Gentoo Linux Security Advisory GLSA 200710-29 - Ulf Harnhammar from Secunia Research discovered a format string error in the inc_put_error() function in file src/inc.c. Versions less than 2.4.5 are affected.
f3203eae40abcffcef539cd477c1500cf6f8efe75e39b6495307d3151e78e03fGentoo Linux Security Advisory GLSA 200710-28 - Dirk Mueller from the KDE development team discovered a boundary error in file qutfcodec.cpp when processing Unicode strings. Versions less than 3.3.8-r4 are affected.
3064b95a334a355933c47f52b371d85e9b948c1c8e805666af428180e426fa8cRealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
d0b3de4e4ec1830bd5ba47b604c4bffbdf1436a14cbbabd5bde23e273d74a08cRealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
4bfd216b1b49b47a039fd1ba81f14f6a6960a86d3d640af7a0c59b9a7cbffd35Ubuntu Security Notice 538-1 - It was discovered that libpng did not properly perform bounds checking and comparisons in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng.
2b20b75f005f129b60076a0029902d501282fd1f58699b341d0d3f01535a3f5dSecunia Security Advisory - A security issue has been reported in Gentoo, which can be exploited by malicious people to compromise a vulnerable system.
94281737361487f7c66b1a31f7936f6cf7d1125a55d7031f6ae909019c4ae077Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in BosMarket, which can be exploited by malicious users to conduct script insertion attacks.
646ce109cd02f8ceba9af817b2b294864ca45bf9f272f1327f38cfdb9202380fSecunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users and malicious users to cause a DoS (Denial of Service).
0fbfcbf967cd330d11580a51cbe588578373ec1c18702b30dbf82c892256dc49Secunia Security Advisory - morin.josh has reported a vulnerability in SWAMP, which can be exploited by malicious people to conduct cross-site scripting attacks.
31d21fc9a12ddb04572490f16afbb15f6091b26787b6ad7cae860fa60dfbd38cSecunia Security Advisory - Hiroshi Ukai has reported some vulnerabilities in Ichitaro, which can be exploited by malicious people to compromise a user's system.
8aacb9c9bb834214d4a925b50c7b3a2bf916cbdb0e9f83a109bd57d43823d360Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in Aleris Web Publishing Server, which can be exploited by malicious people to conduct SQL injection attacks.
38ed5f7d93143eb874c9eb62f545ffd5563c1673b5d0ab7c834a260225c3cf1fSecunia Security Advisory - Gentoo has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
0f3b106fa412f330b790f7fe50045733fb73867408f78e65ae987679921eb666Secunia Security Advisory - eliteb0y has reported a vulnerability in Apache Tomcat, which can be exploited by malicious users to disclose potentially sensitive information.
cc7d95b8ff5908c01a4e14bf7116e1a91631b1e3dec4473ff067e2896fa5365cSecunia Security Advisory - Fedora has issued an update for blam. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
d3beef3dc5fb16af43760a1add01266a9ff1e880919906c4c1ee2bbdbfd3fc16iDefense Security Advisory 10.25.07 - Local exploitation of a buffer overflow vulnerability within Tmxpflt.sys, as included with Trend Micro Inc.'s AntiVirus engine, could allow an attacker to execute arbitrary code in kernel context. iDefense Labs has confirmed the existence of this vulnerability in following Trend Micro Products: Trend Micro's PC-Cillin Internet Security 2007, Tmxpflt.sys version 8.320.1004 and 8.500.0.1002. All products using Trend Micro's scan engine such as Trend Micro ServerProtect, Trend Micro OfficeScan are also suspected to be vulnerable.
b314be90bd52c861475b0bc304415f6bb6eefe9113b790ec7a615f586d84fc43i-Gallery version 3.4 suffers from a direct database download vulnerability.
9f1e4859ed61dc7769548528789c55e3249f326bf19913d77a2c6ea8dffac8caThe helpdesk utility called usd250 suffers from a cross site scripting vulnerability.
68208b8694df5e6a681f5078da14221c75ded411ff2a9c44084035c3577c90c5Secunia Security Advisory - Fedora has issued an update for epiphany-extensions. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
6a88c1659be6ab6610825ca1d009e8a4a536c1defdbaeea2766f28fd638b7ba4Secunia Security Advisory - A vulnerability has been reported in HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM), which can be exploited by malicious people to disclose potentially sensitive information.
410f3555675831091012476e6488932b8b919bbf048056bad16b298905466321Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
b548449f5350373e73e84b13c632e114818a933a220e4ef993f9ec6ff9ae151cSecunia Security Advisory - rPath has issued an update for php, php-mysql and php-pgsql. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
930338ddee1b8873509e8126305a88a7a10f6eb1f1e459091ab18579ca0a082aSecunia Security Advisory - Aria-Security Team have reported some vulnerabilities in CodeWidgets.com Online Event Registration Template, which can be exploited by malicious people to conduct SQL injection attacks.
2decc31480700d4b5a29998937a2d34fa12c004e4a26f2fe2177554bc241f1c1Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
83afc8ed5ef376653f86a0e2ee0defd06826a3f6d42ea4c540af4e0ffafe6b4aGentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.
eab1acd588148e6adf677900e62f05bdaf7074c1aa70850b6845ac89dbdd0b41Gentoo Linux Security Advisory GLSA 200710-26 - Kees Cook from the Ubuntu Security team discovered that the hpssd daemon does not correctly validate user supplied data before passing it to a popen3() call. Versions less than 2.7.9-r1 are affected.
012b7d4d52e8e4e09de2bdfd2094c95d865d951d644213ac90d25fd0f76d71b8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed