iDEFENSE Security Advisory 09.30.05 - Remote exploitation of a format string vulnerability in RealPix (.rp) file format parser within various versions of RealNetworks Inc.'s RealPlayer could allow attackers to execute arbitrary code. The vendor has indicated that the following versions are vulnerable: Linux RealPlayer 10 (10.0.0 - 10.0.5), Helix Player (10.0.0 - 10.0.5).
9bdd1cc76bdebd29318308f31dd055e8176a0677b12b4f7c5c6445220254b127The FileZilla client versions 2.2.15 and below suffer from a local credential compromise vulnerability due to improper storage.
b25fd57dbac01135b458f4ef6c6bb6f19a6c44cfc31b81c5109a0ffe085b399eDebian Security Advisory DSA 821-1 - An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular expression.
846d0309f9895170bbb3312e9d92a9d82a1569dcfb2bb62e3a8dd1c4ac103cefSEO-Board version 1.02 suffers from SQL injection via the cookie.
1e73db49a6813961ea920b117115be738804a6a6a483f90e9bb411438b4b5759Secunia Security Advisory - Debian has issued an update for python2.3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
7f79116f856d9c0a41f800b037762d36740707c53f6aea3c1030ded27ccc4bd9Secunia Security Advisory - A vulnerability has been reported in TWiki, which can be exploited by malicious people to compromise a vulnerable system.
b492d2b768c7c60d8f301c22c0861628d03f16c8b0e25e8f9e977ef7aec6c1e4Secunia Security Advisory - Red Hat has issued an update for wget. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
71db646dc706ff95fe920f06ff6b9a7e058927c9f2e7ef3c65715f741bacb80bSecunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
851cc72bfce13359a18912a43777772cf6f7a85ced8a01b7b10b8e8339c52afcSecunia Security Advisory - A vulnerability has been reported in Polipo, which can be exploited by malicious people to disclose potentially sensitive information.
13cef3339a3ab52d91aa8ff4488792cd46e8bf18ea8c945b9b2fb1d1f33fda79Secunia Security Advisory - Two vulnerabilities have been reported in PostNuke, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information.
59ce65da220a467bd101ec4b85a636c83e803bee6bc2668923e76fa5ddbe7406Secunia Security Advisory - Fedora has issued an update for HelixPlayer. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
60b1044c1926bfed6f7c0fad05b66b36f013d2d6a230b4aa2a98f9bd42b2c03fGentoo Linux Security Advisory GLSA 200509-19 - PHP makes use of a private copy of libpcre which is subject to an integer overflow leading to a heap overflow (see GLSA 200508-17). It also ships with an XML-RPC library affected by a script injection vulnerability (see GLSA 200508-13). Versions less than 4.4.0-r1 are affected.
c7a1f559573619bdacd54a3d4bece4a1a706e5cf86234d5dbd089768b44b19a0Mandriva Linux Security Update Advisory - A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7
bb0c0e56a300a55986048b2a72e10d74683868e9f32c036373319828bd7879e3The client in Novell GroupWise version 6.5.3 is susceptible to an integer overflow. Previous versions are also believed vulnerable.
4479e84b3e7793c8486d9d5b65049c1958e50d78ec10b6f6901bfecb11feee05Nokia models 7610 and 3210 suffer from a denial of service flaw in the OBEX implementation.
b0c97ab211f95b643a9aa6908eb8776121e799c92c0cdadae2646cd6c154ba66Secunia Security Advisory - Mandriva has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, manipulate certain data, bypass certain security restrictions, and compromise a user's system.
6b35ecdb0318d94ac61ca03059634e0b57108d190768d1277d491c5fc9efe115Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in httpd/mod_ssl included in some products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially bypass certain security restrictions.
b92de57f6949b2fe210a89a93252b39d26828ed198a1339c20585ea86199163fSecunia Security Advisory - Psymera has discovered some vulnerabilities in CJ Web2Mail, which can be exploited by malicious people to conduct cross-site scripting attacks.
8b9d770c8caaab4de73d0a9ce02af2b0c55e412cc2ac405496b9f0069cf54e42Secunia Security Advisory - Psymera has discovered some vulnerabilities in CJ Tag Board, which can be exploited by malicious people to conduct cross-site scripting attacks.
48ffe77c0035ba8478cddc13734b37229476c6eb0b5aba332db23b1fac64eb23Secunia Security Advisory - A vulnerability and a security issue have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
bf42be9afdbddb64b4c42da53c409d863bfd22ce618a0f329e2c5cb4a6884c89Secunia Security Advisory - Psymera has discovered a vulnerability in CJ LinkOut, which can be exploited by malicious people to conduct cross-site scripting attacks.
13ca92e9fb35ebfb4a47a548af3b417704a310052f1948fc5e0456b4ca3bc4efSecunia Security Advisory - rgod has discovered some vulnerabilities in phpMyFAQ, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, disclose system and sensitive information, and compromise a vulnerable system.
a252003545360d6e5859ca4abbb5acac59aa8f9f3248a3dd298de3424e40a876Secunia Security Advisory - kcope has discovered a vulnerability in wzdftpd, which can be exploited by malicious users to compromise a vulnerable system.
d5305cba1c8c64f6cffd1c24c5e6b66a31b515d76065e164ca43cd52ac3fed07Secunia Security Advisory - rgod has reported a vulnerability in Mailgust, which can be exploited by malicious people to conduct SQL injection attacks.
667ce946fa5c6939e2cef5262b069dcf4d1a13898725789237356d815f32a57eSecunia Security Advisory - Kurdish Hackers Clan has reported a vulnerability in AlstraSoft E-Friends, which can be exploited by malicious people to compromise a vulnerable system.
ad07d8e6b6aa60ccaf9d4cbcba930ecca2dccde32d5ab1bf414cd38594b002d3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed