Zero Day Initiative Advisory 11-352 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Managed Printing Administration. Authentication is not required to exploit this vulnerability. There multiple classes of flaws within this product including arbitrary file creation, null char truncation and directory traversal. Null injection and directory traversal can be used in the form data passed to MPAUploader.Uploader.1.UploadFiles() to remotely create arbitrary files.
0fb0a3d7bd2a7b49dd9316a286d97947a5671246c119e459edc6c1cab2b9909apfSense version 2.0 suffers from an insecure x509 certificate creation vulnerability.
3b7b79a0f1b97c9c7fca044603df65f48dd8eadf29bf8a745b42255bc9c6afe4Zero Day Initiative Advisory 11-351 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wellintek KingView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the protocol parsing code inside nettransdll.dll. The parent service is called HistoryServer.exe and listens on port 777. When a packet with op-code 3 is received, the service allocates memory from the heap based on the 10th and 11th bytes of the packet (element count). Packet data is then copied into the allocated buffer based on the first two bytes of the packet (packet size). These values can be manipulated to create a heap overflow and and attacker can exploit this to remotely execute arbitrary code in the context of the service (Local System).
85ff49462a0a23bcdb93a84c14d5cea4bf254fce9874f80d0a8ca842bb90e051Secunia Security Advisory - A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct script insertion attacks.
d10f9a2348cc53f33afdaaba4e4ba2497f0312ad17311078840093fbf29e159bSecunia Security Advisory - A security issue and multiple vulnerabilities have been reported in pfSense, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
1066245f999660154e89add7d2fe3fd41206b802a3d2f3ece8898b3b6538384dSecunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in epesi BIM, which can be exploited by malicious people to conduct cross-site scripting attacks.
6a9695e0c57eeeed2f761355b150af1952e218f9eb3332d3dd7eb3b9cf323b04Secunia Security Advisory - A vulnerability has been reported in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to cause a DoS (Denial of Service).
2b61db7a3695c6fbf25e189b37fc17ac81ee4f094ceadb1e6d814866c956b5b0Secunia Security Advisory - Ubuntu has issued an update for jasper. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
8f7d56c05de8b0c5a19091c8cf905b960d120a155bb839b124cc22c41535da99Secunia Security Advisory - Debian has issued an update for libsoup2.4. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
1c6f45a6782524e148794230a08a0dfb59eee2cd58ca015516e859d1910e071eSecunia Security Advisory - A vulnerability has been reported in IDAPython, which can be exploited by malicious people to compromise a user's system.
9837af998568d24d564c2d87fa10c0bf3fb4c50d437d506c9100b40fe27d5bdeSecunia Security Advisory - A vulnerability has been reported in KingView, which can be exploited by malicious people to compromise a vulnerable system.
3c3efb3462f6c5aa8ec982afedccfc641fce74bf1909ce41de24b328c286016cSecunia Security Advisory - A weakness has been reported in SafeNet Sentinel HASP Run-time Environment, which can be exploited by malicious users to conduct script insertion attacks.
a71253d54fdfdfd708d15e8f5d4d88cb551f34cc184b4542267f2bcad1e7ab45Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Domino, which can be exploited by malicious people to cause a DoS (Denial of Service).
75d99017226395d9746f38b8e0abc6f17797a866441acb4f953b6c482864345eSecunia Security Advisory - A weakness has been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to compromise a user's system.
82db9dc60b9f95db5c02732d92f94c7f23b024331f2d1b70c27fc494c45d8f81Secunia Security Advisory - Vulnerability Lab has discovered multiple vulnerabilities in SpamTitan, which can be exploited by malicious people to conduct cross-site scripting attacks.
83f132b0d1f76b9e7dcd49173ee8eb15d740dc3b3e9e13104ac1ebb2abb29fc8Secunia Security Advisory - A vulnerability has been reported in Cyberoam UTM, which can be exploited by malicious users to conduct SQL injection attacks.
735067ddd19f2fdb48e8b26960088eb72b71ab2c0dd3ab5d7c16d161a9c86d44Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
604b672996dfcfce7a7160332aa6a5ff0ec0742c0cf5782294d6771dcd8d7865Secunia Security Advisory - Ubuntu has issued an update for t1lib. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
f5ed53451ca5b3208b26935446e33541b28fa614a6a4764e824a05dc1eca04e2Secunia Security Advisory - A security issue has been reported in WhatsApp Messenger, which can be exploited by malicious people to disclose potentially sensitive information.
f6dab7cea0114aa4f9a02710e16d749887c9dcf167be5d37f3a8265bd2b3cd7cUbuntu Security Notice 1316-1 - Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges.
70fc8a23e9714c5972c4c937a393b4065ee9b324fc17ba3e3de0f2b5c50e3f77Debian Linux Security Advisory 2368-1 - Several vulnerabilities have been discovered in lighttpd, a small and fast webserver with minimal memory footprint.
f07a24700e2eeea7198aeaf2eec0970239a3a34b71aaa8f180afb3e0a6490a33Secunia Security Advisory - Debian has issued an update for lighttpd. This fixes a weakness and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, or cause a DoS (Denial of Service).
c9b4726d92c95daa7def95f51eb6c9d6f1ee633d8e42b7d2675903353db616d5Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla SeaMonkey, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system.
d96a1d1d14f5fae483e67d3a81dba7844006edd0188acaa7788f53186535e2a5Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, where one has an unknown impact and others can be exploited by malicious people to disclose sensitive information and compromise a user's system.
452e668617ef3bb62e93a3b61e812b6bbcbeadad44084a21ee5ab970f63702bdSecunia Security Advisory - A vulnerability has been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system.
3883b5b4df526065c87fa832186337b859739de4bab03919334bcb9ea5e1340e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed