Secunia Security Advisory - A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
c1448671788db90cc9e0be174b3cc2bbbb7d0498828078c7c7e9b862a77280e2Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The updated packages have been patched to prevent this issue.
0ebde274e431550f35a889527dc2b914d5dea262f2c261477dd76032479d4aaaMandriva Linux Security Advisory - An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server. Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could exploit these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server. The Metisse program is likewise affected by these issues; the updated packages have been patched to prevent them.
21ab26995f3e8ac3cf68bea088a9613c7a17cdd32ee933bb7754a04a8a14dea0Mandriva Linux Security Advisory - Alin Rad Pop found an array index vulnerability in the SDP parser of xine-lib. If a user or automated system were tricked into opening a malicious RTSP stream, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. The ASF demuxer in xine-lib did not properly check the length of ASF headers. If a user was tricked into opening a crafted ASF file, a remote attacker could possibly cause a denial of service or execute arbitrary code with the privileges of the user using the program. The Matroska demuxer in xine-lib did not properly verify frame sizes, which could possibly lead to the execution of arbitrary code if a user opened a crafted ASF file. Luigi Auriemma found multiple integer overflows in xine-lib. If a user was tricked into opening a crafted FLV, MOV, RM, MVE, MKV, or CAK file, a remote attacker could possibly execute arbitrary code with the privileges of the user using the program. Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue.
cc1af7aa9af190d5e08578ee557ea3356fcedf52d35bb1e99c652fdbdc04649dDebian Security Advisory 1630-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or arbitrary code execution.
a2c27af084e632dacda1f2b548a743f20c48db967b5e065f17020aa096f656a0Gentoo Linux Security Advisory [UPDATE] GLSA 200804-22:03 - Amit Klein of Trusteer reported that insufficient randomness is used to calculate the TRXID values and the UDP source port numbers (CVE-2008-1637). Thomas Biege of SUSE pointed out that a prior fix to resolve this issue was incomplete, as it did not always enable the stronger random number generator for source port selection (CVE-2008-3217). Versions less than 3.1.6 are affected.
7d5cac259201a9e986b7929ca9688bd105efdfe46b13c0ddf4e960f3611835acSecunia Security Advisory - A vulnerability has been reported in neon, which can be exploited by malicious people to cause a DoS (Denial of Service).
fe7aa90e874195a1177176f5e807c79898d21fc8c3d5c220cee026df1088f790Secunia Security Advisory - James Bercegay has reported some vulnerabilities in SunShop Shopping Cart, which can be exploited by malicious people to conduct SQL injection attacks.
98691b775c3f800bf684dc10a7cf545b9214a5ae81669dd4a20e6f6e06b8b432Secunia Security Advisory - Federico Muttis has reported a vulnerability in vBulletin, which can be exploited by malicious users to conduct script insertion attacks.
2e496f121ba6ec17935cc194320a140cbb7e08acaa9e776618af5faefbeaa54cSecunia Security Advisory - Core Security Technologies has reported a vulnerability in the Anzio Web Print Object (WePO) ActiveX component, which can be exploited by malicious people to compromise a user's system.
c7732704982fa22aec47de26f616ad9a36340cd15305e5e19e81d7cce71e4086Secunia Security Advisory - Glafkos Charalambous and George Nicolaou have discovered a security issue in Folder Lock, which can be exploited by malicious, local users to disclose sensitive information.
1efaa4ddbe30550c67f752b28039ab24f10c63ed574673002722993a45445c9eMandriva Linux Security Advisory - Guido Landi found a stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via a long NSF title. The updated packages have been patched to correct this issue.
d083e2d6be526c76dac5c38045e56e16a97284f52f7ac3ebdcdea3559328cff6Mandriva Linux Security Advisory - A stack-based buffer overflow was found in mtr prior to version 0.73 that allowed remote attackers to execute arbitrary code via a crafted DNS PTR record, when called with the --split option. The updated packages provide mtr 0.73 which corrects this issue.
da54910e94b149a4e4c7c1aa6a98b994bb8ac622cfe5e54f33cf1fa58d9c5d49Mandriva Linux Security Advisory - A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs. The updated packages have been patched to correct this issue.
da00a94fca68b754636dddb3e0930226c093a98991b1378ec5407e4db5f349d2Core Security Technologies Advisory - vBulletin versions 3.7.2 Patch Level 1 and 3.6.10 Patch Level 3 suffer from a cross site scripting vulnerability.
33e0a80ee6c61a4d22a3cf12e25ffae5a8a5d7ba8e5f4ef6d5683d7078fb5bc7Secunia Security Advisory - Ubuntu has issued an update for postfix. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
201c7ae232ab05f3fd0363c4b6a851549c6d066df5c69dfa19330a023701412bSecunia Security Advisory - Some vulnerabilities have been reported in llcon, which can be exploited by malicious people to cause a DoS (Denial of Service).
7e14e367442bd4bd8bc79114546b23a1a285e8f68f756e70808ce84ed9bde230Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
667b118e267f0cd60597bfdc7d2172b6aa93a58c4d606e572610cbb9b665f592Secunia Security Advisory - Hussin X has reported a vulnerability in Forced Matrix Script, which can be exploited by malicious people to conduct SQL injection attacks.
d6013dc25298a93be1435529630d9b89946e811adde2f51e37aa1320c23d0b25Secunia Security Advisory - Hussin X has reported a vulnerability in YourFreeWorld Classifieds Script, which can be exploited by malicious people to conduct SQL injection attacks.
004efd3a5518e5158bb622687a60166c9c801dd1270e9c391033a129bbbc4402Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
1dea8297684e32e69f581f0867522eebd8dcac5f5fcf83efa9cf62adfe06afc8Secunia Security Advisory - James Bercegay has reported some vulnerabilities in PHP Live Helper, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
e95e0959277ee7af14d5fd9746e1f01eb2bfe63b9cf09399de7e61100ab3a090Secunia Security Advisory - Some vulnerabilities have been reported in Vanilla, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
11c2b2b0f9f089a77e76211559eec8156fb4cbf24a0abb0ae31990f3c741ae9aSecunia Security Advisory - Hussin X has reported a vulnerability in Ad-Exchange Script, which can be exploited by malicious people to conduct SQL injection attacks.
ed3912e415e669a24f17de2b57b0b27d40e8889ff13fd2cff8b9739f94f78115Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Avaya CMS, which can be exploited by malicious people to compromise a user's system.
81af5c836eaa8a43b2c78a5718aa9a22c4c1ef9c2daf0e919a607a3b7c783409
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed