Ubuntu Security Notice USN-337-1 - Damian Put discovered a buffer overflow in imagemagick's SGI file format decoder. By tricking an user or automated system into processing a specially crafted SGI image, this could be exploited to execute arbitrary code with the user's privileges.
b0a994a1d3a25e132895df0d702e1195e96cffaef8cbdc41935e7d54f1d1e857
Ubuntu Security Notice USN-336-1 - A buffer overflow was discovered in gas (the GNU assembler). By tricking an user or automated system (like a compile farm) into assembling a specially crafted source file with gcc or gas, this could be exploited to execute arbitrary code with the user's privileges.
38d939b17fa0214853a1addeae072d2362df1352902572dc53c468af9a186a85
A security issue exists in Telmex, Mexico's largest ISP. Advisory is written in Spanish.
a8606b5409713925372cb4cd6c17c3410f853be40afebe9a4b2fa39615b5c2f2
eEye Digital Security has discovered a security vulnerability in IBM's eGatherer ActiveX control. This is the second vulnerability found in this control by eEye Research, the first being from Drew Copley. This control is typically installed by default on IBM workstations and laptops, and is used by default for auto-finding drivers/updates on IBM's/Lenovo's support site.
9c84908e1b617bcd8bdf8c955b46130747f8f7e108a5d3bf442c32fe17b7a573
Mandriva Linux Security Advisory MDKSA-2006-143 - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program.
4ea8be5cbf740393a2e029272fa3cb4f90a624cde42c0cf0a7fc0f010f1b3f12
Symantec Security Advisory - Symantec discovered a security issue in Symantec's Veritas NetBackup 6.0 PureDisk Remote Office Edition. An unauthorized user with access to the network and the server hosting the management interface can potentially bypass the management interface authentication to gain access and elevate their privileges on the system.
8e974c7fc009ae3e7308711422221b19beca99e579c11126f553bda2721afcd1
Symantec Anti-Virus Corporate Edition clients controlled via the Symantec System Center Console do not follow the "Download product updates using LiveUpdate" setting.
7f8bf6003e1c7290c318f9ecbc1ba7b2b429be7b939001daa508fe0ee2062c11
There is a vulnerability in Microsoft Terminal Server when an application is specified for the user instead of a full Windows Desktop. It is possible to easily cause an error in explorer.exe and to gain access to a full Desktop. This is an issue for anyone publishing applications through TS to domain users who also logon to full desktops either on the TS or on another machine.
d64c9d402f1bb8e25e76432b26bcff82f0808bc359afaae44e10c6fe851b3e67
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in search.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
26c3ceb148d5508570a99beb7063062a83fe03cece6d91d209c274554ed67c30
The Horde Framework and Horde IMP systems are susceptible to cross site scripting attacks in index.php. Flaws are verified in Horde versions 3.0.4 through 3.1.2 and IMP versions prior to 4.1.3.
7c57bc41e7ce313d1d89a5dbbcc9d4f11333e6aa61b26698f67ec4ec0f4dc009
Ubuntu Security Notice USN-335-1 - Yan Rong Ge discovered that heartbeat did not sufficiently verify some packet input data, which could lead to an out-of-boundary memory access. A remote attacker could exploit this to crash the daemon (Denial of Service).
10b5c007fe31344262afb6cdf2244273a82b0015a9dc9facad3621e9b7c8e64b
Ubuntu Security Notice USN-334-1 - Michael Calmer and Marcus Meissner discovered that several krb5 tools did not check the return values from setuid() system calls. On systems that have configured user process limits, it may be possible for an attacker to cause setuid() to fail via resource starvation. In that situation, the tools will not reduce their privilege levels, and will continue operation as the root user.
12f66fc37c6dc081c7884cf969144db2f616dc6f0bb1fe070d82c2b129fcea1e
HP Security Bulletin - A potential security vulnerability has been identified in HP-UX running in Trusted Mode. The potential vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS).
05d9ba6ed91655909ba8cdceda6c8b97f1ffea4110e3f15b4269d861b9009d2e
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the msoe.dll (OutLook) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
22885a5636996c2ae267022f1a2e4c96d27b0e909399e0bf36d343c835b3125d
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the CHTSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
08fb3d9543dfdbc1cbb0720ecced45c13eaa3c1fb57e0e8ef62c14db2d218343
A vulnerability has been found in Internet Explorer 6.0. When Internet Explorer tries to instantiate the IMSKDIC.DLL (Microsoft IME) COM object as an ActiveX control, it may corrupt system memory in such a way that an attacker may cause a denial of service and/or execute arbitrary code.
8d976f7cec9cac04d2bcde3dc089d8bc90a466b9e8e0f982547fe5c1428fa1fe
Norton protects its own registry keys against actions of other applications. This protection can be bypassed for registry key 'HKLM\SOFTWARE\Symantec\CCPD\SuiteOwners' using API functions RegSaveKey and RegRestoreKey.
f7afbb4f4af173ea5d04c566e42a8d2d42116a1523e21ffcb16af67d89408b99
Debian Security Advisory 1151-1 - Yan Rong Ge discovered out-of-boundary memory access in heartbeat, the subsystem for High-Availability Linux. This could be used by a remote attacker to cause a denial of service.
bc7ac50270b3e72f5f9f60d85ca93e54c051d1c403cc557ed7c6756c29662efe
Full write up discussing the Mailslot bug discussed in MS06-035 and another bug discovered alongside of it.
37799790f311e5fe10057f6ffd957cdcaf20e6282be1505a9bad9655596797ba
Core Security Technologies Advisory - While investigating the Microsoft Server Service Mailslot heap overflow vulnerability reported in Microsoft Security Bulletin MS06-035, Core Security Technologies researcher Gerardo Richarte discovered a second bug in the server service.
98e904bc1f61a856a53c4aa7affb32dd2eb7051805731c5addcbda8af2f59952
Mandriva Linux Security Advisory MDKSA-2006-142 - Two vulnerabilities by Yan Rong Ge in heartbeat versions prior to 2.0.6.
04d7f5ca9d6aa8ae64008e2cb9bd5f9818095ca624edba2f81118c1dd6a64420
Mandriva Linux Security Advisory MDKSA-2006-141 - An integer overflow vulnerability was discovered in gnupg where an attacker could create a carefully-crafted message packet with a large length that could cause gnupg to crash or possibly overwrite memory when opened.
fb416aba559619ae3c3c4346df15ead90bbf5c101d507c54275e9f1bc119aead
By forging HTTP request headers with flash, virtual hosted systems can be susceptible to cookie theft using IE.
154ef9bc8fad418a9c6a3409d1cca920cb706549ce6104aa5e4796e74b18ed4a
ImageMagick versions 6.2.8 and below suffer from a heap overflow in ReadSGIImage().
5950a0314acf70e0dd34e433fec8db1056c5f593a0011bb867946fcbe9014527
NGSSoftware Insight Security Research Advisory - Informix Dynamic Server is a database developed by IBM. During a security assessment of Informix multiple file creation/write/read issues were discovered. The LOTOFILE function and rlt_tracefile_set functions can be used to create and write to files. The SET DEBUG FILE can also be used to create and write to files. All versions are affected.
2affd37ddf15299e22b23ffbd647cb2a6e868929770043427f279f0f699124e2