Gentoo Linux Security Advisory GLSA 200507-29 - Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Versions less than 1.8g-r1 are affected.
87f159155381b36c21e0e0e3fefddc682bb5b863fd0a362a41d8482035a3a0f2
OpenBook version 1.2.2 suffers from a SQL injection vulnerability.
99e3f6e9535131e4d3edf4332578daa55505501be55b27078e97c14c4266ecc7
Gentoo Linux Security Advisory GLSA 200507-28 - Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 2.2 are affected.
089895ad37abaac24f0dad3f6afe89af8a82368d5cba6cecff5434588a1426fb
PC-EXPERIENCE/TOPPE CMS suffers from cross site scripting and login bypass flaws.
8b93fec850be69043b24c38d724a3fee23aae77ca336c591a5aee6c961ce8456
Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.
3bf36659581229e54569a2d59e27539a97b5f16685e7c71abe83814a914d88df
Technical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
612a6aab63407f47dd2f70f9f5daac057671dae53d6365bd25ada10a0b1fb803
Debian Security Advisory DSA 770-1 - John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion.
f18c92326d937e364c1ee4441b8bc3351650341729c07ecf31524cd674ed2a00
Cisco Security Advisory - Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
e4a1223ecad0ce05120fbcc227c01a309c002341dc48e83340e13e07d21ba31f
Ubuntu Security Notice USN-156-1 - Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the YCbCr subsampling value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use libtiff (like the CUPS printing system) and can cause data loss in, for example, the Evolution email client.
75d651797a17076ee88599503cd355ac64c2a4a6baba6923968ad90b4935446a
Debian Security Advisory DSA 769-1 - Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.
5236b1225e52a25ae2e9febac80d3ee41bd0c41b8fac54c0594386681ab20b5f
SPI Dynamics Security Bulletin SPI-0001-07282005 - There exists a potential WebInspect cross application scripting vulnerability for versions below 5.5.386.
f1bdd19730f6a1d4621a3d3f022d6b22f3338eb5869dac1b7ae60c1999cb965e
UseBB versions 0.5.1 and below suffer from multiple SQL injection and cross site scripting vulnerabilities.
4d2114be500f23ebf091fb17d172b512c79677234c01f8a698f2554cef0dfe06
The Website Baker Project is susceptible to path disclosure and cross site scripting vulnerabilities.
cc2394bba45b3a16c2e654b31f26dd707f84a813dfd7cc6c4be3aa319de0809d
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files.
1ccc89b51dd2864d985b7f3e3c5aecb730ab0e3b0d9552b80db5b2f807eeeb00
HAURI live update suffers from remote file download and execution vulnerabilities.
8660e9e5bc91f7d58a77d85284653089f929ee327c8d874075220bc19d50efdc
Gentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected.
87617aafa02091df595ab6db40815b529e291cd56660a694f24bb48cd1578324
Secunia Security Advisory - Leandro Meiners has reported a security issue in Lotus Domino, which can be exploited by malicious users to disclose certain sensitive information.
243c1fb55b43dacf0771d9357f36c4fbd9beb9384b47449964bcb8b27ef18c67
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files.
abb0618aa145cdd7bf0d2afb3b38a3b305a05bd0be854828da1155a4eeed9de1
Secunia Security Advisory - Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
0f07b51b103ff9ef10c0fbe1da4f791a4bb774da3895e301057ad6a51ae1d019
Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which can be exploited by malicious people to conduct a DoS (Denial of Service) or potentially compromise a vulnerable system.
4a50864d577470543713ddff631923c3f3a313e0c742c823ef44f7c552ae902e
Secunia Security Advisory - Joxean Koret has reported some vulnerabilities in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
af2410d1397932e2aff5cc2b4deba247e7eb224248af31e5d7dd3fccc8ba697b
Secunia Security Advisory - A vulnerability has been reported in MySQL Eventum, which can be exploited by malicious people to compromise a vulnerable system.
b24203254f3a8dbcecf99a870efbdf7e619a52685d6f9ae757ee77f804520da2
Debian Security Advisory DSA 768-1 - A cross-site scripting vulnerability has been detected in phpBB2 that allows remote attackers to inject arbitrary web script or HTML via nested tags.
17296a07f9fba6b5c5f9faf1471bdb2a29cf1904a453fd429c18ffc14e85d298
Debian Security Advisory DSA 767-1 - Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code.
731eacaf7aa145a94852bb7f67e1228edc4c06417f2f52ce69534cf0eca41cd9
Clever Copy contains a flaw that allows for unauthorized reading and deletion of private message from other users. Versions 2.0 and 2.0a are affected.
cee6aa9d03d9edb950fbb011536da583d407b1e927dcf7183fbede8e4b96685d