PI SystemT suffers from an encryption weakness in the default authentication process.
66760cfdf156bb7fea9d0c1b3a2301e13f6007d57c16f6ac806c780ea156375cSecunia Security Advisory - A vulnerability has been reported in IBM Tivoli Composite Application Manager for WebSphere, which can be exploited by malicious people to conduct cross-site scripting attacks.
687ed4caec9d3504337bdcb171f4e8c4e31c6808b69a1f57123e6471322de6d7Secunia Security Advisory - bruiser has discovered a vulnerability in IBM Installation Manager, which can be exploited by malicious people to compromise a user's system.
f37aba08f5130f43a1e7037f46584e0441d3974b169804fc659231c40aa7f1a2Secunia Security Advisory - bellick has discovered a vulnerability in Adobe Photoshop Elements, which can be exploited by malicious, local users to gain escalated privileges.
ed3edf44239a14561700448ed3e0fe003e630993f528718dbb86ee06b3affa89Secunia Security Advisory - Russ McRee has discovered a vulnerability in BIGACE Web CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
35e7fa248dbf5384ab66c5662646f97d7b862643a1f93758ff3ad5363b2c8170Secunia Security Advisory - pyrokinesis has discovered a vulnerability in EMC Captiva QuickScan Pro, which can be exploited by malicious people to compromise a user's system.
f870e7d1385707049e6a6560e17b9db040cefa2cad3341c536c384e1e767c8fdSecunia Security Advisory - Some vulnerabilities have been reported in Activedition, which can be exploited by malicious people to conduct cross-site scripting attacks.
d408873938f82b0ed81c8ca5ae65c4fc25d01346fcc78dc6d32e6577ef8a9567Secunia Security Advisory - A vulnerability has been discovered in Oracle Document Capture, which can be exploited by malicious people to potentially compromise a user's system.
f70969d20d89b8cb0cfe45117df1311161282fe2368f0f4de79abb9e4901f791Secunia Security Advisory - Giuseppe Fuggiano has discovered a vulnerability in FlatPress, which can be exploited by malicious people to compromise a vulnerable system.
c61b1c5abfbb5ec4caa3ef94ac93a6069b8a997d773d3f2b060639e01147f8c1Secunia Security Advisory - Two vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users and malicious people to bypass certain security restrictions.
5dc21330a603fde4bd9958361ae0847d1354279063a5c21ff95c128207b67f31Flickr's API suffered from an API signature forgery vulnerability.
5ccd31c5ca0a4a2de399439bd373a24fdf78b60509f8b7a1c5a3ea0ac654b463WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.
4880f2bb7f9786ba0a35c233213dc63a64301bccc3f90b77bbd582104b13228fSecunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, where one has an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.
5c7e64e3f61f81bd28c14c8a7d3d3a50e6c84d636d29a9bd2406fb4f9d9a85b1Secunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
bcd405b9cf930dd891dca271c5bde6948a78a4cbe646546f60396fbfb2199cd6Secunia Security Advisory - Some vulnerabilities have been reported in Juniper JUNOS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks.
ff336aee48286760e80863adca35d837537d0a96d522947d63390276b9b180baSecunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a vulnerable system.
4c2cfd3818a8f77b03e5722dad47fd062a6cc8a79dc67660feb996fd8fb8a3ceSecunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
413ea69c81359d8bf5dd6cd4cd1c7f6310008a92f13dceda0dd94a811a2e108eSecunia Security Advisory - Maxim A. Kulakov has reported a vulnerability in multiple TrustPort products, which can be exploited by malicious, local users to gain escalated privileges.
f695aee2239890be2826be4832470dc877300f43266831c261e9aa13c7b05735Secunia Security Advisory - A vulnerability has been reported in the FireFTP extension for Firefox, which can be exploited by malicious people to manipulate certain data.
579d2b36eeb19a245196f25975126d719c06817e86340b16c46b66271c575c8bHP Security Bulletin - A potential security vulnerability has been identified with HP Remote Graphics Software (RGS) Sender. The vulnerability could be exploited remotely to gain unauthorized access.
61aac50aed82ed61d95afc86a3635a160842974cdef3f4e95600038803bbfd87TrustPort Antivirus version 2.8.0.2265, Antivirus Business version 2.8.0.2265, PC Security version 2.0.0.1290, and PC Security Business version 2.0.0.1290 suffer from a local privilege escalation vulnerability.
a03d13ef3d07de36c52c5c404d29288885fcc3dbeddbe2d172ec9c52bed2d620Debian Security Advisory 1897-1 - Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without prior validation. An attacker can use this to overwrite arbitrary files on the system or to upload PHP code and thus execute arbitrary code with the rights of the webserver.
74849428a088e248caf5775fc100bbbb2aa65fc2d2b0257a92f72ae1150aacd1Ubuntu Security Notice USN-838-1 - It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovecot incorrectly handled ".." in script names. A remote attacker could exploit this to read and modify arbitrary sieve files on the server. This only affected Ubuntu 8.10. It was discovered that the Sieve plugin in Dovecot incorrectly handled certain sieve scripts. An authenticated user could exploit this with a crafted sieve script to cause a denial of service or possibly execute arbitrary code.
5fd61a6a6d760fcf2bd0a9d66e294c6897bc30e1df8871482b661db6a9b066a1PHP versions 5.3 and below suffer from a mysqli_real_escape_string() related full path disclosure vulnerability.
fd8379906be076c6c118615ff73d9afa57225ac48ec1b4423658885a20fc46abPHP versions 5.3 and below suffer from a preg_match() related full path disclosure vulnerability.
110571519c8b75cd916edb69f611cef30e2fd5a456fc1a9922580caa97fe25a7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed