Various image galleries are susceptible to cross site scripting attacks via trusting EXIF data from images.
35a286655440f1221423c4dfc435a0247a3f9b0fa8ab3c9c4f1708f0449fa43fHP Security Bulletin - A potential vulnerability has been identified with Openview Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to gain privileged access. Affected versions: Openview Network Node Manager (OV NNM) 6.2, 6.4, 7.01, 7.50 running on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP, and Linux.
42730d58272f89dd4510888b098867e972046dd2f4bb1e4041887d43ea9e3519Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. The python packages use a private copy of pcre code.
6c60b8a722eb0465abc8ed758b114123cd720246b7f3268c562345f23dcbf1f9Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow.
2913020ff56d435018e11b27ae5ec6f01a906d4696dc0e8e5102cb460d783f2bSimple PHP Blog suffers from insecure default permissions and lack of validation on uploaded images. Proof of concept code included.
3fd14b55264256bc23b8c5f9bdef31392eeae3e87f49bc20362b144f1751ad10Ulf Harnhammar from the Debian Security Audit Project discoverd a format string vulnerability in simpleproxy, a simple TCP proxy, that can be exploited via replies from remote HTTP proxies.
483407367fe2e42d316087550aaa0490c1954d4e06bf168772fd1b0f9b2e7df7Gentoo Linux Security Advisory GLSA 200508-18 - Earlier versions of PhpWiki contain an XML-RPC library that improperly handles XML-RPC requests and responses with malformed nested tags. Versions less than 1.3.10-r2 are affected.
58ddf0b053866baf9206aad81f5b145df56df9dd0892fd927abb65eee821554bSecunia Security Advisory - Sven Tantau has reported a vulnerability in mplayer, which potentially can be exploited by malicious people to compromise a vulnerable system.
98e856a6b3d2c367a666df5632ed3c3d7d88716170f51e3faef88b22d6f4f817Secunia Security Advisory - An updated version of IPCop has been released. This fixes some vulnerabilities in various packages, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
1305f902d82db71aaba5e7097bbd01833077adf29aa6b0eec964f122fddb7a0fSecunia Security Advisory - Ulf Harnhammar has reported a vulnerability in simpleproxy, which potentially can be exploited by malicious people to compromise a vulnerable system.
a6c69dd2b5ef712e9f0929790d8464a1c563b618bcf8b7f852f91ff13c58c166Secunia Security Advisory - Debian has issued an update for simpleproxy. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
21292362561a8280547f435a694e7526a1a41f010487da7d5d5b79765cccec4dSecunia Security Advisory - Mandriva has issued an update for lm_sensors. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
d633a2ca15aede6efaa37c4e5b27fdaef64160c6a216b7d998956789fb814a50Secunia Security Advisory - Mandriva has issued an update for php. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
61cdcbc0d7a8da41d49612a7963f507e26bdaf019ecf610db3ffcb2ddc79a4f6Secunia Security Advisory - Mandriva has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
8483f3ed259a0df60fac68c271554b21088b23f12c419eb3f82905ac607f3f65Secunia Security Advisory - Mandriva has issued an update for bluez-utils. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions or compromise a vulnerable system.
f1f741784f3a9d7ef802e1182639cf2867f72e60fbf543c6557b62ffb8c435e7Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious, local users to bypass certain security restrictions.
cdcc3dc9a3425bfbe5fde0463e79f75828353a43d181d29187be7dabb6eb164aSecunia Security Advisory - Gentoo has issued an update for libpcre. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
8e9fb9700a035c10df256c1d450f1b690eb7165e47abb4c80db616c913db9142Secunia Security Advisory - Debian has issued an update for libpam-ldap. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
581f4ba0e77f89f2155d278f31ce3aa2b9c37e611fcbc3341f63b8c6fad8956dSecunia Security Advisory - Fedora has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
8ac44334c8249722df920fb4436bd7dc92d5be2a0f5c5e3b08733761b8b8a8ebSecunia Security Advisory - Fedora has issued an update for freeradius. This fixes some vulnerabilities, which potentially can be exploited by malicious users to conduct SQL injection attacks or to cause a DoS (Denial of Service).
6b1645bec707b0c4a6f8990388d4aa48265ffa11a264673708d10a7178b4f8b9Secunia Security Advisory - Fedora has issued an update for openmotif. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
8637f226973badb18b10b2ffbf26ec39a793aa159c47b489d829cba4b08c67c2Secunia Security Advisory - Gentoo has issued an update for phpwiki. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
5b8940bdcb0ad61127ab26243e63089780e6005c066643bdb3acadf2af158892Secunia Security Advisory - Cedric Cochin has reported a vulnerability in Gallery, which can be exploited by malicious people to conduct script insertion attacks.
e4e45fb2d74ccc6986cdff5c86ff3df00c5fa7014a095131a037b3ea3f141cacSecunia Security Advisory - Cedric Cochin has reported a vulnerability in phpGraphy, which can be exploited by malicious people to conduct script insertion attacks.
79fbb46832924dd57654d16279a6893c5fd250f1899d1865eff0384c17e68dc2Secunia Security Advisory - Cedric Cochin has discovered a vulnerability in YaPig, which can be exploited by malicious people to conduct script insertion attacks.
facfd31aee4b09fd002f3a3bbccaa40f932632e1f58fa4f0686706942db9abbc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed