seeing is believing
Showing 1 - 25 of 552 RSS Feed

Files

Zero Day Initiative Advisory 12-020
Posted Jan 31, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2012-0189
MD5 | bc2a6396ce132c167f3e02fe5e0874bb
Zero Day Initiative Advisory 12-019
Posted Jan 31, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2012-0188
MD5 | d0dcbc9682d2fa02fba911b37eadea42
Mandriva Linux Security Advisory 2012-011
Posted Jan 31, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-0050
MD5 | 401bd9d16e9029659f39db64d93b731d
Debian Security Advisory 2398-1
Posted Jan 31, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2398-1 - Several vulnerabilities have been discovered in Curl, an URL transfer library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3389, CVE-2012-0036
MD5 | c95ecedbb71b86ff645dc34a026ce3a1
Gentoo Linux Security Advisory 201201-19
Posted Jan 31, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0570, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0588, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0605, CVE-2011-0606, CVE-2011-2130
MD5 | 5fbcd6733c04d9d6fff335b1ba60696d
Gentoo Linux Security Advisory 201201-18
Posted Jan 31, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-18 - Multiple vulnerabilities in bip might allow remote unauthenticated attackers to cause a Denial of Service or possibly execute arbitrary code. Versions less than 0.8.8-r1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-3071, CVE-2012-0806
MD5 | 99e30f4c071310e9bb02e27821694a6e
Red Hat Security Advisory 2012-0071-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.

tags | advisory, web, php
systems | linux, redhat
advisories | CVE-2011-0708, CVE-2011-1466, CVE-2011-2202, CVE-2011-4566, CVE-2011-4885
MD5 | 44d81ae92adf7850ee1f492269f37d84
Red Hat Security Advisory 2012-0070-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0070-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, ruby
systems | linux, redhat
advisories | CVE-2011-3009, CVE-2011-4815
MD5 | d315ce01d286f71b01b0b81eb34f1950
Red Hat Security Advisory 2012-0069-01
Posted Jan 30, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0069-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.

tags | advisory, denial of service, ruby
systems | linux, redhat
advisories | CVE-2011-4815
MD5 | ef371079c7969e4ffda3cb3dc3bff183
Debian Security Advisory 2397-1
Posted Jan 30, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-4599
MD5 | 34098d57e9d12d3b3947c2fb58c89cf8
Gentoo Linux Security Advisory 201201-17
Posted Jan 30, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-17 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 16.0.912.77 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3924, CVE-2011-3925, CVE-2011-3926, CVE-2011-3927, CVE-2011-3928
MD5 | 23d9709d773251cea2af43e3f01f8d78
Secunia Security Advisory 47782
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | ef906d38584e851acc7d8c6778fc5f09
Secunia Security Advisory 47605
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | a9fc2c0206a18e003747bad81aaab5da
Secunia Security Advisory 47670
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 9fa75d56644707dcc051b2369694c2d1
Secunia Security Advisory 47731
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 682990bd01bf5789932b98b1652c542f
Secunia Security Advisory 47691
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in DClassifieds, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 59be80cb2df4a9dcd2c9ae026b775b73
Secunia Security Advisory 47779
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Apache HTTP Server, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, web, denial of service, vulnerability
MD5 | 81e1afee468a9e47ae3ccb813dd9868c
Secunia Security Advisory 47721
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.

tags | advisory, local
systems | linux, debian
MD5 | 8d187aeb5bdef44b7b618dab5f1cd5c5
Secunia Security Advisory 47763
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b26827a79879aa68d5077e622c26b1c9
Secunia Security Advisory 47765
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | 0478b5d7b8d2ec3a80e032d26a7c8a58
Secunia Security Advisory 47803
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ogro has reported a vulnerability in Ada Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
MD5 | 7bad5d2267e5f2e79c4aacac586cd5fa
Secunia Security Advisory 47714
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for icu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, debian
MD5 | 7e7d878fb20c16f3b84a1371557e6587
Secunia Security Advisory 47719
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for xkeyboard-config. This fixes a weakness, which can be exploited by malicious people with physical access to bypass certain security restrictions.

tags | advisory
systems | linux, gentoo
MD5 | 6dfc937751e1feff1e6651cc1ad20eb6
Secunia Security Advisory 47726
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
MD5 | f9e90cebb5803a47ec27ec65f799e9be
Secunia Security Advisory 47717
Posted Jan 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for chromium. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 71fb59fe366e196a4ea5a0819eb39f40
Page 1 of 23
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
Child Safety Smartwatches Easy To Hack, Watchdog Says
Posted Oct 18, 2017

tags | headline, privacy, flaw
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Microsoft Never Disclosed 2013 Hack Of Secret Vulnerability Database
Posted Oct 18, 2017

tags | headline, hacker, microsoft, data loss, flaw
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close