Debian Security Advisory 1161-1 - Several security related problems have been discovered in Mozilla and derived products like Mozilla Firefox.
f7ab4b5f1233399b5b1b18806a7f4b42c8b5aa932b148f2b3198a7f90e992de9Mandriva Linux Security Advisory MDKSA-2006-155 - Multiple buffer overflows in ImageMagick before 6.2.9 allow user-assisted attackers to execute arbitrary code via crafted XCF images. Multiple integer overflows in ImageMagick before 6.2.9 allows user-assisted attackers to execute arbitrary code via crafted Sun bitmap images that trigger heap-based buffer overflows. An integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via large bytes_per_pixel, columns, and rows values, which trigger a heap-based buffer overflow.
17ea48c30ae262993a867073c259c4ec7c7c700fdadae830130ae4309c554f4cGentoo Linux Security Advisory GLSA 200608-28 - The sscanf() PHP function contains an array boundary error that can be exploited to dereference a null pointer. This can possibly allow the bypass of the safe mode protection by executing arbitrary code. Versions less than 5.1.4-r6 are affected.
cccbe3afd18c7d863de2d5ac6ae3036834ad166c626106dba2a8fcf0470a4f0bGentoo Linux Security Advisory GLSA 200608-27 - In November 2005, Zone-H Research reported a boundary error in the ktools library in the VGETSTRING() macro of kkstrtext.h, which may cause a buffer overflow via an overly long input string. Versions less than 3.4.0-r1 are affected.
0e764a0a471a253079be6c1c295bc8726abd6b28b81677211dba782958f13438Gentoo Linux Security Advisory GLSA 200608-26 - The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default; secondly, the SCSI dissector is vulnerable to an unspecified crash; and finally, the Q.2931 dissector of the SSCOP payload may use all the available memory if a port range is configured. By default, no port ranges are configured. Versions less than 0.99.3 are affected.
0572c83b05e151adf70e50709ae881d02c15e77c2c8c3d9d1d7d1eee48bb4af5Debian Security Advisory 1160-1 - Several security related problems have been discovered in Mozilla and derived products.
fc3a5dd2574ba1ca4a9b000ea22fd04724ecd0339c2252f98f22547fae94f2a1Mandriva Linux Security Advisory MDKSA-2006-154 - The libXm library in LessTif versions 0.95.0 and earlier allows local users to gain privileges via the DEBUG_FILE environment variable, which is used to create world-writable files when libXm is run from a setuid program.
fcd62e9b6c19b5611928bdffa7ac17685229cc986efaddb82685d7f16727d734Mandriva Linux Security Advisory MDKSA-2006-153 - A stack-based buffer overflow in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. A buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format record in which the length character is not a valid hexadecimal character.
20bae66b913b708c81f4d4d713ab9094b1a1cd129693db985f0f4ac8827cbe5cSymantec Security Advisory - A connection from a SAP-DB/MaxDB WebDBM Client to the DBM Server causes a buffer overflow when the given database name is too large. This can result in the execution of arbitrary code in the context of the database server. Affected version is SAP-DB/MaxDB 7.6.00.22.
f252047e0f68c231dc50e1773e17de6610f34d7f5aae0c80053dedb4165a40e1Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in CJ Tag Board, which can be exploited by malicious people to compromise a vulnerable system.
6924ab6d73ba9dd6c89c24eb74e6243a40c3055aab513b8e2c640e3f87e5edd7Secunia Security Advisory - Debian has issued an update for mozilla. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks and potentially compromise a user's system.
783321879be5b45c78347b04b695cc8497d1a26a4f636334b26f43b128aaa55bSecunia Security Advisory - kefka has discovered a vulnerability in HLstats, which can be exploited by malicious people to conduct cross-site scripting attacks.
687b9d79c1c77f6f613aad496d23513b0ab51ee4bb0aa367322c5205398bc2deSecunia Security Advisory - SHiKaA has discovered a vulnerability in Web3news, which can be exploited by malicious people to compromise a vulnerable system.
3a3c7eb00aa1a95b53d29d737a6a6480f62777d94cb39e59c700e1f296e99ad4Secunia Security Advisory - Some security issues have been reported in X.Org X11, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
bac94b94ec5ca17f8c9fd7a0c0f9fbee176a8aed50a76610d207f2fcd168a0aeSecunia Security Advisory - Gentoo has issued an update for multiple packages. This fixes some security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
e62af66112419ca04e8e3dc917b7ed0b35f1b094b5fa1e16bd9cfbbe589e1a2aSecunia Security Advisory - Some vulnerabilities have been reported in Joomla!, where some have unknown impacts, and others can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
c44b92173a5629dcecbf1b50d6368a156da88e04ee52312e6503a85bc497dae5Secunia Security Advisory - A vulnerability has been reported in PmWiki, which potentially can be exploited by malicious people to conduct script insertion attacks.
38e162f9657537d2eb5111909d68334a4a16acd55fa95dc9c72a54939e86586cGentoo Linux Security Advisory GLSA 200608-25 - Several X.org libraries and X.org itself contain system calls to set*uid() functions, without checking their result. Versions less than 1.0.4-r1 are affected.
0fb6ec5822e6cf0f7283f1d55a1f1de970e1b02e44929d89b16878b20611977eSome SQL injection vulnerabilities have been found in Cybozu Garoon 2 version 2.1.0 for Windows. When exploited by a logged on user, the vulnerabilities allow for manipulation of SQL statements which can lead to disclosure of information from the database, or to cause the backend MySQL database to consume large amount of CPU resources.
94932244918f86ec9cbc3c1de3392a30b3dd4dfd9954868db3b6c5152b81423eA vulnerability has been found in Cybozu Products. When exploited, the vulnerability allows an authenticated user to retrieve arbitrary files accessible to the web server process. Affected versions include Cybozu Office version 6.5 for Windows and Cybozu Share 360 version 2.5 for Windows.
f3ebb6efe8e8068de884bcd59e82c23a1e7ac1c7641cae14b0c9c9927cc4bb0cAn invalid memory write in Internet Explorer may lead to a denial of service condition or execution of arbitrary code.
a4630795ff7794653dd485b170c0ae3318a80c95825db95b174deee3d6aed055Myspace.com appears to have a worm propagating via user pages.
a45aed96f50d5e55ff8f7110a5dbb0e94e5fffae010f6b1b692196f1d9338efeSecunia Security Advisory - Redworm has discovered a vulnerability in MyBB, which can be exploited by malicious people to conduct script insertion attacks.
0eb643c82c90dc9cf54668691f774c26fa8c6578a126fbcc02e7549866653ac8Secunia Security Advisory - Some vulnerabilities have been reported in various Dell Color Laser Printers, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
85413d2a3384b30b1959dcecf5f126d51cbdd9f738943662360f435cd446e350Secunia Security Advisory - Red Hat has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response smuggling attacks, disclose sensitive information and potentially compromise a user's system.
abbeacd833f0de3bbc2fbfe4f60f1b0ecb50d0d7a3d7df9095b2347bbddc6c55
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed