Secunia Security Advisory - Michael Krax has reported a vulnerability in Verity Ultraseek, which can be exploited by malicious people to conduct cross-site scripting attacks.
8d9d6939856c483a16509e7c222cd9a213aa3d0f27c75d8b579db81293c23164The phpbb_clean_username function in phpBB has an improper order of execution allowing path and SQL table disclosure.
a215577b17a268ad3849e2a705244e52a0184db08a9f805716fa54c6e0d2d79eSecunia Security Advisory - Fulvio Civitareale has reported a vulnerability in IRM, which can be exploited by malicious people to bypass certain security restrictions.
66e6417be538fbe550967fb99310b52dde7467fd7b2b732635aa62b98596e092Secunia Security Advisory - Some vulnerabilities have been reported in Ulog-php, which can be exploited by malicious people to conduct SQL injection attacks.
e7075ad0c8ab13d39547f3f38dcdcade4d3b5ad06984b487e760efb0f03b6bdcSecunia Security Advisory - A vulnerability has been reported in Mambo, which can be exploited by malicious people to compromise a vulnerable system.
0f5fb70453f0c50a24fecfc0d5cad200b342cf43ea1f828e66ff530649fba285iDEFENSE Security Advisory 02.21.05 - Remote exploitation of multiple integer overflow vulnerabilities in Simon Tatham's PuTTY can allow attackers to execute arbitrary code. Version 0.56 is verified as vulnerable.
787f7c39e577ad9d7cda00eb74b4e17ad131fe198792eb11fed13f80ea04d57aiDEFENSE Security Advisory 02.21.05 - Remote exploitation of a stack-based buffer overflow in various Unix / Linux vendors implementations of cURL could allow for arbitrary code execution on the targeted host. An exploitable stack-based buffer overflow condition exists when using Kerberos authentication.
a50d1b9c40577ef0879856693b164ebd622ca9837cccf42b229ed787f877b279iDEFENSE Security Advisory 02.21.05 - Remote exploitation of a stack-based buffer overflow in various Unix / Linux vendors implementations of cURL could allow for arbitrary code execution on the targeted host. An exploitable stack-based buffer overflow condition exists when using NT Lan Manager (NTLM) authentication.
747bd27de063e14c01ea3bbdf599000f8a09b4f4b02690d729244fdbd998fe3eSecunia Security Advisory - A security issue has been reported in Secure Global Desktop Enterprise Edition and Tarantella Enterprise, which can be exploited by malicious people to enumerate valid user accounts and disclose some system information.
f1c7d0b03d1e48ec32d4037ea7af424971f863250939f41e2d2f5df45368e2dbSecunia Security Advisory - Takumi Asaki has reported a vulnerability in uim, which potentially can be exploited by malicious, local users to gain escalated privileges.
9a938ab5d83d70581e1d5da718f3f264969e06ea41629ed8f0ad11b8871b754dBontago versions 1.1 and below suffer from a buffer overflow when a nickname longer than 512 bytes is sent.
c4c52df440f8022e31d6b0fdd6b34501919e8a54ee861e31222fe066b58cb871Secunia Security Advisory - Two vulnerabilities have been reported in PuTTY, which can be exploited by malicious people to compromise a user's system.
d14a524e57c962b9b303dd0ce0cfd120121be92cff026cfbdfd61bf25b5d1978WebConnect versions 6.4.4 and 6.5 contain denial of service and directory traversal vulnerabilities.
5bd448d277d5adfd7ce2410ec05365bb0e0bd827a9ca85f0d69fa6054a753914Debian Security Advisory 687-1 - The Debian Security Audit Project discovered a format string vulnerability in bidwatcher, a tool for watching and bidding on eBay auctions. This problem can be triggered remotely by a web server of eBay, or someone pretending to be eBay, sending certain data back. As of version 1.3.17 the program uses cURL and is not vulnerable anymore.
82c0b7829f870e0cbbc617d71c57636d48cdb1cb6157f89a2ab34ed87b13e9c3Gentoo Linux Security Advisory GLSA 200502-26 - gprostats, distributed with GProFTPD, is vulnerable to a format string vulnerability, potentially leading to the execution of arbitrary code. Versions below 8.1.9 are affected.
5c58385762a2a3d9824fbe2f656c8423e1edcecff5ca57268380e4f2eed46928Gentoo Linux Security Advisory GLSA 200502-25 - Squid contains a bug in the handling of certain DNS responses resulting in a Denial of Service. Versions below 2.5.8 are affected.
b98b37f0bc842cb16b69c781d43b4c8a1c06f43e9ca0eb2bdcf60ce8c951ad5aSecunia Research Advisory - Secunia Research has discovered a vulnerability in Yahoo! Messenger, which can be exploited by malicious, local users to gain escalated privileges.
70022251c5a4349b15f90c19fe4600995fd54d38726d166a4046f8dd8ce8a7b1Secunia Research Advisory - Secunia Research has discovered a vulnerability in Yahoo! Messenger, which can be exploited by malicious people to trick users into executing malicious files.
513774c469defad1cd93cfb1ccb109ae36b76b727993df1dca8cea05c194fcadSecunia Security Advisory - Two weaknesses have been reported in Gaim, which can be exploited by malicious people to cause a DoS (Denial of Service).
b4b81621ad1a4e02e7887ba95ce2f8fbb00b4879e9442df2f3913dcd39d1b326Adobe Reader is susceptible to a denial of service when the count value of a root page is set to a negative digit.
e425f612d9d694c26bdb66bdae05b00cd4ab166c5cc01a78de8ba4e9593863fbGentoo Linux Security Advisory GLSA 200502-24 - Midnight Commander contains several format string errors, buffer overflows and one buffer underflow leading to execution of arbitrary code. Versions below 4.6.0-r13 are affected.
b8dfa45cd13112d037062d121f1fa7b2a9ed98b0da56b0870ccf826c70d1c9c1Debian Security Advisory 686-1 - Albert Puigsech Galicia discovered a directory traversal vulnerability in a proprietary FTP client which is also present in gftp, a GTK+ FTP client. A malicious server could provide a specially crafted filename that could cause arbitrary files to be overwritten or created by the client.
2013d5592168515f5acf79dad97fbd472271cf916079902e6654592f80288f26Secunia Security Advisory - Jarno has reported a vulnerability in NewsBruiser, which can be exploited by malicious people to bypass certain security restrictions.
e92c34f1367b9a091fd736112ed9d95e5a79312b1e1bbcf82953bff4856ddc4fWebCalendar 0.9.45 is susceptible to SQL injection attacks.
615c93bb479d94b061ed24ec78d2b1ded739bd33bf88b25ece8f6975c2a55443A variation of the status bar spoofing flaw in Internet Explorer has been discovered using the label for id trick.
c80295d0329225420d26b9c369016b8552f9c5bdb1bc1cf2e635891d75758745
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed