GnuPG versions 1.4.12 and below are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated.
0a3dbb2e061bd0a63a4632c1ff476033b308773427245372f500f2fae7b5b060Debian Linux Security Advisory 2596-1 - Thorsten Glaser discovered that the RSSReader extension for mediawiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the mediawiki pages.
79eaf44e7b6a8917207a8d8381616b357b2d89121c8130a3ba8f445f8ae2b581Debian Linux Security Advisory 2595-1 - Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code.
0a1fc6a70cb480d30676a2fa913e6565780e8080f258871de2065018975eedf6Debian Linux Security Advisory 2594-1 - halfdog discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution, can lead to denial of service.
a0a58e0eb726449c1a5fadf1b3d6d148a4a061ed33d48f5d0628594a9e4ef29cUbuntu Security Notice 1680-1 - It was discovered that MoinMoin did not properly sanitize its input when processing AnyWikiDraw and TWikiDraw actions. A remote attacker with write access could exploit this to overwrite arbitrary files and execute arbitrary code with the privileges of the web server (user 'www-data'). It was discovered that MoinMoin also did not properly sanitize its input when processing the AttachFile action. A remote attacker could exploit this to overwrite files via directory traversal. Various other issues were also addressed.
56353e2537c223147685fa74826d1d32e50546f485b155b80dc6d1e20b5932c9Debian Linux Security Advisory 2593-1 - It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue in being actively exploited.
a2a4e1d7adb26f638f3ab31c219c2be71caa78a1d865d9fc49e5871f7518af5bSecunia Security Advisory - A vulnerability has been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
cc4807b9ab7303ec7a326cad3e55b19a13e0045602a8e1beb9435a20a62a22efDebian Linux Security Advisory 2592-1 - Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.
149c360062a76e5cec29b9d5823b3e815bd95780d8d20666f866ebe907200af3Secunia Security Advisory - SUSE has issued an update for tomcat. This fixes multiple weaknesses, one security issue and three vulnerabilities, which can be exploited by malicious users to manipulate certain data and by malicious people to bypass certain security restrictions, manipulate certain data, gain access to potentially sensitive information, and cause a DoS (Denial of Service).
94b833d5afca567dd8b6f81dfc4de063020f11be6eece639f82752267f247ab6Secunia Security Advisory - A vulnerability has been reported in i-GEN opLYNX, which can be exploited by malicious people to bypass certain security restrictions.
7df638d8ded60fc9cf7d10f7806a26f013d9496308191c5e55e8a9255bb979b2Secunia Security Advisory - SUSE has issued an update for opera. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct spoofing attacks and potentially compromise a user's system.
9f54ac0e01adc9de3accec195e07f5da62202a62726a6e195e0800fda37b3988Secunia Security Advisory - Debian has issued an update for mahara. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct click-jacking, cross-site scripting and request forgery attacks, and disclose potentially sensitive information.
974b033350dc12b02a820eb5ef9cf13746f7ad11ed70d1325b58cde018653c76Secunia Security Advisory - MustLive has discovered a weakness in MODx, which can be exploited by malicious people to determine valid usernames.
c97b887f44cfbeccf1887a3b46bda7830c8562c22efe6ea261fa150b0e1d9942Secunia Security Advisory - Some vulnerabilities have been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
0226e658eee44741ea5e476f646cd0183e9cdf360eaa475ca1783c1d26261e3dSecunia Security Advisory - Multiple vulnerabilities have been reported in IBM InfoSphere Guardium, where one has an unknown impact and the others can be exploited by malicious users to potentially compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
95358346677c36ee4518a6f67c6d78067bacf67efbe0d1c82b19d3d878b66305Secunia Security Advisory - Debian has issued an update for elinks. This fixes a weakness, which can be exploited by malicious people to conduct spoofing attacks.
8c522f343e38303eb3ac3e3871bfebfede5061ee0225e4a45e39b21836f9f0faThe Polycom HDX Video End Points web management interface suffers from a cross site scripting vulnerability.
c33a77f2c171969139be48d5bb5f627a19f1a2eb5aac6100b6844b72341d03acDebian Linux Security Advisory 2591-1 - Multiple security issues have been found in Mahara, an electronic portfolio, weblog, and resume builder, which can result in cross-site scripting, clickjacking or arbitrary file execution.
390bb5471860b52761704077ff7b8ecce39f0e34112b25385a74becd6479363dMandriva Linux Security Advisory 2012-184 - A stack-based buffer overflow was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. The updated packages have been patched to correct this issue.
63bb15678f98d3f88c55fc3fd9fdc5b2ab5cde83476b9ca26866d1e2f13c833bDebian Linux Security Advisory 2590-1 - Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code.
8358c2231282a77c235e3d741a2b73ed644cb0841106bc049aaebc27be235305Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM Rational Functional Tester, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
20fb5fdb5853535438de4f31e4a7ba5e2d5a87ca5902175ae6bae09b3a4ad71dSecunia Security Advisory - A vulnerability has been reported in cPanel, which can be exploited by malicious people to conduct cross-site scripting attacks.
f25333031b6c0a2fe516314619a923ac5a7ec755420487cd7eda2176fdcbaf81Secunia Security Advisory - A vulnerability has been reported in EMC Data Protection Advisor, which can be exploited by malicious people to disclose certain sensitive information.
9f4fc1e569b9318d8a4429c477a69c16ac5cb8642b67681951b1ce26e380b1a8Secunia Security Advisory - A vulnerability has been reported in FreeType, which can be exploited by malicious people to potentially compromise an application using the library.
1c5bc6e202f8040b64fe882300d8e8cab737d0c242b1bc555c13a03c456ff0b9Secunia Security Advisory - Hitachi has acknowledged a vulnerability in multiple products, which can be exploited by malicious people to cause a DoS (Denial of Service).
a0da1db9b47c414190cab764db59d0be8b281d3fbf51e9f1c249e591901541a1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed