Secunia Security Advisory - Debian has issued an update for wxwidgets. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
78e53f0f3ba565e5c98cedf41f8ac66fb7972b2475471e5a272c804780d607cdSecunia Security Advisory - Fedora has issued an update for bugzilla. This fixes two vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks.
ab0a932df11c99cd5a3eb0916bbc4dad9e6076d4e2a57c3e32ebbf34280903f1Secunia Security Advisory - Gentoo has issued an update for dnsmasq. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
8ec10adb976a6cc5afd4d8d226313cc312497fc9f066031df80b5437b9ffe3d5Secunia Security Advisory - A vulnerability has been reported in HP ProCurve Identity Driven Manager, which can be exploited by malicious, local users to gain escalated privileges.
962d4be41134e96ff292dba99755a492817dca91cc631a39bcdc5851e19af884Secunia Security Advisory - Gentoo has issued an update for nginx. This fixes a vulnerability, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
d2770f23e05206a495b822b0ddd1a08cc6e34c2203ed488b8d57a1d06cbc1ec5Secunia Security Advisory - Marc Ruef has reported a vulnerability in IBM Lotus Notes, which can be exploited by malicious people to bypass certain security restrictions.
a020ef9f04f8ca74e27aebc5e75a344a178c4137e58531687e2256eef4b5ce55Secunia Security Advisory - A security issue and a vulnerability have been reported in MyBB, which can be exploited by malicious users to conduct spoofing and SQL injection attacks.
f9a9715f078404d739288ada6df87e96307fe8a7d9983007b086e0bdb0607c2cSecunia Security Advisory - A vulnerability has been reported in PHP Pro Bid, which can be exploited by malicious people to conduct SQL injection attacks.
cff490c486d02782f9bd7368ab053666886618b5a33b19e43a93ec306817627fUbuntu Security Notice USN-835-1 - Joe Orton discovered that neon did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
968ff370e3a79298a9b7124d53f5b9ece8d5f8e220c123a1a7ea5d7a39c1313cMandriva Linux Security Advisory 2009-238 - Multiple vulnerabilities was discovered and corrected in openssl. This update provides a solution to these vulnerabilities.
31c2e4db2c4d9a59061c28ba43c171388869223dfecb57fc075078cb0b97baedMandriva Linux Security Advisory 2009-237 - ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello. The NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spooof certificates by using MD2 design flaws the scope of this issue is currently limited because the amount of computation required is still large. This update provides a solution to these vulnerabilities.
6b72823540faf713afc600893f4b4f73da01b097b7de2809c1b8a8f80d4521e0Ubuntu Security Notice USN-834-1 - It was discovered that PostgreSQL could be made to unload and reload an already loaded module by using the LOAD command. A remote authenticated attacker could exploit this to cause a denial of service. This issue did not affect Ubuntu 6.06 LTS. Due to an incomplete fix for CVE-2007-6600, RESET ROLE and RESET SESSION AUTHORIZATION operations were allowed inside security-definer functions. A remote authenticated attacker could exploit this to escalate privileges within PostgreSQL. It was discovered that PostgreSQL did not properly perform LDAP authentication under certain circumstances. When configured to use LDAP with anonymous binds, a remote attacker could bypass authentication by supplying an empty password. This issue did not affect Ubuntu 6.06 LTS.
1cc8e823bffcfd04b7086497156d8f0f84e9ce557955e7f970e2c2827c937faeGentoo Linux Security Advisory GLSA 200909-19 - Multiple vulnerabilities in Dnsmasq might result in the remote execution of arbitrary code, or a Denial of Service. Versions less than 2.5.0 are affected.
ec68823361b9638a1384381e81356f03b2d0d93d982e59ba4960888f743dd348Mandriva Linux Security Advisory 2009-236 - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Various other vulnerabilities were also addressed.
7d7237c9d30ca41ff7b6791d7b2efc467f6938344c1323066958a3b9f362188cUbuntu Privacy Remix (UPR) has released version 9.04_r2 to address various vulnerabilities inherited from Ubuntu.
c8635c6b62404afe895c33f956681781c08cd22ecd6798a65ae745c4427a2c52Secunia Security Advisory - Sun has acknowledged some vulnerabilities in StarOffice and StarSuite, which can be exploited by malicious people to potentially compromise a user's system.
7c33df5a9b51058f835e8b2e0df661878ca15d24e5b550292b99d47958aebcdeSecunia Security Advisory - A vulnerability has been discovered in FanUpdate, which can be exploited by malicious people to conduct SQL injection attacks.
d208c6329e4412454b9f859c334edb3b9f4e352353537fc30cd49581fe3b7ebaSecunia Security Advisory - A vulnerability has been reported in Zainu, which can be exploited by malicious people to conduct SQL injection attacks.
8c78af7f9ed66d4cb01ff591d17d0488b781e0032eedf285692540c33487961bSecunia Security Advisory - Some vulnerabilities have been discovered in ffmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.
b1b2671aaecde7f22206ca2b9cd0849d913a5f7ab7e23216f5796368d44938f3Secunia Security Advisory - A vulnerability has been reported in Three Pillars Help Desk, which can be exploited by malicious people to conduct SQL injection attacks.
51fa7f88e6341aa60a73751f92f03b487b41754e9bb248416b8b06d84b500b54Secunia Security Advisory - A security issue has been reported in multiple QNAP devices, which can be exploited by malicious, local users to bypass certain security restrictions.
e3659706a21891e723f58aed4aa9829d20857d6587e0967593bb1c9e9361c958Secunia Security Advisory - A security issue has been reported in Firewall Builder, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5eb5652941745cd7a4ef4bee47f5e56d8446d958799429d6c51074478aef9014Secunia Security Advisory - A vulnerability has been discovered in the Apache mod_proxy_ftp module, which can be exploited by malicious people to bypass certain security restrictions.
5dbd42ddb9955747a0ee2c1410adcca9e9f70ddb11a3e0436c024489d11a7b6bDebian Security Advisory 1890-1 - Tielei Wang has discovered an integer overflow in wxWidgets, the wxWidgets Cross-platform C++ GUI toolkit, which allows the execution of arbitrary code via a crafted JPEG file.
ed775f49cb58cbce91017bb067a323a636d2226e812c374bf0745a565ce2f3d7Horde Application Framework versions 3.2.4 and below suffer from a Horde_Form_Type_image arbitrary file overwrite vulnerability.
6b36254b02daaded256bbf6076bafdff753a55113f60cdbc47ec7d1dfe52ffb0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed