Mandriva Linux Security Advisory 2012-026 - Multiple vulnerabilities has been discovered and corrected in postgresql. Permissions on a function called by a trigger are not properly checked. SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.
58823cceba466692ad13c21cdfd598a07b7adba85c277925ad3952248d6683a2
ZipCart version 6.x suffers from an access bypass vulnerability.
0e9f709682d4ce2cc90cfcee885a9245af53e3bf08a6c86a5d9e2949587d7bc2
Cool Aid version 6.x suffers from access bypass and cross site scripting vulnerabilities.
ceaebd230146d69ac1a7302356242e64c1ac00d8647db62d251525c7328404fd
Ubuntu Security Notice 1378-1 - It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. Various other issues were also addressed.
15354f617687e5b1aa22fb70189dc40c214e0a0db7ca57569398efa37eb20a24
Red Hat Security Advisory 2012-0343-01 - The IBM 1.4.2 SR13-FP11 Java release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.
016430a2d87fdded37d3c1af086eef2cd6dd0762d89388c1ddf19287ce40fc47
Ubuntu Security Notice 1380-1 - The linux kernel did not properly account for PTE pages when deciding which task to kill in out of memory conditions. A local, unprivileged could exploit this flaw to cause a denial of service. A flaw was discovered in the TOMOYO LSM's handling of mount system calls. An unprivileged user could oops the system causing a denial of service. A bug was discovered in the Linux kernel's calculation of OOM (Out of memory) scores, that would result in the wrong process being killed. A user could use this to kill the process with the highest OOM score, even if that process belongs to another user or the system. Various other issues were also addressed.
75b2e946d5ac4bde2cd9ccb2f923e5ac56c71eccf01382aa1830ca8d92bf01c6
Ubuntu Security Notice 1379-1 - Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet Group Management Protocol) packets. An unprivileged local user could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's AppArmor security interface when invalid information was written to it. An unprivileged local user could use this to cause a denial of service on the system. Various other issues were also addressed.
d97988a146bf536d15292678f886a31e40031833fe724ea17074beea34a4a56a
Debian Linux Security Advisory 2420-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform.
fa1b83bdce1c8a57ecb30bfd91b17d3c396d3e17e373a4a5a9bbff32d14720f2
MediaFront versions 6.x / 7.x suffer from a cross site scripting vulnerability.
a63b9fbc20dc44405b79e7f717e234f5e14aec187385aa611dc39a17d0ed1753
Secunia Security Advisory - Avaya has acknowledged two vulnerabilities in Avaya Call Management System, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service).
1f715547c89253da8d1acf4950a3f9501fc0fedfac8ee816b63ee0fa48eb9cb2
Secunia Security Advisory - Sony has reported multiple vulnerabilities in WonderDesk SQL, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.
7079b5c38c21caaae92f52f361e785a17d6ade637955b191713c7ac2081c3298
Secunia Security Advisory - SUSE has issued an update for cvs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
51dbc0f5e146535f78b1d568e3c0a5475b2ed5e8007da5d6cf0a69b072ffa1fc
Secunia Security Advisory - Gentoo has issued an update for libvirt. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions, by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system, and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
556b89308ff00f74c9756615147d96c74dfab8fbdf3c41c72353fa32f4efd0f0
Secunia Security Advisory - MustLive has discovered multiple vulnerabilities in Webglimpse, which can be exploited by malicious people to conduct cross-site scripting attacks.
97b0f88939acf8f7e2233e36715f7c71095beb856abaa0632de454e11bfaa14e
Secunia Security Advisory - Debian has issued an update for puppet. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
7bdb040ffabea26ad611a128e4287ef2f96081058bdc69148c5c26f063ecff66
Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.
bdd99dccd465ec4c59bbf42bc1f0b06ef8b4944a9f0c632126074ac0519348ff
Secunia Security Advisory - A vulnerability has been reported in lknSupport, which can be exploited by malicious people to conduct cross-site scripting attacks.
eb7b1ffed316bd18c82a004117834672f5a6455e69dc07f21084922744a61c25
Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
5d0215c01c9edb4b5c3a8e211043e07c71158a977ef76f88cd36cc1ae486071a
Secunia Security Advisory - Debian has issued an update for postgresql-8.4. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing attacks and manipulate certain data.
a356c8dfd2f4d3f04c9117ec71a4866cdca24f61e881128702b7ae0a4d0216bb
Secunia Security Advisory - Ubuntu has issued an update for ruby. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
b4994517a0533c9e5d9f8913133d8955543ede2b7852f647a9e66fcb38167277
Secunia Security Advisory - SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
430f12fd7e6c4b6f2addc7b56d95efe378247b6eb4aee7270b920c64fa15205d
Secunia Security Advisory - A vulnerability has been reported in Sagem F@st 2604, which can be exploited by malicious people to conduct cross-site request forgery attacks.
4931ce691f51e6ca1b08cbc8b5155dadfd5dcc6e99d44670860333e7cbed9f56
Secunia Security Advisory - SecPod Research Team has discovered two vulnerabilities in NetDecision, which can be exploited by malicious people to disclose potentially sensitive information and potentially compromise a vulnerable system.
0c05eb30dd680a077471b22af71f1a8501656adf27031733edee442aa3359a9d
Secunia Security Advisory - Sense of Security has reported a security issue and a vulnerability in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.
9d55a5c4cc119aba5c9ab9d76cce3f9611f9d1be5e38cbfe9ee8fc2efafed802
Secunia Security Advisory - Sense of Security has reported a security issue in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.
52fd7d90f18e1af4afd57abcfc7e0a98cc2f675e2689ddcf564d0e2a43c57ede