Jinzora versions 2.1 and prior suffer from a remote file inclusion vulnerability in the include_path variable.
2527675541284430fb894e01ef1257ed30fbf9557a443acc6bdacd4440939fa6ae2 suffers from a remote file inclusion vulnerability in the topdir variable.
4ef8bbf7e0b06f0328a93869aa712116d9446f4c62e9bbc7569bda6cc396282cAlberT-EasySite versions 1.0.a5 and prior suffer from a remote file inclusion vulnerability in the PSA_PATH variable.
f46ae114321cb1830a4f372b7d155e11586888f6a31465a7dabf7be54ce5aa16blueshoes 4.6_public and prior suffers from a remote file inclusion vulnerability in GoogleSearch.php.
bdd005df0ff96cd3f6d9510053b8fd164cf2a0f6c9e127f7c59bb49bc1fcc0baclaroline versions 180rc1 and prior suffer from remote file inclusion vulnerabilities in $includePath.
f7700c12167e1c7473f190162712a8b4ebfb2097c8c7a2eb09067227dd62fa64PHPLibrary 1.5.3 and prior suffers from a remote file inclusion vulnerability in the cfg_dir variable.
59ac1d89218fb5d99ec440e283a8609f960a714806bbfcafdf8de6f8e3e1f2f0Mandriva Linux Security Advisory MDKSA-2006-182: A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel
766b6cacf5aa25daae75546cbbe79ffc46032004f3580c00f2878a40b3447ba8Mandriva Linux Security Advisory MDKSA-2006-181: A vulnerability in python's repr() function was discovered by Benjamin C. Wiley Sittler. It was found that the function did not properly handle UTF-32/UCS-4 strings, so an application that used repr() on certin untrusted data could possibly be exploited to execute arbitrary code with the privileges of the user running the python application.
f568c37bb607a13f3d763acf79a6c1f7a89e7fdb375a0dc4aef06896b983a87fZDI-06-032: Microsoft Office PowerPoint Malformed Slide Notes Rebuilding Vulnerability: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .PPT file.
2d5fe949785fa2cadbfb7877d4851a642b7680bde541dbbdd314ae83ab6ea664ZDI-06-033: Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability: his vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .XLS file.
c8972e819e09bd74adcb3f540ef649405c272bd9463d826f7c4df3f3a2c92b5dZDI-06-034: Microsoft Office Word Malformed Chart Code Execution Vulnerability: This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target user into opening a malicious .XLS file.
dd1f6dc1f5a2a13442053af26d1e6e1e651ac7925d319f2748483cf0fa49cf1cDebian Security Advisory 1194-1: It was discovered that an integer overflow in libwmf, the library to read Windows Metafile Format files, can be exploited to execute arbitrary code if a crafted WMF file is parsed.
7b504799737e91b14189a0e3777d338ec5c54e0405f74a7143168700c1051e7fDebian Security Advisory 1193-1: Several vulnerabilities have been discovered in the X Window System, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:
bb5d9231201529c342810a9fab2a8b4ff096e8bd532d54c29251d653a8687bbbDebian Security Advisory 1195-1: Multiple vulnerabilities have been discovered in the OpenSSL cryptographic software package that could allow an attacker to launch a denial of service attack by exhausting system resources or crashing processes on a victim's computer.
baddbd6ba6b2bf4600abfcfa5ebd67ab59600c3cd7c44e71b2b24041eebf4e44Ubuntu Security Notice 363-1: Luigi Auriemma discovered multiple buffer overflows in libmusicbrainz. When a user made queries to MusicBrainz servers, it was possible for malicious servers, or man-in-the-middle systems posing as servers, to send a crafted reply to the client request and remotely gain access to the user's system with the user's privileges.
12aec75a1258d19a8817eefbcb4f5e9e86c80442377252811af34d96c0a43ad2Ubuntu Security Notice 362-1: php4, php5 vulnerabilities
1f9e9d27ff995dcad2ba28bef37c2ce5c428752facff1d2910d35f84ad841efbUbuntu Security Notice 361-1: mozilla - Various flaws have been reported that allow an attacker to execute arbitrary code with user privileges by tricking the user into opening a malicious URL.
f1d039df02b172145d7dc334d25b2507b89684265027d941d428657641e11de6Ubuntu Security Notice 360-1: awstats did not fully sanitize input, which was passed directly to the user's browser, allowing for an XSS attack. If a user was tricked into following a specially crafted awstats URL, the user's authentication information could be exposed for the domain where awstats was hosted.
687533037d37e384cc94375600b4d361c269e2fca610fc20b2907dbdb647914cSUSE Security Announcement SUSE-SA:2006:059: php4 and php5 suffer from multiple vulnerabilities.
6ffcdcc39d8f410c2119790df2c9d9ad35fb75648bec10441d945fd488b9867fCisco Security Advisory cisco-sa-20061009-csd: Limitations in Cisco Secure Desktop.
1ab5c5b8e86f893b24238bdf1d874e847e78819a01adb428cb343db8dd38f7baphpWebSite 0.10.2 suffers from a remote file inclusion vulnerability in $PHPWS_SOURCE_DIR
69b0e7eaeed8bfe6003cf10faf5ee9889e4bcdc85cc856dce81a8cbb14145ce7sshtime v0.1 is a simple OpenSSH timing attack tool based on expect meant to remotely analyze timing differences in sshd "Permission denied" replies. Depending on OpenSSH version and configuration, it may lead to disclosure of valid usernames.
b57569d93458fb3032f8c9681c5bf741fcd8ec30007b182512af76f3c1f46e56vtiger CRM versions 4.2 and prior suffer from remote file inclusion vulnerabilities in $calpath
8bb7ca11dd8de15375cd021a9f931354fbef3ce158441626085c9516fd4fe232Secunia Security Advisory - nnposter has reported a security issue in SafeWord RemoteAccess, which can be exploited by malicious, local users to disclose sensitive information.
c6a64a75f514f5fa2d662e47f0479ab6ebb5c104834bfbcb86b83ecbff93e966Secunia Security Advisory - mdx and The_Bat_Hacker have reported a vulnerability in n@board, which can be exploited by malicious people to compromise a vulnerable system.
dc8ccbd3fb8f47b01bc49b35b9d70e3a861e6c058d65d6155839e84ec63d9fc7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed