The Icq 2003 client is prone to a local heap overflow vulnerability in the "Answering Service" function due to a lack of bounds checking.
4772ca26764f8ea1899dab21a55d1b2108ceaca9d4d35d45111958e8da941bbcphpMyConferences versions 8.0.2 and prior suffer from remote file inclusion in library.inc.php.
e48cc24252fdda4559107abaa9a15a15ee1dce041de051442263100ae32c0728BytesFall Explorer suffers from an input sanitization vulnerability in login/doLogin.php which can lead to SQL injection. POC included that resets the admin password.
1b3384295cc40582dd6514cbe63d27f8bf11a96926f807aa15b400b9c9371222PoC code that crashes firefox 2.0 possibly leading to remote code execution.
6a394bb1f45d75060115fa3597b610b679c49e34afab8cb2bc7681dea672eb9aSun java System Messenger Express suffers from a cross site scripting vulnerability in the errorHTML function.
b0b711d94cc3648353f66bd772fc93bfea085958fe11461dc4e723f0789a346aArmorize Technologies Security Advisory Armorize-ADV-2006-0007: SQL injection vulnerability in bfExplorer (BytesFall Explorer).
d4fc850f085f535952ad7db44e63b97e8beed75cc1f884bbb1b01c312ada93dfThe Hawking Technology wireless router model WR254-CA contains a hardcoded DNS server address which is used first even when an ISP dns server is specified, thus sending information to a potentially hostile server about what sites you are connecting to.
9f4fd39e150f2af901e9ec487582f9ffd4f14bd0b3e0128e0a41ab5a83f8b215Bcwb 2.5 suffers from multiple remote file inclusion vulnerabilities.
3e85ddb272cc74e59b3669f31524e56f5f65424f532128bdcb563edb913e4b90Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
dcf0c70ab6fc0326e03666acb006f92b59434787881f7c220e30e7519dbb417fInformation on removing hidden field tags in the Paros proxy.
7cb48451f4562612b6998e285237507618c6a04a8ecfa79eaebc9871834f6532Fedora Legacy Update Advisory FLSA:195418 - Updated sendmail packages fix security issue
d781c34567001f2549692a1e8dca57a8d14156b9bf514852283e0a0702bbf577Mandriva Linux Security Advisory MDKSA-2006-194: A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly
04c7cf21eafc42779833f1858a729f7262fbf9ef407015ba0d82677fcac11539Mandriva Linux Security Advisory MDKSA-2006-193: Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c.
a075da044882737ae4b41b0fff9c45e67b2bd7aa97983a7af8befb943fe5f1d3Debian Security Advisory 1202-1: "cstone" and Rich Felker discovered that specially crafted UTF-8 sequences may lead an out of bands memory write when displayed inside the screen terminal multiplexer, allowing denial of service and potentially the execution of arbitrary code.
0336be55907d9761d17e884f264abb9f84a424adbf5dccce23401605deae86d3Debian Security Advisory 1201-1: Several remote vulnerabilities have been discovered in the Ethereal network scanner.
b46aa26df5995bc58ea7da3bd8ffb2ca39b4b56ee0c85b92f2ec96875c324c94HPSBMA02138 SSRT061184 rev.2 - HP OpenView Storage Data Protector, Remote Unauthorized Arbitrary Command Execution
ab365aeb5d56bf9b7582aa1b6eb92c5df41a02a35271b4751585ab881cbf47fbHPSBMA02121 SSRT061157 rev.3 - HP OpenView Storage Data Protector Remote Unauthorized Arbitrary Command Execution
83007e08e4b85103b5e8425df249e09c0808720a87704fd2776069cd4e1f2af2HPSBTU02168 SSRT061237 rev.1 - HP Tru64 UNIX Running gzip, gunzip, and gzcat, Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
80171cf0e01e0460954e0172a2b5381916d7e15031e8ac06f90983f330568ca6Secunia Security Advisory - A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks.
e2de9eb2f2ced82bcd0fccee9b453e904b47e39744c03c0c59ea7b618aee425cSecunia Security Advisory - A vulnerability has been reported in Microsoft Visual Studio, which can be exploited by malicious people to compromise a user's system.
c249229d1dc0dd0d148f1ff37902f05c52b66a57454a1bcb4ca4fd48cd58bbc4Secunia Security Advisory - Soroush Dalili has reported some vulnerabilities in Hosting Controller, which can be exploited by malicious to bypass certain security restrictions and to conduct SQL injection attacks.
b042a300d4615c4960ec0b1518f12384c012fd6fa7d5c88f67f49c8d230e1d9eSecunia Security Advisory - Matdhule has reported some vulnerabilities in P-Book, which can be exploited by malicious people to compromise a vulnerable system.
0f6b7d9d8834cadb38279e278821585c8bd7e9cad5227837ece4de51f1cbd222Secunia Security Advisory - Paisterist has discovered a vulnerability in PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
e0f07f386727ad28f33dcfd3948d2b699676eb16782e918da7169c8d86e13a4eSecunia Security Advisory - Kacper has reported a vulnerability in the Spider Friendly module for phpBB, which can be exploited by malicious people to compromise a vulnerable system.
20e4a98b944e7590f6280538e4320f1da8c70fca65016dcfd1e0806dc223d0edSecunia Security Advisory - Kees Cook has reported a vulnerability in libX11, which can be exploited by malicious, local users to disclose potentially sensitive information.
9c16282892f6e4dab0e24d4c215265b890e9934c417e0cef7c9b21261856888f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed