Cisco Security Advisory - Cisco IOS devices that are configured for Cisco Unified Communications Manager Express (CME) and the Extension Mobility feature are vulnerable to a buffer overflow vulnerability. Successful exploitation of this vulnerability may result in the execution of arbitrary code or a Denial of Service (DoS) condition on an affected device.
9f61f0eeb85ad149cf4c19fd8ab49f6492572d1cd08f15fb49460eb1c44b98ad
Cisco Security Advisory - A vulnerability exists in Cisco IOS? software where an unauthenticated attacker could bypass access control policies when the Object Groups for Access Control Lists (ACLs) feature is used. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability other than disabling the Object Groups for ACLs feature.
2cda9babc6ab98cfea35753b08b4e5bd44364d003c1fa20bd5d02df2d405f936
Cisco Security Advisory - Cisco Unified Communications Manager, which was formerly Cisco Unified CallManager, contains a denial of service (DoS) vulnerability in the Session Initiation Protocol (SIP) service. An exploit of this vulnerability may cause an interruption in voice services.
d80f694eb047ded890bd9cfbe2f849b7b861c36f747f0c16c3a86f34786a1078
Ubuntu Security Notice USN-836-1 - It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. Several flaws were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that WebKit did not prevent the loading of local Java applets. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program.
1c9bed36021cbb768ac65baaec91d4ccb8ffeca2322f4d7bc8d1f4e47ece30dd
Zero Day Initiative Advisory 09-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerability installations of Adobe RoboHelp Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in the management web server listening by default on port 8080. The Java Servlet handling POST requests to the server does not properly sanitize user input. A specially crafted request can bypass authentication allowing an attacker to upload and execute arbitrary files. Successful exploitation can result in complete system compromise under SYSTEM credentials.
b4bfe8551f748ba77ce6c817e898a70259d1e837a4f4396c5a11a5187a80c79e
Debian Security Advisory 1893-1 - It was discovered that the SIEVE component of cyrus-imapd and kolab-cyrus-imapd, the Cyrus mail system, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the cyrus system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system. The update introduced by DSA 1881-1 was incomplete and the issue has been given an additional CVE id due to its complexity.
7cc84f9d81089816b231888b54423e78094c839d60a333567463949319d07201
Debian Security Advisory 1892-1 - It was discovered that the SIEVE component of dovecot, a mail server that supports mbox and maildir mailboxes, is vulnerable to a buffer overflow when processing SIEVE scripts. This can be used to elevate privileges to the dovecot system user. An attacker who is able to install SIEVE scripts executed by the server is therefore able to read and modify arbitrary email messages on the system.
1e397e9152a659f46c090079c2cfa537c94c26a24228f0d5373aa8bb6b50bc9a
Mandriva Linux Security Advisory 2009-243-1 - Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. Correct a problem in the 2009.1 update of the lzw handling code.
35ae33bc1743f391ad90d66a2f9fb6e3e57bf0d6bd9fced8574951f19ccc1bb0
Mandriva Linux Security Advisory 2009-244 - Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID. This update provides a solution to this vulnerability.
965e342434dc2eedcbb5894a7d9d4c1befa4d0bc648d9d9905d0a424b4b0845f
Mandriva Linux Security Advisory 2009-243 - Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem.
695b6fd644397cb522d47bb5edcc04a4bbd7791fdbfd16e4d26337f53f47e910
Secunia Security Advisory - Chip D3 Bi0s has discovered a vulnerability in Integrated Newsletter component for Joomla, which can be exploited by malicious users to conduct SQL injection attacks.
9c79529528eea161b9f6a6bb1e3b2a15d85264e038bb2c782e1783793c87ac39
Secunia Security Advisory - A vulnerability has been reported in Vastal I-Tech Share Zone, which can be exploited by malicious people to conduct SQL injection attacks.
2da76904cf3b60727fe51efc846ed02f01070cf83ba805188fc6ddc084ca5b21
Secunia Security Advisory - A weakness has been reported in Sun Solaris, which can be exploited by malicious people with physical access to an affected system to potentially disclose sensitive information.
87b5ba4050f6299e8aece879494094027585f99f75bf3db7145d7eb921f0d824
Secunia Security Advisory - Some vulnerabilities have been reported in BPowerHouse BPGames, which can be exploited by malicious people to conduct SQL injection attacks.
84b0e088495c6b3d58c962e07199016080e71ebee816b25c35486e322cf5dd88
Secunia Security Advisory - A vulnerability has been reported in BPowerHouse BPMusic, which can be exploited by malicious people to conduct SQL injection attacks.
564d75b6cbd3cbb14dddaef384de0cbb910cd22a0a55f481d415a90cf09d1c9c
Secunia Security Advisory - A vulnerability has been reported in BPowerHouse BPHolidayLettings, which can be exploited by malicious people to conduct SQL injection attacks.
920367853b4398b48c563816eedfc33652bb3365e0961c4160c2d1a778444127
Secunia Security Advisory - A vulnerability has been reported in BPowerHouse BPStudents, which can be exploited by malicious users to conduct SQL injection attacks.
ffd765df3e0badbc4eda39e425a52e1477c7e9f73977c394f5d0408be0b1e5f7
Secunia Security Advisory - A vulnerability has been reported in Sun Solaris Cluster, which can be exploited by malicious, local users to gain escalated privileges.
adb522eae3106abc9f58923142569a4d98a1ee0985e523141b3de83685a144ff
Secunia Security Advisory - A vulnerability has been reported in CF Shopkart, which can be exploited by malicious people to conduct SQL injection attacks.
024ddb47cab5d33951d1100908925ff8eaf17f992af06056d858193095ac2f35
Secunia Security Advisory - A vulnerability has been reported in Vastal I-Tech Toner Cart, which can be exploited by malicious people to conduct SQL injection attacks.
8ef95afa57c5002189284ee2cd4fc0d0b4f0b2b1003e0239567fb1213e2d811a
Secunia Security Advisory - A vulnerability has been reported in Vastal I-Tech DVD Zone, which can be exploited by malicious people to conduct SQL injection attacks.
20c6ed8d843a3f385da1202af7dd90c1b52f4f55d10cbd637d591f3656d85760
Secunia Security Advisory - Some vulnerabilities have been discovered in DDLCMS, which can be exploited by malicious people to compromise a vulnerable system.
f4d57f4bb4bf313bcd488f4ed92113c03227216c2e0421ee1e2e545590075e18
Secunia Security Advisory - A security issue has been discovered in nginx, which can be exploited by malicious people to bypass certain security restrictions.
77b58cda5bae6010adc215179d4044751338302c939691b14becd1d854c39638
Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the libtiff library.
ce2698b7f7792c8224b332b614f0241655f0ff95b6a801de3fb01bc09c9afb43
Secunia Security Advisory - A vulnerability has been reported in Alibaba Clone, which can be exploited by malicious people to conduct SQL injection attacks.
90614a395037696d01dcaf0ad8bc29c56d054f774492b76d850d4a0657aa0b6f