Exploit the possiblities
Showing 1 - 25 of 549 RSS Feed

Files

PHP 5.4.1 Denial Of Service
Posted Apr 30, 2012
Authored by Manu, Francisco Oca

PHP version 5.4.1 suffers from a getimagesize() denial of service vulnerability.

tags | advisory, denial of service, php
MD5 | 68a4c44a4259c2abef2384dd89541d31
Debian Security Advisory 2462-1
Posted Apr 29, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2462-1 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-0259, CVE-2012-0260, CVE-2012-1185, CVE-2012-1186, CVE-2012-1610, CVE-2012-1798
MD5 | 28f7277a0b451d6eaba7090bbb5fa229
Secunia Security Advisory 48991
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Zingiri Web Shop plugin for WordPress, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
MD5 | b5a73ac632c5575d265c6a38ffc9d854
Secunia Security Advisory 49004
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the nBill component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 8ed01b67be01a2994397b130bd0faada
Secunia Security Advisory 48663
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a security issue in Quest Toad for Data Analysts, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | bc01ce7a001bf957ed33fe295a4e6cc3
Secunia Security Advisory 48988
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - G13 has discovered two vulnerabilities in PHP Volunteer Management, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
MD5 | 7d219928faad92df5c9dc02d27ace282
Secunia Security Advisory 48981
Posted Apr 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for jetty. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | 0c2e4deb319d42af97975663eafb8991
Mandriva Linux Security Advisory 2012-066
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-066 - Security issues were identified and fixed in Mozilla Firefox and Thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. Various other issues were also addressed.

tags | advisory, remote, code execution
systems | linux, mandriva
advisories | CVE-2012-0468, CVE-2012-0467, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0472, CVE-2012-0473, CVE-2012-0474, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2012-0479
MD5 | 2ded3927a0b08285a7c5a07703752ec9
VMware Security Advisory 2012-0008
Posted Apr 27, 2012
Authored by VMware | Site vmware.com

VMware Security Advisory 2012-0008 - VMware ESX updates have been created for the ESX Service Console. The ESX Service Console Operating System (COS) kernel is updated which addresses several security issues in the COS kernel. The ESX Console Operating System (COS) libxml2 rpms are updated to the following versions libxml2-2.6.26-2.1.12.el5_7.2 and libxml2-python-2.6.26-2.1.12.el5_7.2 which addresses several security issues. Various other issues have also been addressed.

tags | advisory, kernel, python
advisories | CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3191, CVE-2011-3905, CVE-2011-3919, CVE-2011-4348, CVE-2012-0028
MD5 | 2c100e23d23700d3afbb62cee7820b04
HP Security Bulletin HPSBPV02754 SSRT100803 2
Posted Apr 27, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02754 SSRT100803 2 - A potential security vulnerability has been identified with certain HP ProCurve 5400 zl switches using a compact flash card which may contain malware content that is a PC trojan executable. The ProCurve switch operating system is not infected with the malware and the content on the compact flash card has no impact on the operation of the switch. Reuse of the compact flash card in a personal computer and manual execution of the malware content could result in a compromise of that system's integrity. Revision 2 of this advisory.

tags | advisory, trojan
advisories | CVE-2012-0133
MD5 | 4d95f4cfc66c0fa4f9c45feaf62536b8
Mandriva Linux Security Advisory 2012-065
Posted Apr 27, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-065 - The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server. The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c. Insufficient validating of upload name leading to corrupted $_FILES indices. Various other issues have also been addressed.

tags | advisory, remote, web, denial of service, arbitrary, cgi, php, sql injection
systems | linux, mandriva
advisories | CVE-2012-0788, CVE-2012-0807, CVE-2012-0830, CVE-2012-0831, CVE-2012-1172
MD5 | d970a7f09cf0264c29f9c880d7bb0874
Ubuntu Security Notice USN-1430-1
Posted Apr 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-1 - Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, CVE-2012-0479, CVE-2011-1187, CVE-2011-3062, CVE-2012-0467, CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2012-0479
MD5 | 2a7fe7717fc5dd39f817e9f1e0686515
Ubuntu Security Notice USN-1430-2
Posted Apr 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1430-2 - USN-1430-1 fixed vulnerabilities in Firefox. This update provides an updated ubufox package for use with the latest Firefox. Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary Kwong, Hilary Hall, Honza Bambas, Jesse Ruderman, Julian Seward, and Olli Pettay discovered memory safety issues affecting Firefox. Aki Helin discovered a use-after-free vulnerability in XPConnect. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0468, CVE-2012-0469, CVE-2012-0470, CVE-2012-0471, CVE-2012-0473, CVE-2012-0474, CVE-2012-0475, CVE-2012-0477, CVE-2012-0478, CVE-2011-3062, CVE-2011-1187, CVE-2012-0479
MD5 | 092b59f748426ab4a4493e9c170da542
Secunia Security Advisory 49010
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - the_storm has reported a vulnerability in Car Portal CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 288db88590b942a5c69a103fa2dc0b5a
Secunia Security Advisory 49003
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Haunt IT has discovered a weakness in eFront, which can be exploited by malicious people to disclose certain system information.

tags | advisory
MD5 | af5de1b8ed43caa37d0d56e3bc1203ac
Secunia Security Advisory 49015
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r@b13$ has reported a vulnerability in TwonkyServer, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 6ba7a0c255f0e8a1a2cc2da3aeb3e286
Secunia Security Advisory 49016
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in TwonkyManager, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | fce0164f6620b735675395e4c935ea62
Secunia Security Advisory 48986
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | 7ae2723df91a871ab1a8268adc7c0192
Secunia Security Advisory 48983
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libpng. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, redhat
MD5 | b740c8059b1b75b665783ccbad6e567f
Secunia Security Advisory 48994
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Haunt IT has discovered a vulnerability in gpEasy CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 6a7f1c3a691f3b2cd7758fdd74592804
Secunia Security Advisory 48959
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has acknowledged some vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise the vulnerable system.

tags | advisory, denial of service, local, vulnerability
MD5 | ed68028d1665d790c24cb4bda7a039da
Secunia Security Advisory 48975
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for spip. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
MD5 | e8e58c5328f881fe016e25e355483ede
Secunia Security Advisory 48977
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged multiple vulnerabilities in HP NonStop Server, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 6a8cc3b3d641d02585c01fbdfb042a6f
Secunia Security Advisory 48997
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Jakub Galczyk has discovered a vulnerability in concrete5, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 9e5bc73fe6d39e84cf64e7465507c6da
Secunia Security Advisory 48935
Posted Apr 27, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the Ubercart module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 78d410b694725a58fa3e4b13ee31beaf
Page 1 of 22
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
NYPD Cops Need A Warrant To Snoop On Your Phone
Posted Nov 17, 2017

tags | headline, government, privacy, usa, phone
Oracle Scrambles To Fix Security Flaws In Tuxedo
Posted Nov 17, 2017

tags | headline, database, flaw, oracle
Github To Devs: Now You'll Get Security Alerts On Flaws In Popular Software Libraries
Posted Nov 17, 2017

tags | headline, flaw
Keystone Pipeline Leaked 210,000 Gallons Of Oil In South Dakota
Posted Nov 17, 2017

tags | headline, flaw
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close