Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include buffer overflow, integer overflow, and input sanitization vulnerabilities.
99978be159aa25ec2ae619c6b0de6e9be7e44eaadd4bb5432a278cffef0e1920Secunia Security Advisory - Some vulnerabilities have been reported in A-LINK WL54AP3 and WL54AP2, which can be exploited by malicious people to conduct cross-site scripting or cross-site request forgery attacks.
75bda5897352e3ccb419814636b7def477f2400409446d11574b912e92556551Secunia Security Advisory - DeltahackingTEAM has discovered some vulnerabilities in various MW6 Technologies ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files.
53ed7d3115b1a4fc425b2a229d1baf49472438e0060e7e2a09f89f425870c83aSecunia Security Advisory - Marco Torti has discovered a vulnerability in eXPert PDF ViewerX ActiveX Control, which can be exploited by malicious people to overwrite arbitrary files.
7cf306da6bc2437f092a324f9d7caad96bad260235ea804840633dae65f3c42bSecunia Security Advisory - GoLd_M has reported a vulnerability in SPBOARD, which can be exploited by malicious people to compromise a vulnerable system.
e2d8178369b0ab0f8906dd365c116bddf0904ec94126f531d18144235dab341fSecunia Security Advisory - Russ McRee has reported some vulnerabilities in CompactCMS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
b3d96f2241ebcce4a61b6c9833c469df57785090f88d951ffb20121543c75150Secunia Security Advisory - Hakxer has reported a vulnerability in Absolute Podcast .NET, which can be exploited by malicious people to bypass certain security restrictions.
2772b5075d631c3800d9b7adcc3ea7fd0243447502ac9641b16fbcbbf914a808Secunia Security Advisory - ZoRLu has discovered a vulnerability in the Lyrics plugin for e107, which can be exploited by malicious people to conduct SQL injection attacks.
500b4f822ef628c8b5c583e8d2ec642062aa4eeba94c17e41ecf9ad5b2fe57cfSecunia Security Advisory - Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
3bbebfba1a2639407d9e33890aad320cf2f35a534348aca15f75b168084ffdbfSecunia Security Advisory - A security issue has been reported in CrossFire, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
1a0f7f1271ec1bbcdb26dd76d6af48e618189c53d7065b35c392c4a8c018a7e0Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
bc004ae0a82921e3c40f0fb3098fc5c3f30e7254fa94ffb15c5bd4f5cf0f104eSecunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
bcb6d52e13e1b7f81688afca7ba192063ebbedd5c1fa150d201f2c6422ceaa8dSecunia Security Advisory - Gentoo has issued an update for libspf2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
c9e5f638564d62618c3ca6b86435c79c35afcc92a9984dbcc190a715614058a4Secunia Security Advisory - Ehsan_Hp200 has reported a vulnerability in the BookCatalog module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
e8bea6de5e9473986696e74fdfa85d1ee04858c8eeb31296042bc0ea6f4367f0Secunia Security Advisory - SuSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks or potentially, to compromise a user's system.
abb4debea36e6d7b74ea20790856fdf9a84c59cdd294db094df70ebe37ebf950Secunia Security Advisory - A vulnerability has been reported in various SonicWALL products, which can be exploited by malicious people to conduct cross-site scripting attacks.
03478b856a1e929e599f49b447d652c90f6eb63b6d3df1bae5ce080c3cd2368eSecunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct SQL injection attacks.
237d3f47ddc0733f5345595417890b4a9b8c11d998826f880b43223fcfd8c5d2Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue. The patches used to correct the problem on Corporate Server 4.0 and Corporate 3.0 contained a problem where certain fonts would not be displayed and would cause applications, such as drakfont, to crash. This update corrects the regression.
e1196696c73c394dbf50e0a49b97c9f35c40bd02c8e77f3cb912fcb4250312f3iDefense Security Advisory 10.29.08 - Remote exploitation of a stack based buffer overflow vulnerability in Oracle Corp.'s WebLogic Server Apache Connector could allow an attacker to execute arbitrary code with the privileges of the affected service. A stack based buffer overflow vulnerability exists in the Apache Connector of Oracle (formerly BEA) WebLogic Server. When parsing a request with an invalid parameter the module uses a string without properly validating its length. This string is copied into a fixed sized stack buffer. This results in a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in WebLogic Server Apache Connector version 10.0. Previous versions may also be affected.
92646871e75b29ac768127a34b35cd0ed021ef5d8cb5332e1bcb8be06a4c49f1iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.
fdb454b37d786a9ada30ce36452df4141a400dde4634b766ff1948e16de69370Secunia Research has discovered two vulnerabilities in Interact, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks. Version 2.4.1 is affected.
0a344337ca58023d8bc7f45f6b29427586180f34f0c225d4308d31fb3505ee02VMware Security Advisory - A denial of service flaw was found in the way libxml2 processes certain content. If an application that is linked against libxml2 processes malformed XML content, the XML content might cause the application to stop responding. A flaw was found in the way ucd-snmp checks an SNMPv3 packet's Keyed-Hash Message Authentication Code. An attacker could use this flaw to spoof an authenticated SNMPv3 packet. Multiple uses of uninitialized values were discovered in libtiff's Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked with libtiff to crash or, possibly, execute arbitrary code.
9b95b2eac411ccf8ddbae9b70391be0685aa4158605a231698472c0a4d751e09Secunia Security Advisory - SUSE has issued an update for tomcat5 and apache-jakarta-tomcat-connectors. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
54c0015c7ef6edc0f5e26bd1f95d5a7bf98d3da283525d009296ee057dac6716Secunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct cross-site request forgery attacks.
24c7b31f915875ea7bc3b1dc54473bed6b671cad55a421aafb41ae29be9639e2Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Storage Manager (TSM) Client, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
b24bd4a98833927e0b1b245b575bc3b38b6db2670de28727208de7fc567152e4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed