Debian Security Advisory 1475-1 - Jose Ramon Palanco discovered th a cross site scripting vulnerability in GForge, a collaborative development tool, allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user's session.
71eb66ebb10d21f250807147e7a4b9e0c3d06d4897aaabf0e6fcef2cb4767b13Gentoo Linux Security Advisory GLSA 200801-14 - The /usr/bin/blam script sets the LD_LIBRARY_PATH environment variable incorrectly, which might result in the current working directory (.) being included when searching for dynamically linked libraries of the Mono Runtime application. Versions less than 1.8.4 are affected.
3f5369e615881d85093c15e888233ac85ef3a385dfde99e2e089ccce89737027Gentoo Linux Security Advisory GLSA 200801-13:02 - The IRC_PART() function in the file irc-channel.c does not properly check the number of parameters, referencing an invalid pointer if no channel is supplied. Versions less than 0.10.4 are affected.
c30de200d3fc302afeb9c46883102addc98d5e3a7abf99bc1526c5a5b546cf4cGentoo Linux Security Advisory GLSA 200801-12 - Luigi Auriemma reported that xine-lib does not properly check boundaries when processing SDP attributes of RTSP streams, leading to heap-based buffer overflows. Versions less than 1.1.9.1 are affected.
ff977b76bbb0bdb47718d75eee18d9ff51d49e812da39a5fb8750ae7181746f2Gentoo Linux Security Advisory GLSA 200801-11 - CherryPy does not sanitize the session id, provided as a cookie value, in the FileSession._get_file_path() function before using it as part of the file name. Versions less than 3.0.2-r1 are affected.
daf8abfdb93d6cff9bf00703877e00659ab26e1d72bb605e9a1f33ad266604c9Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service), or to gain escalated privileges.
814fe5e776fea501cd17527392ddf50cdf38ae980f3f160ab578aecd399c49a5Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in multiple Avaya products, which potentially can be exploited by malicious people to compromise an application using the library.
2f88c2ef70815adcbd425fda28bfb516e805e61174f45bfc5d2fd3c7285d613cSecunia Security Advisory - NBBN has discovered a vulnerability in phpBB, which can be exploited by malicious people to conduct cross-site request forgery attacks.
52ca3ede30ff4eacb2d81dc0ef36d07ce8561603310b2d371eb69be078fc37f4Secunia Security Advisory - NBBN has reported a vulnerability in Woltlab Burning Board, which can be exploited by malicious people to conduct cross-site request forgery attacks.
88ff84df5bf46ed9b90aa038c50e2b156a0f6da1e9fe92f4c4613d0421ba2c4cSecunia Security Advisory - rgod has discovered a weakness in ImageShack Toolbar, which can be exploited by malicious people to potentially disclose sensitive information.
8258821cebe97a7daa2d917bdca475f94cc18e0d81af467be6e20b46c89eb5dcMandriva Linux Security Advisory - A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration.
381c4f1e95696b6696489b294e2642f56831ceb6a838555eea63d08b0115a1d8Mandriva Linux Security Advisory - Will Drewry reported multiple flaws in how libicu processed certain malformed regular expressions. If an application linked against libicu, such as OpenOffice.org, processed a carefully-crafted regular expression, it could potentially cause the execution of arbitrary code with the privileges of the user running the application.
a999038e1e8e36b24fcc7d2f55e5e1d342de60b514b62e574149b8f7caa40f7aSecunia Security Advisory - 0in has discovered a vulnerability in Tiger Php News System, which can be exploited by malicious people to conduct SQL injection attacks.
f3ed167548ca31167c693efe2e1f27ebf5110006f64190da939fdc8c07965044Secunia Security Advisory - Elazar Broad has discovered a vulnerability in Move Networks Upgrade Manager, which can be exploited by malicious people to compromise a user's system.
e1cd36b137d8d122d4ad32a94b13be82f7b096f56c00f389ed27ad5268746786Proficy Information Portal version 2.6 passes a user's password base64 encoded on the wire, allowing for it to be easily intercepted and decoded.
193987184fe40b9994e6689d7dd2c17f6e7439290c4cec09274c18a66ec26f1dProficy Information Portal version 2.6 has a flaw that allows an authenticated attacker the ability to upload arbitrary code on the server.
8fe8e4b4c25860812b02f54a0cb017e1b4fc3b6c4390039ca199adb32e1f2f6bCimplicity HMI version 6.1, 6.1 SP5, and 6.1 SP6 all suffer from an exploitable heap overflow vulnerability.
ca32e6e16dfac1360f0eada284bc6fe1d217d79e79aab976e43fe12f5359abb4Secunia Security Advisory - rPath has issued an update for bind and bind-utils. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
fd818876fa237a7582e05b64ea25edb01028a7bf611faea87c926d4f2f037234Secunia Security Advisory - Will Drewry has reported some vulnerabilities in International Components for Unicode, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
a4e794a8373546cea2a26097d87a6dbf82ed49a32f3ce07201eb87fa0c2882dfSecunia Security Advisory - Mandriva has issued an update for x11-server. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
d4492bb3a8c57468dfb513f8a3fd6f291fb4662efcd3309ffd6418ae3bdef7baSecunia Security Advisory - Fedora has issued an update for hsqldb. This fixes a vulnerability, which has unknown impacts.
895022e51940889de6c09f20eba22d10f0840c57a20858eff243263f1be4893dSecunia Security Advisory - rPath has issued an update for CherryPy. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security settings.
e4da6b5c41cbdb6fdb47d3b1cc1069344ae2889ebfa5d5f8e28e9038d33e619fSecunia Security Advisory - Red Hat has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
60b2814370492d07c03409ab619e98e8f0c86720e9c66ff57b5f601f4bca81d6Secunia Security Advisory - Fedora has issued an update for pulseaudio. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
b6697e2373efd7bbdbede92d40e9429b7d02343bbeb976a606c6007ebad2a745Secunia Security Advisory - Fedora has issued an update for xorg-x11-server. This fixes a security issue, which can be exploited by malicious people with physical access to a system to bypass certain security restrictions.
8fbaad74f91f05574ff9b7cc5e72d23acf770535424a7e71110f72499aa8c52f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed