Debian Linux Security Advisory 2566-1 - It was discovered that Exim, a mail transport agent, is not properly handling the decoding of DNS records for DKIM. Specifically, crafted records can yield to a heap-based buffer overflow. An attacker can exploit this flaw to execute arbitrary code.
db45c689499a88f8489df5e20ca7f2308465812b000bd38146acd009a2dd42a1Ubuntu Security Notice 1618-1 - It was discovered that Exim incorrectly handled DKIM DNS decoding. This flaw could allow a remote attacker to execute arbitrary code.
1aa6092f2eedee2d304f571946cd33139c425f5a72ba8acf5eae714670a9a625HP Security Bulletin HPSBHF02819 SSRT100920 2 - Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information. Revision 2 of this advisory.
2f87c33b828e020cdb66b95f0a1edc648b9834e9463fc9faa3800051d0ebb479Secunia Security Advisory - Multiple vulnerabilities have been reported in RT (Request Tracker), which can be exploited by malicious users to conduct spoofing attacks, bypass certain security restrictions, and compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks.
a9f06ccd5aea0f426f7cb12153f508a48448f0da569e765493850ba101a89589Secunia Security Advisory - A vulnerability has been reported in Tiki Wiki CMS/Groupware, which can be exploited by malicious people to compromise a vulnerable system.
7c964638da5724eca3075f66ed85d4d2652e36e4ca63e53d3a629dd606ba421bSecunia Security Advisory - A vulnerability with an unknown impact has been reported in IP.Board.
edd99b7b12ff5a64ebf8529969608aedf1cd0390b3c5447559ce8f014112f0bcSecunia Security Advisory - A vulnerability has been reported in the Freestyle Testimonials component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
ed966d17b4076a47715570c7fb46805172f51ef83ca9db49a94c5bb9fbc5b748Secunia Security Advisory - A vulnerability has been reported in the MailChimp module for Drupal, which can be exploited by malicious people to conduct script insertion attacks.
f7d638b68d48983b68bdae6f70d5b92b0281d962c23c667dcf2afaf608a61655Secunia Security Advisory - A vulnerability has been reported in Exim, which can be exploited by malicious people to compromise a vulnerable system.
87e77cb2bf239740588dd767f70ccc60934e0cf1d53394bf1386666496682881Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
046feecf04db454951b9c9f8f9ae805df204b678507e1552143272013e20b1dbUbuntu Security Notice 1617-1 - A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
9535b72b28c87a09126bf9f6a5e5371f2b85f0c2a84f7ff222d496b9694461e5Drupal MailChimp third party module version 7.x suffers from a cross site scripting vulnerability.
f3f278c3015df5f15e0cb152e82650a5ee9497958bd4a900e7edc2e66be4dfdaThe VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE / JDK 7u7 and below are affected. The vulnerability is caused by a memory corruption error within the "t2k.dll" component when processing certain glyph elements within a Font file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
66dc6819b2fe3e487c6074ac50782425eb1e8e4d69820a4cb144ef9adcd00ea1HP Security Bulletin HPSBUX02824 SSRT100970 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote execution of arbitrary code and other vulnerabilities. Revision 1 of this advisory.
78f272422d048e4e353a3f120e9e9677eea2dbf0861182ca760963e7f7893d0eDrupal Time Spent third party module versions 6.x and 7.x suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
2df973f2a15a6e618c72e67e0bd048acde9269ee5bdef3678b3179a29ed6aeb6The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE/JDK 7u7 and below are affected. The vulnerability is caused by a heap overflow error within the "t2k.dll" component when processing a malformed "maxPointCount" field within a Font, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
d9af8230d41a685d5e7bb40755a541e997054f9dc783a564ea76685d82b0f2cdUbuntu Security Notice 1616-1 - It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. This issue only affected Ubuntu 10.04 LTS. It was discovered that the audioop module did not correctly perform input validation. If a user or automated system were tricked into opening a crafted audio file, an attacker could cause a denial of service via application crash. These issues only affected Ubuntu 10.04 LTS. Various other issues were also addressed.
1931d6208c03b7c6be3e7c9a1e3f736d6f4ffc3c455852a5625822b4d83fefbeSecunia Security Advisory - Multiple vulnerabilities have discovered in the Poll plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
455fccc89e3040b1c235441dbde5aa98a6de2b96e00f7a2a02d6f90e8a35a4f2Secunia Security Advisory - Janek Vind has discovered multiple vulnerabilities in phpMyBitTorrent, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to disclose sensitive information and conduct cross-site scripting and SQL injection attacks.
53fa64da5dd0648e308ea955ab652574925e5f3e36273aaf934d88bd94d27f9fSecunia Security Advisory - A vulnerability has been discovered in ManageEngine SupportCenter Plus, which can be exploited by malicious people to conduct cross-site scripting attacks.
2a3b28993512806dc4f54fb2381ba2b7940312a3421e945e36442567a24e7a75Secunia Security Advisory - Multiple vulnerabilities have been discovered in bitweaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
cb57afab30e60d42d505ad49991abdd79dd346a49e0ab029f4c557f07d141ae3Secunia Security Advisory - A security issue and some vulnerabilities have been reported in Liferay Portal, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions and by malicious people to bypass certain security restrictions.
2e22d562ee582ca39eed1bfd2791c7ab77388599ea15ccd64e29cdc14f131cf2Secunia Security Advisory - Oracle has acknowledged a vulnerability in BIND included in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
377fcec8ccb5d3afaa3b2a0c5da9fff73b7a783db9ac69d7f3074cd1a64e4adcSecunia Security Advisory - HP has issued an update for BIND in HP-UX. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
159b13700d34bdb42ac319914b7e934f3c797e944822925df7e008353bd35ca8Secunia Security Advisory - A security issue has been reported in JetPort 5600, which can be exploited by malicious people to compromise a vulnerable device.
f103fc42db133ea79bf8f583dc73e7319850dc5b14089aff2f8bbfa9a6349c4d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed