Secunia Security Advisory - Michael Brooks has discovered a vulnerability in WordPress, which can be exploited by malicious people to bypass certain security restrictions and to disclose sensitive information.
b38d9cd642a76c2dc66d48b5664c13b7d60418a947fa49a094a08127304fca38Secunia Security Advisory - Beenu Arora has discovered two vulnerabilities in Mambo, which can be exploited by malicious people to conduct cross-site scripting attacks.
6e0dad24b513b9dae42e823d3773f7a0494bd32f18fc006a2fa9035ed6f05bebSecunia Security Advisory - Ubuntu has issued an update for libgd2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
cbf1598785b91d3a8be0e95af401174cf70da4d5a9876c0e6eac2f75b3ab4d44Secunia Security Advisory - Some vulnerabilities have been reported in Sun Ray Server Software, which can be exploited by malicious, local users or malicious people to manipulate certain data or cause a DoS (Denial of Service).
6e158d51a49327248920b5cdd62cf34eb8a035a0a2410c1a3a1125569f5b1957Secunia Security Advisory - A security issue has been reported in Asterisk, which can be exploited by malicious people to bypass certain security restrictions.
8421eb4b2285204ee54acae14136da21fbd35a2f5f5e75a977e7c0b1baa6b0f2Secunia Security Advisory - A security issue has been reported in Sun Management Center, which can be exploited by malicious people to bypass certain security restrictions.
64ca72a1a9e42a644b64d9bba030d2f212bc6b9b47b05ee07c9e36e2e31a399fSecunia Security Advisory - A vulnerability has been discovered in Dokeos, which can be exploited by malicious users to compromise a vulnerable system.
c3fcf21d8a8d578f5d027c49ca81bfb7f86ec716564bdf6d2e08b5fbddac0b76Secunia Security Advisory - Koller has reported two vulnerabilities in phpMyRealty (PMR), which can be exploited by malicious people and malicious users to conduct SQL injection attacks.
6bde79eee003883f1910022fe093e93f7610758a04a89484f771f4c232a76774Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
218968309058561276331c2b5b3d8e8ad389e717b28f6be85ee55beb114b561cSecunia Security Advisory - r4x has reported a vulnerability in WFTPD Explorer, which potentially can be exploited by malicious people to compromise a user's system.
2ea7ccb80c6715cf5af53f54efdc3fc5f1b7728b18785e8733aed5a27036f62fSecunia Security Advisory - MhZ91 has discovered a vulnerability and a security issue in GF-3XPLORER, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose system information.
dc61103a887d8f4341fb7852b830f69658d39ee5ca87f337b1554cbc4ec8a0fbSecunia Security Advisory - Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
c70e7393655979d555343bb6cbaf7652b086a6243dc88af391e3f1859966bcc9Secunia Security Advisory - A vulnerability has been reported in St. Bernard Open File Manager, which can be exploited by malicious people to compromise a vulnerable system.
e4763249ca664c840bfc40a349f49011583743c32e31b7e361b79057096662b2Gentoo Linux Security Advisory GLSA 200712-14 - Wei Wang (McAfee AVERT Research) discovered an integer underflow in the asn1_get_string() function of the SNMP backend, leading to a stack-based buffer overflow when handling SNMP responses (CVE-2007-5849). Elias Pipping (Gentoo) discovered that the alternate pdftops filter creates temporary files with predictable file names when reading from standard input (CVE-2007-6358). Furthermore, the resolution of a Denial of Service vulnerability covered in GLSA 200703-28 introduced another Denial of Service vulnerability within SSL handling (CVE-2007-4045). Versions less than 1.3.5 are affected.
e011fd7e491b8a5fc40987640696d58b66059540e40b69f7a72cd19ab51fbdf6Gentoo Linux Security Advisory GLSA 200712-13 - Rafal Wojtczuk (McAfee AVERT Research) discovered multiple integer overflows in libext2fs, that are triggered when processing information from within the file system, resulting in heap-based buffer overflows. Versions less than 1.40.3 are affected.
866e971b4563493024e7b10169ebf99b0e82378c7b6183789c237eb34e4d5b9aGoogle Toolbar allows spoofing the information presented in the dialog which is being displayed when adding a new Google Toolbar button.
23840b25b3fcacc6483afac763d595c2faf7a2d138ebdc52d35d1162be1072c7Asterisk Project Security Advisory - Due to the way database-based registrations ("realtime") are processed, IP addresses are not checked when the username is correct and there is no password. An attacker may impersonate any user using host-based authentication without a secret, simply by guessing the username of that user. This is limited in scope to administrators who have set up the registration database ("realtime") for authentication and are using only host-based authentication, not passwords. However, both the SIP and IAX protocols are affected.
8f347c1af72c018f03b4107767873c60b519061e85f1fa9739ca188fc9633316Ubuntu Security Notice 556-1 - Alin Rad Pop discovered that Samba did not correctly check the size of reply packets to mailslot requests. If a server was configured with domain logon enabled, an unauthenticated remote attacker could send a specially crafted domain logon packet and execute arbitrary code or crash the Samba service. By default, domain logon is disabled in Ubuntu.
7689c75bd01559c1a92ce08f5b186dfe92066b3ce27788388d16964c6699d30diDefense Security Advisory 12.17.07 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.91.2. Previous versions may also be affected.
c5aa473b49ed2acfeb57cd13577312e73bab4e62c33cba86068e3c637d24d61ciDefense Security Advisory 12.17.07 - Local exploitation of a stack based buffer overflow vulnerability in Apple Inc.'s Mac OS X mount_smbfs utility could allow an attacker to execute arbitrary code with root privileges. iDefense has confirmed the existence of this vulnerability in Mac OS X version 10.4.10, on both the Server and Desktop versions. Previous versions may also be affected.
68e98a688f3efc75abfaeec608bc143f485c893470f9b457f1cead3618eb70d0HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
72d6f0627356830518082c6fbe3de7598bfcab9747c07c456892949c516b50d2Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
76a061fb9a765ba0822274668d99e076d80b11cf5d7f3133b499ad37384fb6c9Secunia Security Advisory - A weakness has been reported in Meridian Prolog Manager, which can be exploited by malicious people to brute force user passwords.
b6ad2154e5ba04949adee78b92ef4fadedc02ce533cd8295a043b664305907e8Secunia Security Advisory - Debian has issued an update for link-grammar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
39a31211c69cd0dde682e4983f4763b39180e4771b55082202f87784ad717f43Secunia Security Advisory - Michael Brooks has reported some vulnerabilities in Centreon, which can be exploited by malicious people to compromise a vulnerable system.
e8e2a87a1e01b3f964ec936c2f5c52813a5c1f26af5ae26a9bdd69862c0571f0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed