de8d84de9f7d1f8a504a855c7a82a0f3059e216c48ef84a19658aVulnerabilities that allow an attacker to inject malicious PHP code exist in the phpBB2 forum using the Cash_Mod module.
624d762e4f5dae8b18a82ee5892ea42e4e0889fbe304466a9772639cf8109294Gentoo Linux Security Advisory GLSA 200411-26 - Improper file ownership allows user-owned files to be run with root privileges by init scripts. These vulnerabilities exist within GIMPS, SETI@home, and ChessBrain.
0da976e17df1840210df7a15cd86d9adac4c3b8ba12f57922846856c843ac5b5During an audit of the smb filesystem implementation within Linux several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. The 2.4 series up to 2.4.27 is affected and the 2.6 series up to 2.6.9 is affected.
b7b977ebbeedcfaf0b2c7258fb9da5b47131762e6dff111d09944b9387963f4dThe Click and Build online eCommerce platform suffers from cross site scripting flaws.
6c6ea864e68c41963fd5902ca74a270ebcd833579e2044b24db470808208e7ccSecunia Security Advisory - cyber flash has discovered two vulnerabilities in Internet Explorer, which can be exploited by malicious people to bypass a security feature in Microsoft Windows XP SP2 and trick users into downloading malicious files.
e5045e765f5620e40be7400c96987a38ac99f4efa59cbb8f0b8fbaee14baf687Microsoft tools ipconfig.exe, forcedos.exe, and mrinfo.exe suffer from buffer overflow and format string vulnerabilities.
4519930c5ff226431824ee642aab5cd3cd1f1dd4ceea32e9e703aaa8dc9d9c45Flaws in SP2 security features, part II - With Service Pack 2, Microsoft introduced a couple of new security features. However, some of them suffer from implementation flaws.
28a5ff6c2253f4f3033f8366da87986794ec4f93e78315699a8e20aa3c132977Secunia Security Advisory - A vulnerability has been reported in phpScheduleIt, which can be exploited by malicious users to bypass certain security restrictions.
6463cab561ef7043ed89be1ff8a4fd0b0c1b984b2901d75032c1886e60db4bf2Trustix Secure Linux Security Advisory #2004-0058 - Various security fixes have been released for gd, samba, sqlgrey, and sudo.
af1941d44b2d625d6d648c069094f5e516373122e419fdc1bc2f119121a1cbe4Debian Security Advisory 593-1 - A vulnerability has been reported for ImageMagick, a commonly used image manipulation library. Due to a boundary error within the EXIF parsing routine, a specially crafted graphic images could lead to the execution of arbitrary code.
7c45a6e3ec9a467c69c8afd772906d6b506f4cf8f42fee772a85fdca2c32c2d9SNS Advisory 79 - Microsoft Internet Explorer contains a vulnerability that could cause a Cookie to be overwritten under certain conditions. Tested against Microsoft Internet Explorer 6.0 Service Pack 1.
f8e8e031b29edfbd8f4c1c957c970be213c8034091cdd7faf4b2a53d38a67228iDEFENSE Security Advisory 11.15.04 - Multiple vulnerabilities have been found in Fcron 2.0.1 and 2.9.4. Local exploitation of vulnerabilities in the fcronsighup component of Fcron may allow users to view the contents of root owned files, bypass access restrictions, and remove arbitrary files or create arbitrary empty files.
1e3a7a297e5c9cf6eef481188a172658e3a5fce82dfb0d82a7bcfd0ddfb53772
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed