Interesting write up regarding possible code execution vulnerabilities in Microsoft Internet Explorer due to problems with image decompression and parsing.
8aa59c5262d0659c3680241d1e53f860d9626568c3b86d989d08cba6b374e641Gentoo Linux Security Advisory GLSA 200507-15 - James Bercegay has discovered that the XML-RPC implementation in PHP fails to sanitize input passed in an XML document, which is used in an eval() statement. Versions less than 4.4.0 are affected.
957d243d316ce15bb092f0b014f3dff4abe6629942d9dd158e3b4af0205a4fa7Clever copy versions 2.0 and 2.0a suffer from a cross site scripting flaw in calendar.php.
4eda9d532c37170e251abb6ef9f0a134d2ea8c65a02ef39b80c3169cd29d3476Gentoo Linux Security Advisory GLSA 200507-14 - Several vulnerabilities in Mozilla Firefox allow attacks ranging from execution of script code with elevated privileges to information leak. Versions less than 1.0.5 are affected.
5686c32b0079cf43d2abeaa6faf3a1b94147fdcd6500a78845c2f5defe72a0c0Belkin wireless routers appear to ship with a default telnetd backdoor, password-less administrative account, and other oddities.
c8f42a2384d1c677e46623ba3178aadea7df6cafe55deec144d90f126fab2378It appears that Oracle may have silently fixed additional bugs in their recent security bugfix release.
e0092d5f6bdb2133ade57acba8c98c3d9e47d8cb0d9564b550ca52fec6509e26Secunia Security Advisory - Soroush Dalili and KeHieuHoc have discovered some vulnerabilities in Hosting Controller, which can be exploited by malicious users to gain knowledge of sensitive information, conduct SQL injection attacks, cause a DoS (Denial of Service), or gain escalated privileges.
3993b0ba1133fc94ebd77a7047c719110bbd3ec5e723a20b4304d5de1840c00fSecunia Security Advisory - Leon Juranic has reported a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system.
c47ec8fb2be678f701a6448992d4132ea200901e74c1ed1e3724f34e02be7314Secunia Security Advisory - A security issue has been reported in JRun, which can result in malicious users gaining access to another user's session.
dc4fdb09c76d7e99d06b4a759e5b19145d46250464246522bd503a1ec95fa580Secunia Security Advisory - A vulnerability has been reported in Sophos Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service).
6506efd2a3943845c2b1adfe5fa08141dacbe25326aefda13b0c788bba7cd0ecSecunia Security Advisory - Avaya has acknowledged two vulnerabilities in several products, which can be exploited by malicious, local users to gain knowledge of certain system information or conduct certain actions with escalated privileges.
1bcbb31b86fd28ab683cc6e59c807710d5f0348cb0de66f2799ae52f0826febaSecunia Security Advisory - ][GB][ has discovered a vulnerability in MooseGallery, which can be exploited by malicious people to compromise a vulnerable system.
1bf95d0316cdd643e9a169bc105d4da41465ded24a4727b7378be6e48162a15dSecunia Security Advisory - Avaya has acknowledged two vulnerabilities in Intuity Audix, which can be exploited by malicious people to compromise a user's system.
237446c59fa46bccc7d89d2b98f8b1b81ceba40b6d6342075da040c6850cd47eArticleLive 2005 suffers from authentication bypass, SQL injection, and cross site scripting vulnerabilities.
f9b50e96c9caf7ee8022a754614175015c6871e528929b17c70ff1aa539e24deFishCart 3.1 suffers from multiple SQL injection and cross site scripting flaws.
c023c88e9e8a37a65fd2b6db46305dbbb93476aca0cb1765c8a1a959aa1e5e304 security vulnerabilities surfaced for Mac OS X.
611e1fc379bf33b3470bd4abb0a5b34beb52d4121d4c97e7eda23652c5314c91Winamp is vulnerable to a buffer overflow vulnerability when processing ID3v2 tags of mp3 files. To exploit this vulnerability, a user has to add malformed mp3 file to the Winamp playlist, and play it. The vulnerability was tested on Winamp versions 5.03a, 5.09 and 5.091.
883ada7f9612a1df12849639513fc5cefa2acdd94f5c6810f9f84e4a64a6a23cSmall data extraction utility that is designed for bluetooth hacking.
c3140470e8f7c359635c049129767722a07bd03154dc6f3ff402096ed56a23d8iDEFENSE Security Advisory 07.14.05 - Remote exploitation of a denial of service vulnerability in Sophos Plc.'s Sophos Anti-Virus engine allows attackers to exhaust CPU resources on the target system and prevent further scans.
2a8946c3b9df51b01bc6e379804825998e4fd961626a87001b54c92113fcf935Simple Message Board version 2.0 beta 1 is susceptible to cross site scripting attacks in forum.cfm.
d391fcec0970072da72e616ee4b0bbd39950fc38d7955f1415bf0466102bb435The BitDefender engine versions 1.6.1 and below only scan the first attachment in a message and ignore the rest.
56c9ad446f0c70ecbe1e3e540b0c55c8ba89ae58e8e86485f96db6d6fbebacccMozilla Firefox versions 1.0.4 and below 'Set As Wallpaper' code execution exploit.
cf5c755d38d84ac4c3f08e88ca55a8bdd553231fbfcb823db2f7c3a759435c57Mozilla Firefox versions 1.0.4 and below data: URLs remote script injection exploit.
89eda4acf9868270f57b8ba28509427158fbbe169361ee0058e72ec4082f2dfbMozilla Firefox and Suite setWallpaper() remote code execution exploit.
27adbee5244e42797d153b572619c417e7592513f3f2a5ca0394d31818ab4535SquirrelMail versions 1.4.5-RC1 and below suffer from a variable overwriting flaw that can lead to further security issues.
dd93dad744255baae13b5e7d772f48087ad64980f12a51f292bbf9ebbc089175
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed