Secunia Security Advisory - A vulnerability has been discovered in the NoticeBoard component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
db4cd58eef504bbc7dba3abd4247b7f1da672af13128f6ff5cf4638613709a60Secunia Security Advisory - Some vulnerabilities have been reported in CCMS Gaming, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
d1faa2f8110a24a539192af3c027a6cbf0d87bd57f81b2be75f3885e04ba53ffSecunia Security Advisory - Multiple vulnerabilities have been reported in HP Systems Insight Manager, which can potentially be exploited by malicious users to gain escalated privileges and by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
3ab18cf0fd3daa1ab957ebc59501a7e6fcead70137ab82dbe0960a1efd32c6cfSecunia Security Advisory - A vulnerability has been reported in HTC Touch Pro2 and HTC HD2, which can be exploited by malicious people to manipulate certain data.
abd52b1830bd15b9e5ce7d104b8cb8bde9f244684e1d23e069684bb8f77e373aSecunia Security Advisory - A vulnerability has been discovered in Help Center Live, which can be exploited by malicious people to disclose sensitive information.
e7655e99155313a895987c2ba0446f7b49d5a5527d011f46afefde2d043e0eb0Secunia Security Advisory - A vulnerability has been discovered in the ABC component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
d66d592e52eebd35f06b3284cf092a8fee7774251edf6ab0e331408c0baf760cSecunia Security Advisory - A vulnerability has been reported in the SmartSite component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
48fdd54a820615243630794ab2e6c8f1c935e70d4db64cb4a16f9d9548d1ee3fMandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.
312b3c1da3613bba6dee3a18734818e0ba9d2e9be62220fe962af073b0b2a26fMandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Packages for 2009.0 are provided due to the Extended Maintenance Program.
d2b192cd78da8edd2e68f462274472b050263f13b309e1cab890312f91302408Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.
209643718e8208dbef837eae2a003ecf460b9808598317b3e97888b1d0d1d215Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.
434d5ae46530ca84b4e40cec180a734b59057077f1e870dbe4462b04e8ee1772Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.
82b64874e461a91bd5206c27ae63f5c67cc13feabbf3505aea024977b045e5c3Secunia Security Advisory - A vulnerability has been discovered in Acoustica CD/DVD Label Maker, which can be exploited by malicious people to compromise a user's system.
eaa4403036d68be10166456f3637ab7a38ab363c6354bbd0e4e17151429375b3Secunia Security Advisory - A vulnerability has been discovered in the Graphics component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
d3a5aae0a775c70713d935096f2d2ad15dbad1ede414c0b38d6c02dd6b0d6196Secunia Security Advisory - A security issue has been discovered in Portaneo Open Source
5ba30ee467a99f29aea9aa861372f132fcf214cd3ec4eb6ae04109e1160ccb03Secunia Security Advisory - Some vulnerabilities have been reported in 2daybiz Advanced Poll Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
201ef179a467ad185d1def62f22ccfad25c1adb2f2e4e87311cf7a1413ade8feDrupal version 6.16 with Better Formats version 6.x-1.2 suffers from a cross site scripting vulnerability.
1583fef88d5e7e8ecd74daf3c557126159e3862b4dccc8a9f398f8ce70f7be62HP Security Bulletin - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on HP-UX, Linux, and Windows. The vulnerabilities could be exploited remotely to allow cross site scripting (XSS), cross site request forgery (CSRF), and privilege elevation.
9775057b4d52ddf94a092c92536a4eeaa718809eab1d2ca30969cce151945df0Debian Linux Security Advisory 2021-2 - spamass-milter with -x, a zombie process is left around for every mail received. This update corrects this problem.
b48f66e55e668b4850337bc935d180d56252b31c686d986dbf32fe31d06ec308Team SHATTER Security Advisory - Oracle Database provides the DBMS_CDC_PUBLISH PL/SQL package owned by SYS that is part of the Change Data Capture component. This package has a SQL Injection vulnerability in DROP_CHANGE_SOURCE procedure. A malicious user can call the vulnerable procedure of this package with specially crafted parameters and execute SQL statements with the elevated privileges of the SYS user.
c35f4f8ed0b6742d878dc5ee1a8c8cca9fdc018856ad9e4443fbbf4bf0fcfaf5Secunia Security Advisory - A security issue and a vulnerability have been discovered in Webessence CMS, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct SQL injection attacks.
11c4e69143801547e1c02eed3aac06d91a916845a29be00c8d868e9e0558c08dSecunia Security Advisory - Christian Navarrete has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to disclose sensitive information.
05b7201273e199a1839fdf7b0f182990ee5af3c4a71bd442e802d956766e9a5dSecunia Security Advisory - A vulnerability has been reported in iNetScripts Free Upload Script, which can be exploited by malicious people to compromise a vulnerable system.
0cf0a0af544d3f31a24f83c444fc2cf61570d6e3334db10311fec4071304d3bbSecunia Security Advisory - A vulnerability has been discovered in Kasseler CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
5c84b30066a30a5f1774327b3002e977cde71d671bd721cb5159d75abdbf6226Secunia Security Advisory - A vulnerability has been discovered in IDEAL Migration, which can be exploited by malicious people to compromise a user's system.
bc73fc0ff27a471a83e04cf74638a9bf48a3541091c7b5074c0597dce1a67b4b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed