Secunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Message Filter, which can be exploited by malicious people to disclose sensitive information, conduct session fixation, cross-site scripting, and cross-site request forgery attacks.
5f498972f45a98052b0d2584cd3edfcd8377be6ddb5d6e5e30d33ac190f533c3Secunia Security Advisory - A vulnerability has been discovered in the Website FAQ plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
c8e9fb5283788ed22bbefb1180a07cfcfa306903014b65a7c20726ab8fc2aaecSecunia Security Advisory - Some vulnerabilities have been discovered in the SS Quiz plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks and bypass certain security restrictions.
43b9148dc362a06892fb954f3d4a3a9e98c4d0dace30ed21f470735f2141ac54Secunia Security Advisory - Multiple vulnerabilities have been reported in HP System Management Homepage, where some have unknown impacts and others can be exploited by malicious, local users to gain escalated privileges and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, hijack a user's session, cause a DoS (Denial of Service), bypass certain security restrictions, manipulate certain data, and compromise a vulnerable system.
1ac283c2410ab42b9b401e8e4a6f341cc1d55d6ee02b43e197ec96b370c568abSecunia Security Advisory - Slackware has issued an update for freetype. This fixes multiple vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library.
49d01cc1b7feb9ff73ac9c468658809d42ba911207ffa34ab28ade290a2bd0ceSecunia Security Advisory - Gentoo has issued an update for pam. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, perform certain actions with escalated privileges, and potentially gain escalated privileges.
9bb3a993d3d4680ba299f484f5fdefe0b8a01b5f221ffd33879e2271cbca4834Secunia Security Advisory - A vulnerability has been reported in Apache Roller, which can be exploited by malicious people to conduct cross-site request forgery attacks.
917313a6f7629cd9857192c1be48db0101dd3a74dd37bc5c24555e49d8e82b75Secunia Security Advisory - Gentoo has issued an update for links. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
adb6532c3423da89e39ba4b5a1d845ea7d92a072b7129d1f48b8aae3685d0f6fSecunia Security Advisory - Gentoo has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
f7402d2aa539b8e516df12a70d30dd630319c5ad5a16ff66cd2dbb2d2b488b73Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
27c3010c51af2e6af8a3eb49c03f2cde1fa060c89e5a42e894b3592244bc6faaSecunia Security Advisory - Emilio Pinna has discovered two vulnerabilities in FCKeditor, which can be exploited by malicious people to conduct cross-site scripting attacks.
090a8ed3b25fd3e44538f03afd6e51c47a7cefa135a4e62e91ce1fce226b8c0aSecunia Security Advisory - Sammy Forgit has discovered a vulnerability in UmaPresence, which can be exploited by malicious people to compromise a vulnerable system.
da496532e70179d271b56f51316425876fdcc6e86a4f25d838cbac27b2f0904bSecunia Security Advisory - Gentoo has issued an update for nbd. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
2c93e07de2dcfb398c809449fc3bf5c1d598c61ce6684c8a77b0555fd3017e4fSecunia Security Advisory - Gentoo has issued an update for msmtp. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
757d7a63adef981a03c0fefc6b9d8aeebe847528c22bc17398e040456c98727aHP Security Bulletin HPSBMU02792 SSRT100820 2 - A potential security vulnerability has been identified with HP Business Service Management (BSM) . The vulnerability could be remotely exploited to allow unauthorized disclosure of information, unauthorized modification, and Denial of Service (DoS) Revision 2 of this advisory.
02ada30c5b2b25138587bce2855554d1cb43092030ae3f9bb9451f0ed3b6029cOpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.
4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02Slackware Security Advisory - New freetype packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
41cb6e0675fc04dd566d6c6376f8c6fa71e90af8d43606c5430c148c6702b020Red Hat Security Advisory 2012-1041-01 - Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way Red Hat Directory Server handled password changes. If an LDAP user had changed their password, and the directory server had not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute. It was found that when the password for an LDAP user was changed, and audit logging was enabled, the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on", prevents Red Hat Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif".
02001d1e71ee84e1ac827dd563294cf7f71f0d1e542e4d2379a601515d3d2c88Red Hat Security Advisory 2012-1043-01 - libwpd is a library for reading and converting Corel WordPerfect Office documents. A buffer overflow flaw was found in the way libwpd processed certain Corel WordPerfect Office documents. An attacker could provide a specially-crafted .wpd file that, when opened in an application linked against libwpd, such as OpenOffice.org, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All libwpd users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications that are linked against libwpd must be restarted for this update to take effect.
e23252ae448c1a44a7f03eeeafc940ab7c8d750681fe5a9dbffb9731f0bfe7c1Red Hat Security Advisory 2012-1042-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. It was found that the kvm_vm_ioctl_assign_device() function in the KVM subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A local, unprivileged user on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing.
40cee47ca38fd36212e40e2fc4e2a93d9ca6eec1d81c1a7cbc0f4200899d8b20Secunia Security Advisory - SEC Consult has reported a vulnerability in Zend Framework, which can be exploited by malicious people to disclose sensitive information.
f4599f9fbc1c8138c26b70bb8b8f2a39bee051ef689b31973dd31abcdb907d75Secunia Security Advisory - Red Hat has issued an update for postgresql and postgresql84. This fixes a weakness, which can be exploited by malicious people to conduct brute force attacks.
de8d3cad81f77cdaa5b68ba7f61935e32af28f8771201960e2a4790449adbe53Secunia Security Advisory - Sense of Security has reported multiple vulnerabilities in Squiz Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.
f7464bd473216b5acea9d5fc7715ef19e6de04eb18ffa6e7aed4f19a3e0d2effSecunia Security Advisory - A vulnerability has been reported in Support Tickets MyTickets, which can be exploited by malicious people to conduct SQL injection attacks.
edb65b1bfb040891e601d335ffe29552ae2aa23ae6031499d53fd544ef9ff755Secunia Security Advisory - Gitsnik has discovered a vulnerability in SoftPerfect Bandwidth Manager, which can be exploited by malicious people to disclose potentially sensitive information.
b37fea7757d55b4644158b61b201ed2a45b2ac680e329f4b0ab07affdbf64f8e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed