Secunia Security Advisory - A weakness and two vulnerabilities have been reported in IBM Lotus Mobile Connect, which can be exploited by malicious people with physical access to bypass certain security restrictions and malicious people to cause a DoS (Denial of Service)
c3ad8a25f2df52e875fc9a1840ec39e6dc2b1048352aa775113386dbe94c3a3dSecunia Security Advisory - Fedora has issued an update for eclipse. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
e260e441fd46bc4427e44aad97ffa2aae770d0843fe4ce0c15b38a71bddaa30aSecunia Security Advisory - Some vulnerabilities have been reported in Pligg, which can be exploited by malicious people to conduct cross-site scripting attacks.
9f169e3de2548fd402c9a3362ee250ef006afbdf604b22bd455ed1952a80268eSecunia Security Advisory - A vulnerability has been discovered in CubeCart, which can be exploited by malicious people to conduct cross-site request forgery attacks.
2d8a7d2c29ebfaa3636f7554f1779d4cee9e234fc62e4401be4213695f188628Secunia Security Advisory - A vulnerability has been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
6ab8f9edb389f3ff7a076739165bf79b61bec6b1486440052644bf5a15c8f882Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
58bae1ccb01fde571d6e706252f5fb11c49ca676fb680c888cd1ce455158a49bSecunia Security Advisory - Fedora has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
9147c50b636324064e33c2e8924c5af0e822866a2e22c44448c032d21fa3d5c2Secunia Security Advisory - A vulnerability has been reported in ENOVIA, which can be exploited by malicious people to conduct cross-site scripting attacks.
0f6e439c7fdaef00c05d9188d8484f3c3d235897ce03cc556712999a659aaff9Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Service Registry and Repository, which can be exploited by malicious people to bypass certain security restrictions.
f4c441bb1c2dd6767bc1e9625817395024182d88e4388acde8d4ddfa3d04c4c0Secunia Security Advisory - A vulnerability has been discovered in web@all, which can be exploited by malicious people to conduct cross-site request forgery attacks.
91d397e33d9b937618b7bb8a6a9885000c425d8fd00b53a645774db809a0eb41Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Access Manager for e-business, which can be exploited by malicious people to disclose system information.
d0a08d9eb313c6bb2ecfebd18d7b5a0fff1e578d6a65c43397f5f7a9092e3ce2Secunia Security Advisory - Multiple vulnerabilities have been discovered in OpenEMR, which can be exploited by malicious users to conduct script insertion and SQL injection attacks.
c274de8f19e33d32357694c39cfc8dababfd057b557c1626a7bc6ba712ac9e19Secunia Security Advisory - rgod has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
8ca838d389bc5a6d9f3ad46602b768d9795036f43cfedd1ede53839ac2ebdb3fSecunia Security Advisory - Some vulnerabilities have been reported in the PECL phar extension, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
4d3bbd200f0579a40b2a835db5d2f0f72811853217e71b3111995b48f8d015d3Secunia Security Advisory - Fedora has issued an update for perl-IO-Socket-SSL. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
bbd62fed4980fb4bc0a3791899a0efd566fdcac7020d49804cf38de2a8b432faSecunia Security Advisory - A vulnerability has been discovered in SocialEngine Music Sharing Plugin, which can be exploited by malicious users to compromise a vulnerable system.
fdb9a1b8ffe07e647d69dfb0c11b6034b981348a6e00a28baae1dc7ff9704d48Secunia Security Advisory - John Leitch has discovered a vulnerability in httpdASM, which can be exploited by malicious people to disclose system information.
85880f2d58ff8eb7eff54886a01d202616d9050c66654732aede035bcbec8099Secunia Security Advisory - A vulnerability has been reported in Ideh Pardaz Easy Portal, which can be exploited by malicious people to conduct SQL injection attacks.
ca90a61d8c0bfcdfb26ed31b93416e9525d28c6e477115f64cca7c1c75664cf4Secunia Security Advisory - Janek Vind has discovered some vulnerabilities in Coppermine Photo Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
fa765aab7aa3617bd66915ca903706474a5d30913f0d3cf1f6d12580897c66b6Zero Day Initiative Advisory 10-300 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. Authentication is not required to exploit this vulnerability. The flaw exists within the nipplib.dll component used by the the Mozilla and Internet Explorer browser plugins for iPrint client. When parsing an HTTP response the Connection response length is in sufficiently validated before being copied into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
b5172e44a55440caca829a0e3c9c9bff6d4ce99f97233fc051e0705a09738a92Zero Day Initiative Advisory 10-299 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. Authentication is not required to exploit this vulnerability. The flaw exists within the nipplib.dll component which is used by both the Mozilla and IE browser plugins for iPrint Client. When handling an IPP response from a user provided printer-url the process does not properly validate the size of the destination buffer and copies user supplied data of an arbitrary length into a fixed length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
a2dc5261e2ebca49ad9b9e56b4a8249c7cad6f31d98330db68fcf278f1a1b1dbZero Day Initiative Advisory 10-298 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. Authentication is not required to exploit this vulnerability. The flaw exists within the npnipp.dll Mozilla browser plugin for iPrint client. When assembling a URL using the user supplied call-back-url, the value is passed into a urlencode function where it is copied into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
0aedc93a06314c97bfd0b51a3074c516453bf76cee04807f000703bc99639072HP Security Bulletin HPSBST02619 SSRT100281 2 - A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to execute arbitrary code. Revision 2 of this advisory.
aaa0797dfb14d4c1908eaee02d181801c6ace74cf07fe336cc296364f5d6415cZero Day Initiative Advisory 10-297 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. Authentication is not required to exploit this vulnerability. The flaw exists within the nipplib.dll component which is used by both the Mozilla and IE browser plugins for iPrint Client. When handling an HTTP 301 response from a user provided printer-url the process attempts to copy the returned value within the Location HTTP header without ensuring that the destination buffer is adequately sized. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
65ced00f19a79e903c62e1325190e092c6ab2ede41c7a1d3bd23b17a3e2ba098Zero Day Initiative Advisory 10-296 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib.dll component which is used by both the Mozilla and IE browser plugins for iPrint Client. When handling an IPP response from a user provided printer-url the process does not properly validate the size of the destination buffer and copies user supplied data of an arbitrary length into a fixed length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
98e4858550b4ef9237d6ad86f8954eeb693c4594e6e60b203817c71911209636
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed