Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include buffer overflow, integer overflow, and input sanitization vulnerabilities.
99978be159aa25ec2ae619c6b0de6e9be7e44eaadd4bb5432a278cffef0e1920
Secunia Security Advisory - Some vulnerabilities have been reported in A-LINK WL54AP3 and WL54AP2, which can be exploited by malicious people to conduct cross-site scripting or cross-site request forgery attacks.
75bda5897352e3ccb419814636b7def477f2400409446d11574b912e92556551
Secunia Security Advisory - DeltahackingTEAM has discovered some vulnerabilities in various MW6 Technologies ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files.
53ed7d3115b1a4fc425b2a229d1baf49472438e0060e7e2a09f89f425870c83a
Secunia Security Advisory - Marco Torti has discovered a vulnerability in eXPert PDF ViewerX ActiveX Control, which can be exploited by malicious people to overwrite arbitrary files.
7cf306da6bc2437f092a324f9d7caad96bad260235ea804840633dae65f3c42b
Secunia Security Advisory - GoLd_M has reported a vulnerability in SPBOARD, which can be exploited by malicious people to compromise a vulnerable system.
e2d8178369b0ab0f8906dd365c116bddf0904ec94126f531d18144235dab341f
Secunia Security Advisory - Russ McRee has reported some vulnerabilities in CompactCMS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
b3d96f2241ebcce4a61b6c9833c469df57785090f88d951ffb20121543c75150
Secunia Security Advisory - Hakxer has reported a vulnerability in Absolute Podcast .NET, which can be exploited by malicious people to bypass certain security restrictions.
2772b5075d631c3800d9b7adcc3ea7fd0243447502ac9641b16fbcbbf914a808
Secunia Security Advisory - ZoRLu has discovered a vulnerability in the Lyrics plugin for e107, which can be exploited by malicious people to conduct SQL injection attacks.
500b4f822ef628c8b5c583e8d2ec642062aa4eeba94c17e41ecf9ad5b2fe57cf
Secunia Security Advisory - Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
3bbebfba1a2639407d9e33890aad320cf2f35a534348aca15f75b168084ffdbf
Secunia Security Advisory - A security issue has been reported in CrossFire, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
1a0f7f1271ec1bbcdb26dd76d6af48e618189c53d7065b35c392c4a8c018a7e0
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
bc004ae0a82921e3c40f0fb3098fc5c3f30e7254fa94ffb15c5bd4f5cf0f104e
Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
bcb6d52e13e1b7f81688afca7ba192063ebbedd5c1fa150d201f2c6422ceaa8d
Secunia Security Advisory - Gentoo has issued an update for libspf2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
c9e5f638564d62618c3ca6b86435c79c35afcc92a9984dbcc190a715614058a4
Secunia Security Advisory - Ehsan_Hp200 has reported a vulnerability in the BookCatalog module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
e8bea6de5e9473986696e74fdfa85d1ee04858c8eeb31296042bc0ea6f4367f0
Secunia Security Advisory - SuSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks or potentially, to compromise a user's system.
abb4debea36e6d7b74ea20790856fdf9a84c59cdd294db094df70ebe37ebf950
Secunia Security Advisory - A vulnerability has been reported in various SonicWALL products, which can be exploited by malicious people to conduct cross-site scripting attacks.
03478b856a1e929e599f49b447d652c90f6eb63b6d3df1bae5ce080c3cd2368e
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct SQL injection attacks.
237d3f47ddc0733f5345595417890b4a9b8c11d998826f880b43223fcfd8c5d2
Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue. The patches used to correct the problem on Corporate Server 4.0 and Corporate 3.0 contained a problem where certain fonts would not be displayed and would cause applications, such as drakfont, to crash. This update corrects the regression.
e1196696c73c394dbf50e0a49b97c9f35c40bd02c8e77f3cb912fcb4250312f3
iDefense Security Advisory 10.29.08 - Remote exploitation of a stack based buffer overflow vulnerability in Oracle Corp.'s WebLogic Server Apache Connector could allow an attacker to execute arbitrary code with the privileges of the affected service. A stack based buffer overflow vulnerability exists in the Apache Connector of Oracle (formerly BEA) WebLogic Server. When parsing a request with an invalid parameter the module uses a string without properly validating its length. This string is copied into a fixed sized stack buffer. This results in a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in WebLogic Server Apache Connector version 10.0. Previous versions may also be affected.
92646871e75b29ac768127a34b35cd0ed021ef5d8cb5332e1bcb8be06a4c49f1
iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.
fdb454b37d786a9ada30ce36452df4141a400dde4634b766ff1948e16de69370
Secunia Research has discovered two vulnerabilities in Interact, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks. Version 2.4.1 is affected.
0a344337ca58023d8bc7f45f6b29427586180f34f0c225d4308d31fb3505ee02
VMware Security Advisory - A denial of service flaw was found in the way libxml2 processes certain content. If an application that is linked against libxml2 processes malformed XML content, the XML content might cause the application to stop responding. A flaw was found in the way ucd-snmp checks an SNMPv3 packet's Keyed-Hash Message Authentication Code. An attacker could use this flaw to spoof an authenticated SNMPv3 packet. Multiple uses of uninitialized values were discovered in libtiff's Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked with libtiff to crash or, possibly, execute arbitrary code.
9b95b2eac411ccf8ddbae9b70391be0685aa4158605a231698472c0a4d751e09
Secunia Security Advisory - SUSE has issued an update for tomcat5 and apache-jakarta-tomcat-connectors. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
54c0015c7ef6edc0f5e26bd1f95d5a7bf98d3da283525d009296ee057dac6716
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct cross-site request forgery attacks.
24c7b31f915875ea7bc3b1dc54473bed6b671cad55a421aafb41ae29be9639e2
Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Storage Manager (TSM) Client, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
b24bd4a98833927e0b1b245b575bc3b38b6db2670de28727208de7fc567152e4