Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
da58b230384d632c52553a0dc4b5256eeaf3ce762c74c6ad7d8fb67893b6ff42Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
ba54e9780a47cbb9ac825fb26ba0fcde7c0734880a7eec64089b018ed29a2036Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
f9a9de57b6faceeb2d7116e3bbd81eb59d6cb237692bb06b5afcdb428702f9d2Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
29ad95481579f1764c96d5a3b905c173447d7638ad22ab0b3fad3310e1033f40Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
5ed5b03e9a9bfac07541b8affc29df12ce6a114af5ce70de811e350abee24c4cSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
9f637d773e05147f5fddebca47d4f32eaa065525a4713e86117852b4fc62630cSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
79ff156cf917fb691f4b17bdbfad5cb0a6cc061edf41a7bcd72b346f6913a832Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
c8af127dc81e18677064ef66428dd5b8386a0ce6358af637f1bbae03414a1ae4Secunia Security Advisory - Red Hat has issued an update for jboss-seam2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
1f66f3b22ebc5b24916bace93266531af9f937ab6d1b8e9bb97a071edca32f8bSecunia Security Advisory - A security issue and a vulnerability have been reported in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
b22c0eeeec3ca2a90ab3f7a2cdda7cd24bfa42913180a5fd00518843a1fd90bbSecunia Security Advisory - A vulnerability has been discovered in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks.
0e594d0c1fc7f38c3ac50fb687688700c06bb431c685d58a36401c57a586782eSecunia Security Advisory - A vulnerability has been discovered in KVIrc, which can be exploited by malicious people to hijack IRC connections.
04f006656d5afdeb39aa80ce20a5b7dc4ed746fecdb8ce2ca287f5bccb32ef2bSecunia Security Advisory - A vulnerability has been discovered in bozohttpd, which can be exploited by malicious people to bypass certain security restrictions.
a7d066c2cc8cefcd25baf8c479852de7fc2da0695f44c4d44e8118728af9f7b0Secunia Security Advisory - A vulnerability has been discovered in nuBuilder, which can be exploited by malicious people to compromise a vulnerable system.
d2e57a39c835ec7678c8fb691abb7d74caf3cb3be3294cc8dcf44f85c8065b0dSecunia Security Advisory - Some vulnerabilities have been reported in hsolinkcontrol, which can be exploited by malicious, local users to gain escalated privileges.
e6b559f8344d03713cee7b6a322e904df7b03a8792335c201193b5cba5bb0c90Secunia Security Advisory - A security issue has been reported in the Front End User Registration extension for TYPO3, which can be exploited by malicious people to bypass certain security restrictions.
2d692ae4f82b8d8c52cab67f895d860df52e1627ef4e68e42fef6197e4a6fa9bSecunia Security Advisory - Oracle has acknowledged a weakness in Sun Solaris, which can be exploited by malicious, local users to gain knowledge of sensitive information.
b527a8e9e4534cc5ef2c8d915b3b4d9fb3dbf3b0f14d0a63f7e1b88d77833406Secunia Security Advisory - Fedora has issued an update for turba. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
0a49bac260e7bcfb28570c7177640737a3a2eaca6fa4e92b3a90471be5937e96Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can potentially be exploited by malicious people to disclose sensitive information or compromise a user's system.
da06efe862e77be549b4fd698e003bb6af423494f3a23e5356ba276033c58161Secunia Security Advisory - Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
fb1f8c0dde5a5eeec24be6d02057b7007ac13d3c6418fcb900048d0ae795462cSecunia Security Advisory - Fedora has issued an update for libvirt. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions.
c2a87416e6f6ec6fef3471a5b6d86de5c25bac3faa289d8239394183e92d90a1Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
9debe52cdd1a71b13d62020c7ca41cb28bedcd6fb97bc1aefe887e6b1f8e1190Secunia Security Advisory - Some security issues have been reported in JBoss Enterprise SOA Platform, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions.
c44cd7a9f7f9ceee18bdabf837419fd7f8e53b331bd5eb03ac37a800d7159d67Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system.
5afffc0f4497d3b6db8163c8b5cf0a69e1331c9924c0f61ba0a1b60265ddd235Secunia Security Advisory - Cisco has acknowledged a vulnerability in multiple Cisco products, which can be exploited by malicious people to manipulate certain data.
b30f5ff3bfa581906660a5a0f49041e2b19f9f37a504a94110c67da58fde51cf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed