Ubuntu Security Notice 1177-1 - Andrew Griffiths discovered that QEMU did not correctly drop privileges when using the 'runas' argument. Under certain circumstances a local attacker could exploit this to escalate privileges.
2db2352dca97c03e93a4de8cf6727155b5bccf0dc86d6436fc53e270444efcddZero Day Initiative Advisory 11-241 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Webkit Library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the NamedNodeMap::setAttributes method defined within the NamedNodeMap.cpp file distributed with WebKit. The code responsible for copying attributes between DOM nodes does not verify that a mutation may have occurred when an attribute's attributeChanged method is called. By crafting a page that deletes instances of that attribute when the above mentioned method is called the code within setAttributes can be made to operate on freed objects. An attacker can take advantage of this by spraying the heap in a way that will not result in null pointers being referenced. This can lead to arbitrary code execution under the context of the user running the browser.
0748db6d4ee6bfe2651ddbd36ffb116881c9658edb8f896d05ac0dd5e8b67fdbZero Day Initiative Advisory 11-240 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's support of SVG markers. When updating a marker, the application will duplicate the reference of an object without updating its reference count. When freeing this object, a use-after-free vulnerability can be made to occur. This can be leveraged by a remote attacker to execute code under the context of the user running the application.
9955e1a0118de7587b35cc2341eb06299e4d3ea9f28954c95c79d4b5a540588dZero Day Initiative Advisory 11-239 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a FrameOwner element. When building this tree, the application will create a duplicate reference of an element. By freeing the referenced element, a use-after-free condition can be made to occur which can lead to code execution under the context of the application.
9a566a7f048a2f671ae362db0c36d2bb1dc429098ed33eb23dac590c45aba40aRed Hat Security Advisory 2011-1100-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. A flaw was discovered in the JNLP implementation in IcedTea-Web. An unsigned Java Web Start application could use this flaw to manipulate the content of a Security Warning dialog box, to trick a user into granting the application unintended access permissions to local files.
1aa0fc44e9203cd83f9e35c5f4c37ec5b68f33d5745644ea51197952cea44e7dMandriva Linux Security Advisory 2011-121 - All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT. All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field.
b75ce3ace75fea8d22a279188ef3184449337cf90f4fe3d331c11300c3a6a118Mandriva Linux Security Advisory 2011-120 - Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, allows remote attackers to execute arbitrary code or cause a denial of service via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011.
c6327c04cc1f8a878340ba858f3e80a09236c75996f3bfb90d9d1f2b2d6c3befRed Hat Security Advisory 2011-1090-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. A flaw was found that allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could trigger this flaw by sending specially-crafted packets to a target system, possibly causing a denial of service.
423b948c96708d1e061b86fbda73740a65a22df850c2554883aadb161b574ff5Secunia Security Advisory - Fedora has issued an update for oprofile. This fixes a weakness, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
1d7579d43a3490a65046f7913ec3b31995a7f50f355cdbebb461d3952f8f170fSecunia Security Advisory - A security issue has been reported in GLPI, which can be exploited by malicious users to disclose potentially sensitive information.
e49f48a6868ff46c9366d4d8ac553e8ce01f6bf543d47c9085f4c38c302525acSecunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and to potentially gain escalated privileges and by malicious, local users in a guest virtual machine and by malicious people to cause a DoS (Denial of Service).
3ed48a9e8b08d7472bb628078372c541b60ca2a9bae503aefff36a6665fbf283Secunia Security Advisory - Ubuntu has issued an update for libsndfile. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
8cbb81bf45d122007e2cf6f5a6b7f68e32e4cf5780b76463aa7b3e054aac6f14Secunia Security Advisory - Ubuntu has issued an update for freetype. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
68b7c98c9ad580fd045add831c990484d4a69246a21e77c2f7dae1cad5978743Secunia Security Advisory - Fedora has issued an update for xmms. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
345591565baa757c2f4eee094fc2b69628e20bcddb9d8038bf20da0022e6f496Secunia Security Advisory - A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose potentially sensitive information.
b125f68e25b4f6855c48eebac5b66d7971a9fa689070dfbd8e569ce4ebe1b652Secunia Security Advisory - High-Tech Bridge SA has discovered a weakness in Free PHP message board, which can be exploited by malicious people to conduct spoofing attacks.
23525b72ad83fd356074562dc16c43154f4e36176905454d3dd05a90ec0c3a91Secunia Security Advisory - Ubuntu has issued an update for dbus. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
bd54aaafead02e89f530e72222228a7f41294b9447fd6a514a47471506fb6665Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
f0f8f7439c30cb02b15cbb63aef828ac31444739d0d6f0539165e2a8424a42a0Secunia Security Advisory - A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks.
f3699f2b3b97d3228540022c4254315def210e17aab329fa69fdf5a28d52a0b3Secunia Security Advisory - Red Hat has issued an update for systemtap. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
4fdcbfeeb062cd4a2d71f8c1ccd48b8e28f9d377a72648d7a6dd732c97239006Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), conduct session hijacking attacks, bypass certain security restrictions, and potentially gain escalated privileges, and by malicious people with physical access to potentially compromise a vulnerable system.
06ff534301562c096822c44fec6a3023e1ff2a5f06ae934cfcdff6b472229614Secunia Security Advisory - A vulnerability has been reported in the Virtual Money component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
81fa7ebb5bf429f491c4d71e596e0f326866aab87244331c6ef0018de0b4aad5Secunia Security Advisory - Debian has issued an update for mapserver. This fixes some vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and potentially compromise a vulnerable system.
b7ad58620638eea10895bcb88afdd4b27beaa27c5b977fad385ff89e2c50f053Secunia Security Advisory - Yuri Goltsev has reported multiple vulnerabilities in Koha, which can be exploited by malicious people to conduct cross-site scripting attacks.
b7a1e3f7f78d5a4f3c0761684ab78379226323bed68b75d0c16a0d1152569f44Secunia Security Advisory - SUSE has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
c01c4bfa924d1a6e5e6e3be9d7fc750225ad4953f573e74a45500402edeccd5b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed