Secunia Security Advisory - A vulnerability has been reported in BackupPC, which can be exploited by malicious people to conduct cross-site scripting attacks.
d7717a2fb597f63ace8226d7c9ad456ef20d8b4d38a84ff23476f98a94a65880Ubuntu Security Notice 1249-1 - It was discovered that BackupPC did not properly sanitize its input when processing backup browser error messages, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. This issue did not affect Ubuntu 11.10. Jamie Strandboge discovered that BackupPC did not properly sanitize its input when processing log file viewer error messages, resulting in cross-site scripting (XSS) vulnerabilities.
063eb8c6038da815c5d6dad43a7a7e358f343c718e57b60617c8012eaf8fd1ebZero Day Initiative Advisory 11-316 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime processes the matrix structures in the 'tkhd' atom for mp4 files. When the matrix structure contains large values a movs instruction can turn the value negative. When Quicktime later uses the function to determine where it should write its data it does check the upper boundaries, but not the lower ones causing a heap buffer underwrite. This can result in remote code execution under the context of the current user.
74594dbdae073622048f6651ace5317e0546240bb0f13a6f484ff95a939e5d92Zero Day Initiative Advisory 11-315 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. Quicktime fails to correctly checking the decompression size when decoding the RLE data. This allows for a 4 byte overwrite past the end of the buffer which could result into remote code execution under the context of the current user.
3802dfdf1cf93a729f1ba11e5918aa1b86a4e1476352c4beae0112361698747eZero Day Initiative Advisory 11-314 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specific opcode within a PCT file. When resizing a heap buffer, the application will use a signed word read from the file to calculate the resulting size. This can be used to force the target buffer to be of an undersized length. Usage of this buffer will result in a buffer overflow in the context of the application.
cc09b6342d4553ebc78dcd6858afd62878e46f1f87c465f70b1ae1679eb9abfeZero Day Initiative Advisory 11-313 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime decodes flic file. Flic files can contain FLC Delta Decompression block containing Run Length Encoded data. When Quicktime tries to decompress this data it reads a user supplied RLE Packet count field from the file and uses that as loop counter. A high value for this field will cause Quicktime to write outside previously allocated memory which could result into remote code execution.
45489e6bcd5489bd68ed6bfde99280dedd3b41ee95eb68978163dd7dddbf7411Zero Day Initiative Advisory 11-312 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses the atom hierarchy within a QuickTime movie file. In a certain situation the application will pass execution to another function for handling the atom, however, will pass the incorrect number of arguments. Due to this, a variable will be treated as a pointer. This can lead to code execution under the context of the application.
cb365aed44c81961888502d4e300903ac4ba55d40337e597ccdb589e14a421f0Zero Day Initiative Advisory 11-311 - This vulnerability allows remote attackers to potentially disclose memory addresses on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how QuickTime.qts parses a data handler in specific atom within a .mov file. The application will utilize a string length to copy data into an heap buffer, if the string is of zero-length, the application will fail to copy anything and then proceed to use the uninitialized buffer as a string.
4682f8dd91fca2078cf6708e8f7ebb6201141a50fc68df2e53c92a85f3d4035aOpenCart version 1.5.1.1 suffers from a CRLF injection / HTTP response splitting vulnerability.
834045fa71657a4a86151bdf755c6d75625809e43314f881488714917eb293e0Facebook.com suffers from a bypass vulnerability where an executable can be attached to a message if a spaced is added to the name.
d50f0c387bdb7f361f67403ec07249d408f5a19eed5358e240b208741277268fDebian Linux Security Advisory 2329-1 - Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names.
5f42437f7d36f6cd8bdb547930c295a44714e4c3fb860357704edd6e75e86fbfThe default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.
4f61867467d9f947166505f70c2306db6ef9f3380f5efdf8445bb8695e519d32Secunia Security Advisory - SUSE has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
ecdc38a1858cfc80ebd0fd2d88975201a6eabffa4d1e52e06056ea632e598099Secunia Security Advisory - A vulnerability has been reported in the Presta2PhpList module for PrestaShop, which can be exploited by malicious people to conduct SQL injection attacks.
77f4b16edfaa37a9ede9dc3edde8ad4a5e6a509ccfb5b73a2b8e184c859703d8Secunia Security Advisory - A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
7215d9d5d7593fcc5bf61a6e25712d3007f4b0347d4ff60d6a0d33e9d53892a0Secunia Security Advisory - Red Hat has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
1be98bb677f07793f9ed3b84888b8455beadff4d4665644c71dc142b4c0d43d2Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere ILOG Rule Team Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
9761657bbf78b64616e008ceeceeb7473ac5d94c05facbac8c07bb1667ca93cdSecunia Security Advisory - Gentoo has issued an update for mod_authnz_external. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
0bb4ab755cda9dc64d36b35551b7c12c78bcc47295700ff717e7b6bc6714819aSecunia Security Advisory - Ubuntu has issued an update for kde4libs. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
2e9fef9bece728d9279d0097f42e7ca3e1b5e78bfbf4297c80d46a5de43067feSecunia Security Advisory - A weakness has been reported in OpenStack Compute (Nova), which can be exploited by malicious people to disclose sensitive information.
e7ec7d8ee0b84f89c3c47c8f7b11cf9fe32dd956425c23995048d7c02a7d394aSecunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting attacks, and potentially compromise a user's system.
1ae83cbec544390c6c09251076f27cbe48fa45c677d5040cd1effd693a3e6682Secunia Security Advisory - Ubuntu has issued an update for nova. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information.
6ad20e61889c077aab0030de147d6b4eac883b4b9f369b3232054ef3b75ec90aSecunia Security Advisory - Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
3bf3531276b51b14429af52894e6c1f71f68ca12df376cf79455d978d7140febSecunia Security Advisory - A vulnerability has been reported in SPIP, which can be exploited by malicious people to conduct SQL injection attacks.
cf058c322c490d03c6689f9a1c0c5f28391339bf9fa1ff00b36c6623c8ac4a1dSecunia Security Advisory - Debian has issued an update for torque. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
1e11d6ea99c6064f81333e20e070414305a740305122bb042fbe6a11672eddcc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed