Mandriva Linux Security Advisory - The use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error.
22104610fef5336817ef5f7591218626c8c9e5e0458b299194943ab75d9d9362
COSEINC Alert - A security researcher of COSEINC Vulnerability Research Lab has discovered that Microsoft Agent has a heap overflow vulnerability. This vulnerability is triggered when Microsoft Agent parses the malformed character file in its uncompressed state in memory, by having an overly large value in a length field. This will lead to an integer overflow during the allocation of buffer. Subsequently, when data is copied to the buffer, the heap overflow will occur. The result is possible remote code execution.
c519c6cb74cd3592aa3be74223bb70e4e71cc29f845b8e57a3232f52fef3b460
Drupal security advisory - Previews on comments were not passed through normal form validation routines, enabling users with the 'post comments' permission and access to more than one input filter to execute arbitrary code. Affected include Drupal 4.7.x versions before Drupal 4.7.6 and Drupal 5.x versions before Drupal 5.1.
2e86ad7cf732e48c2e546b4432795c4809c57b8a13758652be4bc9714527a906
Secunia Security Advisory - David Barroso Berrueta and Alfredo Andres Omella have reported a vulnerability in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
2fcc511d3d474874902a5e86604a9fbfbfd775b784181b6def0bf854c6f3749c
Secunia Security Advisory - rgod has discovered two vulnerabilities in GuppY, which can be exploited by malicious people to compromise vulnerable systems.
c4dc94d9aed1019347aa5c27fc7c17dc8127cf66ac224874d1da2f6b8baf7eca
Secunia Security Advisory - Hai Nam Luke has discovered a vulnerability in Yahoo Messenger, which potentially can be exploited by malicious users to compromise a user's system.
63cf4ee827317a4f9918136dc392e423a4efe2ffc181b9bc8e01976438d618c6
Secunia Security Advisory - Ralf S. Engelschall has reported a vulnerability in CVSTrac, which can be exploited by malicious users to conduct SQL injection attacks and cause a DoS (Denial of Service).
f04bb0a8a6daa469007c4bf3f6f48f0103e5107c47517a02b4a31f2d3e8d8d44
Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
b7e60b3ff2bf92643b24b9dc0d4ffa25b849c955f490a8483c72b42a17b436e3
Secunia Security Advisory - adex has discovered a vulnerability in MAXdev MD-Pro, which can be exploited by malicious people to conduct SQL injection attacks.
ffde7b51bb329dc8fe1da5ba97df89a0419cb78a91525c78e70f9bdc8e510f32
Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to compromise a vulnerable system.
2ea9c2bdd8ed96e174acd44a88ce4b56be0225be5df63b8c5accf629af731246
Secunia Security Advisory - GolD_M has discovered a vulnerability in Webfwlog, which can be exploited by malicious people to disclose sensitive information.
33eb8323cd016df2242cfe981ef5ce65df343eb3d72ea2f8b5e3aefa778f9e9e
Secunia Security Advisory - Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
5ab8ce089cf6a70bd8a262e0035bc088f6c956aa0f6a841a28d81269fcb4aff4
Secunia Security Advisory - Fedora has issued an update for libsoup. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
f4b73dde7fcff3e4150c9411799c258a237bfad375fcaf7e832a91ac436dd8be
Secunia Security Advisory - A vulnerability has been reported in Sun Java System Access Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
e6658ea80341d488604d16c39802545d73c30ab1915509f71a1a4f8e9a100173
Secunia Security Advisory - A vulnerability has been reported in vbDrupal, which can be exploited by malicious people to compromise a vulnerable system.
b0ddac3290b8a7127619a936dbc97f8d85af7691bb581af16dc01508a717d50f
Secunia Security Advisory - Avaya has acknowledged a vulnerability and a security issue in Avaya CMS / IR, which can be exploited by malicious, local users to disclose sensitive information or potentially gain escalated privileges.
b1daa58f31c76545cc14765e06f4510ccf339e98ad2512a412f4aeb03e114b67
Secunia Security Advisory - DeltahackingTEAM has discovered a vulnerability in phpIndexPage, which can be exploited by malicious people to compromise vulnerable systems.
9abecfc292f4ac29a96d05415ad94903a4651a2a328ad3e6e2ee74b7ec921864
Secunia Security Advisory - A security issue has been reported in NX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
3b40a856a881460d1a87358fa34737ebf74de7e3ca8f98a6f4457c6c475f4086
OpenPKG Security Advisory - Ralf S. Engelschall from OpenPKG GmbH discovered a Denial of Service (DoS) vulnerability in the CVS/Subversion/Git Version Control System (VCS) frontend CVSTrac, version 2.0.0.
1db2c81b325a11b28837a0856dc30080a87ebbd7a7462ccc43a328ae1aaabdf4
A denial of service vulnerability exists in CVSTrac version 2.0.0.
c3e819ccb3c01d6ba451eb4cc93f2bda4fecfbbdbff2faf373697b773a92b7c7
Phorum version 5.1.18 is susceptible to cross site scripting attacks.
d7d2b47d9dbdca9ea9a6793b7db5dbf6d0f4a006257debc2f52d2fc35f2f5eee
OpenPKG Security Advisory - As confirmed by vendor security advisories, two security issues exist in the DNS server BIND, versions up to 9.3.4. The first issue is a "use after free" vulnerability which allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors that cause BIND to "dereference (read) a freed fetch context". The second issue allows remote attackers to cause a Denial of Service (DoS) via a type "*" (ANY) DNS query response that contains multiple resource record (RR) sets in the answer section, which triggers an assertion error. To be vulnerable you need to have enabled DNSSEC validation in the configuration by specifying "trusted-keys".
efdefa323f0250b7bbccf97b1808ac633e806735791adbf26f360bd1575549c6
Debian Security Advisory 1254-1 - It was discovered that the Bind name server daemon is vulnerable to denial of service by triggering an assertion through a crafted DNS query. This only affects installations which use the DNSSEC extensions. Please note that the CVE listed in this advisory is incorrect.
6cd0b28f7a592d03c87e7a76555f16a04e17f15468171c11f59095f9b4adf432
Gentoo Linux Security Advisory GLSA 200701-25 - Multiple memory corruption vulnerabilities have been found in the ProcDbeGetVisualInfo() and the ProcDbeSwapBuffers() of the DBE extension, and ProcRenderAddGlyphs() in the Render extension. Versions less than 1.1.1-r4 are affected.
3fadaad7ec9d1fb7eac7fa1a9be6db52dde726e16a943a5cfc90ae29ac43e978
Debian Security Advisory 1253-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code.
903b8d0b1637e035832fd2e1b4594cbb4040713c207066157a72c19363a420f3