CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
07a837f7b40e2e601e9d01c4f63a3d737cdfa42056432e84c50f216b96451b95ZDI-06-019: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
8c22690de5dbbcd77b40d4f39a87426e6c93b1c3ea220f0c5fd8b5331e3ecc4aGentoo Linux Security Advisory GLSA 200606-27 - TAKAHASHI Tamotsu has discovered that Mutt contains a boundary error in the browse_get_namespace() function in browse.c, which can be triggered when receiving an overly long namespace from an IMAP server. Versions less than 1.5.11-r2 are affected.
e72e193684e5625b22c242d26a8ffbd7d8e866dbb9c6b88e6951abfad14a0c58AzDGDatingPlatinum v1.1.0 suffers from SQL injection in view.php.
05be842ea8bff60ede83c154ebbea5c740330ded2523012a8b5ec8ca1cc96a75vCard PRO suffers from multiple SQL injection vulnerabilities.
f398d55830896684e1c91d8ce033f330a48913deeeff40e06c1851ce319af119PHP-Nuke Module's Name Sections V3 suffers from a SQL injection vulnerability.
f86e7eb93ea54b5e29bb6066b6c8835b1564898e6dfa7c4539e269b00ea5cfecphpvillage suffers from SQL injection in funshow.php.
8562de33f7852822b51900aef68513beaabdc88351103c84c30c718c184e6c60CrisoftRicette 1.0pre15b suffers from a remote file inclusion vulnerability.
2b8393c18d49c129270d60e86ed7b768cbaf406c2d52308f332834cb3de95983Kurdish Security Advisory #10: MF Piadas 1.0 Remote File Include Vulnerability and cross site scripting.
f6193cc9e4bf8890ce152e0b0626ed3c3b64b17dde10719899fb2b5518b5812fSUSE Security Announcement SUSE-SA:2006:037: The freetype2 library renders TrueType fonts for open source projects. More than 900 packages on SUSE Linux use this library. Therefore the integer overflows in this code found by Josh Bressers and Chris Evans might have a high impact on the security of a desktop system.
a65f089c3a17784822afe0eba17743d2a60be152567b2595210185499bd06b3cUbuntu Security Notice 307-1: TAKAHASHI Tamotsu discovered that mutt's IMAP backend did not sufficiently check the validity of namespace strings. If an user connects to a malicious IMAP server, that server could exploit this to crash mutt or even execute arbitrary code with the privileges of the mutt user.
a433e0a7e41a1c1f2bb2a661881ce12bf916ac086a08d13a910b2126a449808fUbuntu Security Notice 306-1: MySQL did not correctly handle NULL as the second argument to the str_to_date() function. An authenticated user could exploit this to crash the server.
fc3713a621ae408e057633edcdacf72464b08a67999cdf049e4aa0250817e127Ubuntu Security Notice 305-1: When processing overly long host names in OpenLDAP's slurpd replication server, a buffer overflow caused slurpd to crash. If an attacker manages to inject a specially crafted host name into slurpd, this might also be exploited to execute arbitrary code with slurpd's privileges; however, since slurpd is usually set up to replicate only trusted machines, this should not be exploitable in normal cases.
050535df00cc3c879a950767337feb6a98901d471efb4a320dc49b7296e16738Symantec Vulnerability Research Security Advisory SYMSA-2006-006 - Lotus Domino SMTP Based Denial of Service: There exists a Denial-of-Service condition within NROUTER when parsing meeting requests. The result of which is that no external or internal mail will be delivered during the processing of the malformed message.
a07db676c737cf141f460ae87b3a7e88945979eb5d19aa822edba5e87bd0bc01It is possible to use the error_log function to bypass safe mode in PHP 5.1.4 and 4.4.2
69dcde6236188d1a1843507726eaab7b5d146ea0cda8bb889b32fc10c645b338Secunia Security Advisory - Secunia Research has discovered a weakness in Opera, which can be exploited to display the SSL certificate from a trusted site on an untrusted site.
8cc82aa44ecfc7312c40cf1105428d6bd481042beeedb7afc3c089be4541e82dSecunia Security Advisory - SUSE has issued an update for freetype2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise applications using the library.
94a71fca61d0da5e09bc0aff1013a24aa3bba4a500cc9f4967e6fb0be9d232baSecunia Security Advisory - Two vulnerabilities have been reported in IBM WebSphere Application Server, where one has an unknown impact and the other can be exploited by malicious people to gain knowledge of sensitive information.
907f26ae4bbbb68122af319b11a8e7358a9d55cfefbda329deb48437db46b8b5Secunia Security Advisory - Darren Bounds has discovered a vulnerability in Trend Micro Control Manager, which can be exploited by malicious people to conduct script insertion attacks.
d5b85b9371dc275902a7b772cc8961ad90de171fd38155dcb8d3ef9920d7463dSecunia Security Advisory - Moroccan Security Team has discovered two vulnerabilities in Open Guestbook, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
9622c104f9705198ccc5d9ab8476bcfc570d83578f10bf20d1231d4e88693baaSecunia Security Advisory - r0t has reported some vulnerabilities in H-Sphere, which can be exploited by malicious people to conduct cross-site scripting attacks.
9b5a802bf7726ba03baf390630655c8639db11051f1d7f9bf40c6e8bd02d3ac3Secunia Security Advisory - A vulnerability has been reported in Hashcash, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
6c20ad9c67ca1cc7aa8c74127e7cda7c40f35f2601bba363e6db52ae60bc9ccaSecunia Security Advisory - Ubuntu has issued an update for gnupg. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
4db01ba2c467a7a906bab10ac5f422af05fa672bd3eecbecbd1ef9366df26448Secunia Security Advisory - A vulnerability has been reported in EnergyMech, which can be exploited by malicious people to cause a DoS (Denial of Service).
6309b17c8c6eecf74788a59a41dd552c6689e6980749bab1781e225fefaf1360Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service).
3f6921f7a3d742d1c24f27f64b9b88316e3b5e5ad27fd13aecd652e7c9f7d956
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed