Secunia Security Advisory - A vulnerability has been reported in PHP Dir Submit, which can be exploited by malicious people to conduct SQL injection attacks.
20ea026213ccbecd3493d224f458241f7a514be7748d4cd7f1e707c5cc243b25Secunia Security Advisory - Gentoo has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.
20058a87bc0c3b792f81dba17666db65b1d07f3e50db12001403396b10fbd2d2Secunia Security Advisory - Gentoo has issued an update for pidgin. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system.
ef74b877714c375bd414c9dd34d2bc2fcf8d67e3b07dfb3264d8b8eda45ad055Secunia Security Advisory - Fedora has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.
1409dbe97384e974fdbcfc4453144af478c32a1a1259ee7653693d0a882b1fc2Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and bypass certain security restrictions, and by malicious people to cause a DoS and potentially compromise a vulnerable system.
e9bce5a736fbd8d81a1376473d318e5744ef916b0f8ecd6925d43a6f62e0e36bSecunia Security Advisory - A vulnerability has been reported in Arcade Trade Script, which can be exploited by malicious people to conduct cross-site scripting attacks.
d3dd4431df20c321f73feccb169a55378d7c2af4c0e59d5933f0bdf16130c132Secunia Security Advisory - Laurent Gaffi
8e6df9fc4f19285f3b19f5f353ccf841bc4dacdf715e942594b4b6f5afe69216Secunia Security Advisory - Some vulnerabilities have been discovered in Basic Analysis And Security Engine, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
ca2d40974309e7c5928709d3f57bc741c2db27f1be0e6fed12c022f935742d94Secunia Security Advisory - Some vulnerabilities have been reported in Jetty, which can be exploited by malicious people to conduct HTTP response splitting and cross-site scripting attacks, disclose sensitive information, and potentially hijack a user session.
167c672d92c6e3fa3840b63ebd92d8434c99af8fbf50367850829a955c46bd29Secunia Security Advisory - Ben Hawkes has reported a vulnerability in DotNetNuke, which can be exploited by malicious people to conduct cross-site scripting attacks.
b1396c23c4a1db35f515d44ab7245a079696f968d6b576093813db8ca6cbc489Secunia Security Advisory - Some vulnerabilities have been discovered in aMember, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks, and by malicious users to conduct SQL injection attacks.
bbf056749d174b4e451d843af6d3722dd9980c86bbe7697539a006f2de05566cSecunia Security Advisory - Fedora has issued an update for jetty. This fixes a vulnerability, which can be exploited by malicious people to disclose sensitive information.
b53859b3ed6eb525560d8f8a9bba695d5b6cc63127d20b60d420ddff88293554Secunia Security Advisory - A vulnerability has been reported in IPcelerate IPsession, which can be exploited by malicious people to conduct SQL injection attacks.
9a255f4593dffb1fd85e6f29e2b1b03ecaff7e03bbf09b3a973b7b036965f1adGentoo Linux Security Advisory GLSA 200905-04 - Multiple vulnerabilities in GnuTLS might result in a Denial of Service, spoofing or the generation of invalid keys. Versions less than 2.6.6 are affected.
884a5882bd06c9e5ac5a64fe2bcfa5e72d7c2842a343cfd557b93ed143fc85a0Gentoo Linux Security Advisory GLSA 200905-07 - Multiple vulnerabilities in Pidgin might allow for the remote execution of arbitrary code or a Denial of Service. Versions less than 2.5.6 are affected.
256d008607e8ce04042b47a260060c410f5e6c429f1f4c3a80bb4141e839b483Gentoo Linux Security Advisory GLSA 200905-06 - An error in acpid might allow remote attackers to cause a Denial of Service. The acpid daemon allows opening a large number of UNIX sockets without closing them, triggering an infinite loop. Versions less than 1.0.10 are affected.
f1e0c2c3eb13db748b80959e4536ceb5f4064f30cb5095885b73fd49e31a3c6bGentoo Linux Security Advisory GLSA 200905-05 - Multiple integer overflows in FreeType might allow for the remote execution of arbitrary code or a Denial of Service. Tavis Ormandy reported multiple integer overflows in the cff_charset_compute_cids() function in cff/cffload.c, sfnt/tccmap.c and the ft_smooth_render_generic() function in smooth/ftsmooth.c, possibly leading to heap or stack-based buffer overflows. Versions less than 2.3.9-r1 are affected.
e9b36985a193949654f83a9a009ec43d8a047444740d6c527ab4e63b6108f5bbSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow error in "sadmind" when allocating memory for incoming "sadmind" requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation may allow execution of arbitrary code. Solaris versions 8 and 9 are affected.
2588276a4d4549d8fc09c553a149ec640174afe73c0379fa6574623a52c9e2ebSecunia Research has discovered a vulnerability in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in "sadmind" when decoding request parameters. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation allows execution of arbitrary code. Solaris versions 8 and 9 are affected.
6effaf2c14d97816be959ffb5ea357ea6d0c0ee1105a70e8cb1cbc0d3b392880Android, an open source mobile phone platform, improperly checks developer certificates when installing packages that request the shared user identifier (uid) permission. Android versions greater and equal to 1.5 CRB17 and less than or equal to 1.5 CRB42 are affected.
4529118996146152d1d83f69c6d70389ced40256af266233bb1f2cd14f0ae955Gentoo Linux Security Advisory GLSA 200905-03 - Multiple errors in the IPSec Tools racoon daemon might allow remote attackers to cause a Denial of Service. Versions less than 0.7.2 are affected.
79db0186e0cc0dc495c6259888fc48f6fb06ba32880bced4aca533b1b5782725Gentoo Linux Security Advisory GLSA 200905-02 - Multiple vulnerabilities in Cscope might allow for the remote execution of arbitrary code. James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths. Multiple stack-based buffer overflows were reported in the putstring function when processing an overly long function name or symbol in a source code file. Versions less than 15.7a are affected.
39a53c2338b13f7e41e4b96a38233fde0baf0ae4df73e52902baff339b347135Mandriva Linux Security Advisory 2009-122 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. The updated packages have been upgraded to the latest version of squirrelmail to prevent this.
4d625c059ac76fa426b4364168404a4461455a591f139796b5f4e3a268329ad9Debian Security Advisory 1806-1 - Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.
590b7b56f51b92b716841c881d2dc6ed98216cc086adc0ad81629be53ea6274bDebian Security Advisory 1805-1 - Several vulnerabilities have been discovered in Pidgin, a graphical multi-protocol instant messaging client.
cbce861a8fc059dce0e2e207159753b832372c40084d4da5642331a83f7f5a29
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed