Secunia Security Advisory - A vulnerability has been discovered in the ccNewsletter component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
be98197b175615c957bf8d244d36418865e2d8aa9e58b058ffd27b84e72c8065Secunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
e89cc55c800a9fecf8d623c74e9813fd12eaefe5f7e8814b7f0e7b59c67d88e1Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks and compromise a user's system.
5a2368045e82a77a0262000a31d0422d31852d6f78aa9765e088d16c1612555bSecunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.
5607ce9474a04bfce016db1615431e6d393208854754140a814b7bc0ea6c7fb3Secunia Security Advisory - A vulnerability has been reported in Argyll Color Management System, which can be exploited by malicious people to compromise an application using the library.
e4d7c8b802c175d8de17988d64ae87f5aae313b7547012400357a35dc7fbfd88Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.
9cbfe929e9398dd9248ad996daf1deb697c52d045e782197d31c54ca1ab25008Secunia Security Advisory - Some weaknesses have been reported in the ShareYourCart plugin for WordPress, which can be exploited by malicious people to disclose certain system information.
b1d3433c7c9cf2ec2b4351ad606e30145aa6ecaf79e5e152c3b9fa1439880781Secunia Security Advisory - A vulnerability has been reported in bind-dyndb-ldap, which can be exploited by malicious users to cause a DoS (Denial of Service).
12f28c886dedb82dafc5fdd7b4ff63273ed748df3682023577cb3f469978bb3bDrupal Linkit module version 7.x suffers from an access bypass vulnerability.
efc81d938cddf7b5703159d40aae904f3759e7900541b5a8edcdd9c2d8882401Drupal Spaces module version 6.x suffers from an access bypass vulnerability.
347ac91feb7acc6375b733a9114268dd653f58fb484c9eedc306f8462aec4fd9Drupal Site Documentation version 6.x suffers from an information disclosure vulnerability.
4deadfa9ab12cae4f4a040ed36b5884ad4ff166adbf02566eb2e9c63746223a7Drupal Ubercart module versions 6.x and 7.x suffers from code execution and cross site scripting vulnerabilities.
8ad5e51b2e8211b46a86fd0884c4432816a13267ddf774999bf5b42ae172622aDrupal RealName module version 6.x suffers from a cross site scripting vulnerability.
ac32848d9a2bea11a8b9268c408786c21c6630e8ea7f32e8da717fb8ab2000c7Drupal Creative Commons module version 6.x suffers from a cross site scripting vulnerability.
cd7543b39866fa90a05ae4e94480fc308d2a02154efdb0ede21f8750010f1192Debian Linux Security Advisory 2454-2 - Tomas Hoger, Red Hat, discovered that the fix for CVE-2012-2110 for the 0.9.8 series of OpenSSL was incomplete. It has been assigned the CVE-2012-2131 identifier.
7e348a26b106449f52510f57388768abb0d395544cec547906f51111b437e856Red Hat Security Advisory 2012-0523-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A heap-based buffer overflow flaw was found in the way libpng processed tEXt chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libpng should upgrade to these updated packages, which correct this issue. For Red Hat Enterprise Linux 5, they contain a backported patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version 1.2.49. All running applications using libpng must be restarted for the update to take effect.
ff4ede8dc43b0b73e973f833df2aeefc71ad1e57b3a9db116767dd97722d5999Debian Linux Security Advisory 2460-1 - Several vulnerabilities were discovered in the Asterisk PBX and telephony toolkit.
90ac813962f844ca8939a8b64ac607c95c83938e1adac515d296dc2a4e24ef63Red Hat Security Advisory 2012-0522-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 data from BIO inputs. Specially-crafted DER encoded data read from a file or other BIO input could cause an application using the OpenSSL library to crash or, potentially, execute arbitrary code.
51fbde2a46cf9e365819ced0a0b997025187b272c419e02e9e8719e01c4eb801Secunia Security Advisory - High-Tech Bridge SA has discovered some vulnerabilities in Piwigo, which can be exploited by malicious people to conduct cross-site scripting attacks.
ca4c88a696c0cc9fd89674d8023d4dcc0465f1fa33db25d5f4267583c10eaccaSecunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain sensitive information, and compromise a user's system.
caef6f0fabf69a0c8cfd624e7da7b7c89a1b6a44dd1e8b8456269e3e1c959b66Secunia Security Advisory - Multiple vulnerabilities are reported in multiple IBM Rational products, which can be exploited by malicious users to disclose sensitive information and conduct session fixation and script insertion attacks and by malicious people to disclose sensitive information, overwrite arbitrary files, conduct cross-site request forgery and spoofing attacks, and compromise a vulnerable system.
d4a69a9fe21d523dd8643366637bfc6a3ede3833ad6dbf9a329ef970085f2649Secunia Security Advisory - Debian has issued an update for iceape. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.
a938d418491b6c5a61cd539da6a54633f7594a5a2d336f9651f89a77735352fcDebian Linux Security Advisory 2458-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.
63ce617ad4207fc9f6f56c8d68d84d9f42707e256fcf4c53016b892111eca303Red Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.
4c2d7e867f2236c82154ad3fdca5b623e021c311c49562d7e1ef097fb83249f5Mandriva Linux Security Advisory 2012-064 - It was discovered that the fix for was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue.
ec7a43232cc989e79b3501b0f69ac7ec5d682e3b543f7d254621488da11de02d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed