Secunia Security Advisory - Some vulnerabilities have been reported OpenJDK, which can be exploited malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
83a1d439594e00b61c690164a8ba51f71586fc7525f36bd3a538f1a8bcb24bc7iDefense Security Advisory 03.25.09 - Remote exploitation of an integer signedness vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_11 for Windows. Previous versions and versions for other platforms may also be affected.
3bc84907efc86fab9cc714244a3052994583300cd2f5c0cdbaf928ca680eb1b5PowerCHM suffers from a stack-based buffer overflow when processing files with the .HHP extension. Version 5.7 is affected.
50beb1abca1fac7fae023040ca0c6ca831492331c8e39f44a9bcd22c4e141334Secunia Security Advisory - A vulnerability has been reported in the Gigaset SE461 WiMAX router, which can be exploited by malicious people to cause a DoS (Denial of Service).
2d57ea5e7389bf4a91bd3b36da8dae1447c2fe4b75be102c2a6516a3ef84d2c1Secunia Security Advisory - Some vulnerabilities have been reported in VooDoo cIRCle, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
bfb5da1b663fc49f8c7a46782b575b65f09f44ac196ee64313276551fb967d3dSecunia Security Advisory - Fedora has issued an update for argyllcms. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise an application using the library.
195f1769721ee670a9d641fc7b727a28f01456d864eae1073c2ba742d3d4cc91Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious, local users to gain escalated privileges.
d6f6ec0def66d53b75eff0110830f37bb71a0d96ffb70ce175a35f815158acdcSecunia Security Advisory - A vulnerability has been discovered in Jinzora, which can be exploited by malicious people to disclose sensitive information.
fff213c32ff827e33f98ec22249f361d3f7c5e08377c03b7a7d13e81bf005f5dSecunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or potentially compromise a user's system.
060be212755fa2de29b64ebc13151c5e0c31f54b77863de152341bd0406e7bb0Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some security issues and vulnerabilities, where one has unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and cross-site request-forgery attacks, conduct script insertion attacks, manipulate data, cause a DoS (Denial of Service), and compromise a vulnerable system.
26258b610a96509647e54d212ebb1acc9bdf8bd478c8760cd42be326c9f53252Secunia Security Advisory - Slackware has issued an update for for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct spoofing attacks, or potentially compromise a user's system.
3796ebe8ea0cc501252c2709b79b182f526d08691b4ad6aac2dd11b556b35130Gentoo Linux Security Advisory GLSA 200903-39 - Two vulnerabilities in pam_krb5 might allow local users to elevate their privileges or overwrite arbitrary files. Versions less than 3.12 are affected.
d736a5e491154169e90336376e2729432b759f619f95ac81399cad1e946d0d69Debian Security Advisory 1755-1 - Erik Sjoelund discovered that a race condition in the stap tool shipped by Systemtap, an instrumentation system for Linux 2.6, allows local privilege escalation for members of the stapusr group.
85821ca0db4ababee6c5087c25d750720baebc424b47a27ad601f790dfdd2aceCisco Security Advisory - A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS Software are enabled.
8401d00ab5208059e231e306c1471fbc3297a33b50140224fd9d3a8a51a6e8e0Cisco Security Advisory - Several features within Cisco IOS Software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.
d7c7801e5593cc1d56d45fb532604c74459fabf8eb1ec761e05e4ee6458e597cCisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that can be exploited remotely to cause a reload of the Cisco IOS device.
9aeff3ac6624b0acd51e8bdef45a818417a1cb077cb942319b1ba9325af60d29Cisco Security Advisory - Cisco IOS Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload.
9e9a90544800678d068057fefc2fb388030582f354d242a3c7772701808ce930Cisco Security Advisory - The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a vulnerability that could allow authenticated users with an attached command-line interface (CLI) view to transfer files to and from a Cisco IOS device that is configured to be an SCP server, regardless of what users are authorized to do, per the CLI view configuration. This vulnerability could allow valid users to retrieve or write to any file on the device's file system, including the device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user does not allow it. This configuration file may include passwords or other sensitive information.
89c62856369209d23f7e86a8a347090994a2c3bd1eb7ae5366e739c7a69af336Cisco Security Advisory - Devices that are running Cisco IOS Software and configured for Mobile IP Network Address Translation (NAT) Traversal feature or Mobile IPv6 are vulnerable to a denial of service (DoS) attack that may result in a blocked interface.
8be582b635f622a6da5938ea795792eb076c6b771a286c319f11eac43115b214Cisco Security Advisory - Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. A crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device.
539b67513178c8d6e96c45b5e65a773d7fb06b37cf4b6d9b4a9675a8b9bb63e7Cisco Security Advisory - A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are available; however, the IPSec NAT traversal (NAT-T) feature can be used as an alternative.
41ae361d948a74deeb0ad10994a0585596dafec4de79e7cda57617b56c0c13f1Debian Security Advisory 1745-2 - Several security issues have been discovered in lcms, a color management library. This update fixes a possible regression introduced in DSA-1745-1 and also enhances the security patch.
c77800fadd6c284e42c35d6fcb110b184e99091d0e1d7a6cdfbdea548c3735e4Secunia Research has discovered a vulnerability Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of JBIG2 streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file containing a malformed JBIG2 symbol dictionary segment. Successful exploitation may allow execution of arbitrary code. Adobe Reader versions 8.1.3 and 9.0.0 are affected.
3a6f7e4aad0b7d0f7fb53f01f4c49768416ddd1ab350f118ec3c37a4d19d7965Adobe Acrobat Reader suffers from a memory corruption vulnerability. Versions 9.0.0 and 8.1.3 are affected.
3fd5159ce227deda8ad64450f949dbfdf2df7c0a4cc546070dccc3e295484604Secunia Security Advisory - Some vulnerabilities have been discovered in PHPizabi, which can be exploited by malicious people to conduct SQL injection attacks, disclose sensitive information, or compromise a vulnerable system.
f6fba59a653815517d0ba3520ffc5793b7a8d6e82ea6758d16ed79db5de14b57
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed