Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities and a security issue, which can be exploited by malicious people to conduct cross-site scripting attacks, overwrite arbitrary files and potentially compromise a user's system.
22e9a79cf08ad1ebe8b6bad2f64ee3f6ab7734c03138c92ea62d9866053bd444
Secunia Security Advisory - ajann has reported a vulnerability in Calendar MX BASIC, which can be exploited by malicious people to conduct SQL injection attacks.
c4ce860fa159ea78448225d0c5e4b2da0a9b7bc70dd0805c6cef1cde36356670
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eCoupons, which can be exploited by malicious users to manipulate certain data.
fcdb2ba44351b6a85f739aa811ca564f97825fadeb4074d6c56ca844374d3422
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eNews, which can be exploited by malicious users to manipulate certain data.
0c6bae99e88cc88bf3ad4b28f44090d89baebfa041fb6ccc1cc9812d864e2610
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eJobs, which can be exploited by malicious people to conduct SQL injection attacks.
ce1a9628a532f4d5cb38bbb5c6885484d83764a727b2c8ce1f97794c6498a407
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb emates, which can be exploited by malicious people to conduct SQL injection attacks.
a7a6e976915941b83d4a76532aaefe9096fbd4d1e6d14466c88ca552998f5322
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb ePages, which can be exploited by malicious people to conduct SQL injection attacks.
85c8ddd16d4ae14eb5c5f11007fb49be9cb59a38e82dc602bb353b0bf179ba03
Secunia Security Advisory - ajann has reported a vulnerability in Dragon Business Directory Pro, which can be exploited by malicious people to conduct SQL injection attacks.
d5175fad94c8b9380203f7de974ce18c3b0207aeb1569c7e4343f8e53e072acd
Secunia Security Advisory - bd0rk has discovered a vulnerability in SH-News, which can be exploited by malicious people to compromise a vulnerable system.
10a440e75ed8cb77789b1928dfd40c172f9295449655c0970ab54fd9f0216fa5
Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb ePhotos, which can be exploited by malicious people to conduct SQL injection attacks.
787824bf210bc6f165e16a45ec778ede361a3a4ad79d54850987d5f3c018e4c6
Secunia Security Advisory - IMHOT3B has reported a vulnerability in Knusperleicht Shoutbox, which can be exploited by malicious people to conduct script insertion attacks.
999464714d8df7952e231a6434a3b899f6ff05b1f61d6e0148866e703c26093a
Netragard, L.L.C Advisory - @Mail version 4.51 does not properly sanitize email allowing for cross site scripting attacks.
39e68d57bada5a83cf9b09964668a0c6d5d4d57328013bb0836d4cd7e2938ac1
NOD32 Antivirus software versions prior 1.1743 suffer from an arbitrary code execution flaw.
dcc3ac0483403c98b5780d90539d0fc3e3f9ac428aed9e62ae4ad4c049d3f440
Debian Security Advisory 1240-1 - Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
2fb87b3e15f1f071ef980b8d812b18f940443fa77e4eaea8cb13734a864200cd
CAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.
0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672c
Technical Cyber Security Alert - Mozilla has released new versions of Firefox, Thunderbird, and SeaMonkey to address several vulnerabilities. Further details about these vulnerabilities are available from Mozilla and the Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to view a specially-crafted HTML document, such as a web page or HTML email message.
e107062e328dbd419858acefe8e2fad607022adda52781c93e6a34a0be90d649
Mandriva Linux Security Advisory MDKSA-2006-234 - XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic.
8a127f50798d6860d450a586a8af3b0175981db6294bc0df3a14b9c3c9dfd77c
Ubuntu Security Notice 397-1 - Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source.
94419be4f07c7c1769569c844a7f0de39d524d4f3ae40d536ad18d6482417771
HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
5242bb67e4081b1f7e9f9ee63a21f4f1a19532ea06823226a4b41a89f43ae3f2
Gentoo Linux Security Advisory GLSA 200612-21 - The read_multipart function of the CGI library shipped with Ruby (cgi.rb) does not properly check boundaries in MIME multipart content. This is a different issue than GLSA 200611-12. Versions less than 1.8.5_p2 are affected.
9b5880e8331459d98744c8c54e9c6c1f39c8fc5f0f33c650d9602d9ce86f86c4
Gentoo Linux Security Advisory GLSA 200612-20 - M. Joonas Pihlaja discovered several buffer overflows in loader_argb.c, loader_png.c, loader_lbm.c, loader_jpeg.c, loader_tiff.c, loader_tga.c, loader_pnm.c and an out-of-bounds memory read access in loader_tga.c. Versions less than 1.3.0 are affected.
e28a5f46fd2cb63fa0d448c8c20cfe45f25c0fc0d77f910d130e27f8453c964e
Gentoo Linux Security Advisory GLSA 200612-19 - Steve Rigler discovered that pam_ldap does not correctly handle PasswordPolicyResponse control responses from an LDAP directory. This causes the pam_authenticate() function to always succeed, even if the previous authentication failed. Versions less than 183 are affected.
e64895cba6cea263dea3c75b42533b05a9f6df284ba411224f20bcd3856675f7
The Mono XSP ASP.NET server allows for source code disclosure when a %20 is appended to a URI. Version 1.2.1 is affected.
35a0a5a28f626206a9628043116c7c862cab25d293bacf607501c972dd0dfa16
ESET NOD32 Antivirus suffers from a arbitrary code execution vulnerability. Versions prior to 1.1743 are affected.
68c8e00a070400f31b4f79d8fd1f5ed916dc36dd5153dcfabf13efd85383835a
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected versions are Mozilla Firefox 2.0.0.0 and Mozilla Firefox 1.5.0.4 through 1.5.0.8.
6c930915441d7aeff70bc73318e30776dc3e210ca3f2808e3a1360ebca8e497c