Secunia Security Advisory - SGI has issued a patch for SGI Advanced Linux Environment. This fixes some vulnerabilities and a security issue, which can be exploited by malicious people to conduct cross-site scripting attacks, overwrite arbitrary files and potentially compromise a user's system.
22e9a79cf08ad1ebe8b6bad2f64ee3f6ab7734c03138c92ea62d9866053bd444Secunia Security Advisory - ajann has reported a vulnerability in Calendar MX BASIC, which can be exploited by malicious people to conduct SQL injection attacks.
c4ce860fa159ea78448225d0c5e4b2da0a9b7bc70dd0805c6cef1cde36356670Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eCoupons, which can be exploited by malicious users to manipulate certain data.
fcdb2ba44351b6a85f739aa811ca564f97825fadeb4074d6c56ca844374d3422Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eNews, which can be exploited by malicious users to manipulate certain data.
0c6bae99e88cc88bf3ad4b28f44090d89baebfa041fb6ccc1cc9812d864e2610Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb eJobs, which can be exploited by malicious people to conduct SQL injection attacks.
ce1a9628a532f4d5cb38bbb5c6885484d83764a727b2c8ce1f97794c6498a407Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb emates, which can be exploited by malicious people to conduct SQL injection attacks.
a7a6e976915941b83d4a76532aaefe9096fbd4d1e6d14466c88ca552998f5322Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb ePages, which can be exploited by malicious people to conduct SQL injection attacks.
85c8ddd16d4ae14eb5c5f11007fb49be9cb59a38e82dc602bb353b0bf179ba03Secunia Security Advisory - ajann has reported a vulnerability in Dragon Business Directory Pro, which can be exploited by malicious people to conduct SQL injection attacks.
d5175fad94c8b9380203f7de974ce18c3b0207aeb1569c7e4343f8e53e072acdSecunia Security Advisory - bd0rk has discovered a vulnerability in SH-News, which can be exploited by malicious people to compromise a vulnerable system.
10a440e75ed8cb77789b1928dfd40c172f9295449655c0970ab54fd9f0216fa5Secunia Security Advisory - ajann has reported a vulnerability in Enthrallweb ePhotos, which can be exploited by malicious people to conduct SQL injection attacks.
787824bf210bc6f165e16a45ec778ede361a3a4ad79d54850987d5f3c018e4c6Secunia Security Advisory - IMHOT3B has reported a vulnerability in Knusperleicht Shoutbox, which can be exploited by malicious people to conduct script insertion attacks.
999464714d8df7952e231a6434a3b899f6ff05b1f61d6e0148866e703c26093aNetragard, L.L.C Advisory - @Mail version 4.51 does not properly sanitize email allowing for cross site scripting attacks.
39e68d57bada5a83cf9b09964668a0c6d5d4d57328013bb0836d4cd7e2938ac1NOD32 Antivirus software versions prior 1.1743 suffer from an arbitrary code execution flaw.
dcc3ac0483403c98b5780d90539d0fc3e3f9ac428aed9e62ae4ad4c049d3f440Debian Security Advisory 1240-1 - Teemu Salmela discovered that the links2 character mode web browser performs insufficient sanitizing of smb:// URIs, which might lead to the execution of arbitrary shell commands.
2fb87b3e15f1f071ef980b8d812b18f940443fa77e4eaea8cb13734a864200cdCAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.
0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672cTechnical Cyber Security Alert - Mozilla has released new versions of Firefox, Thunderbird, and SeaMonkey to address several vulnerabilities. Further details about these vulnerabilities are available from Mozilla and the Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to view a specially-crafted HTML document, such as a web page or HTML email message.
e107062e328dbd419858acefe8e2fad607022adda52781c93e6a34a0be90d649Mandriva Linux Security Advisory MDKSA-2006-234 - XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic.
8a127f50798d6860d450a586a8af3b0175981db6294bc0df3a14b9c3c9dfd77cUbuntu Security Notice 397-1 - Jose Ramon Palanco discovered that the mono System.Web class did not consistently verify local file paths. As a result, the source code for mono web applications could be retrieved remotely, possibly leading to further compromise via the application's source.
94419be4f07c7c1769569c844a7f0de39d524d4f3ae40d536ad18d6482417771HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
5242bb67e4081b1f7e9f9ee63a21f4f1a19532ea06823226a4b41a89f43ae3f2Gentoo Linux Security Advisory GLSA 200612-21 - The read_multipart function of the CGI library shipped with Ruby (cgi.rb) does not properly check boundaries in MIME multipart content. This is a different issue than GLSA 200611-12. Versions less than 1.8.5_p2 are affected.
9b5880e8331459d98744c8c54e9c6c1f39c8fc5f0f33c650d9602d9ce86f86c4Gentoo Linux Security Advisory GLSA 200612-20 - M. Joonas Pihlaja discovered several buffer overflows in loader_argb.c, loader_png.c, loader_lbm.c, loader_jpeg.c, loader_tiff.c, loader_tga.c, loader_pnm.c and an out-of-bounds memory read access in loader_tga.c. Versions less than 1.3.0 are affected.
e28a5f46fd2cb63fa0d448c8c20cfe45f25c0fc0d77f910d130e27f8453c964eGentoo Linux Security Advisory GLSA 200612-19 - Steve Rigler discovered that pam_ldap does not correctly handle PasswordPolicyResponse control responses from an LDAP directory. This causes the pam_authenticate() function to always succeed, even if the previous authentication failed. Versions less than 183 are affected.
e64895cba6cea263dea3c75b42533b05a9f6df284ba411224f20bcd3856675f7The Mono XSP ASP.NET server allows for source code disclosure when a %20 is appended to a URI. Version 1.2.1 is affected.
35a0a5a28f626206a9628043116c7c862cab25d293bacf607501c972dd0dfa16ESET NOD32 Antivirus suffers from a arbitrary code execution vulnerability. Versions prior to 1.1743 are affected.
68c8e00a070400f31b4f79d8fd1f5ed916dc36dd5153dcfabf13efd85383835aA vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. Affected versions are Mozilla Firefox 2.0.0.0 and Mozilla Firefox 1.5.0.4 through 1.5.0.8.
6c930915441d7aeff70bc73318e30776dc3e210ca3f2808e3a1360ebca8e497c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed