Secunia Security Advisory - Fedora has issued an update for blam. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
d3beef3dc5fb16af43760a1add01266a9ff1e880919906c4c1ee2bbdbfd3fc16TikiWiki versions 1.9.8.1 and below suffer from cross site scripting and local file inclusion vulnerabilities.
68726f8d13e39d891bbfd7200d0bf47bc2dafef0620f7b3b69d127005a1a3b33shttp versions 0.0.4 and below suffer from a directory traversal vulnerability.
96dcb3185fdd805ccc84a3053fe448614dd1377269b4cbb46a38fe1835580bb2iDefense Security Advisory 10.25.07 - Local exploitation of a buffer overflow vulnerability within Tmxpflt.sys, as included with Trend Micro Inc.'s AntiVirus engine, could allow an attacker to execute arbitrary code in kernel context. iDefense Labs has confirmed the existence of this vulnerability in following Trend Micro Products: Trend Micro's PC-Cillin Internet Security 2007, Tmxpflt.sys version 8.320.1004 and 8.500.0.1002. All products using Trend Micro's scan engine such as Trend Micro ServerProtect, Trend Micro OfficeScan are also suspected to be vulnerable.
b314be90bd52c861475b0bc304415f6bb6eefe9113b790ec7a615f586d84fc43i-Gallery version 3.4 suffers from a direct database download vulnerability.
9f1e4859ed61dc7769548528789c55e3249f326bf19913d77a2c6ea8dffac8caThe helpdesk utility called usd250 suffers from a cross site scripting vulnerability.
68208b8694df5e6a681f5078da14221c75ded411ff2a9c44084035c3577c90c5Secunia Security Advisory - Fedora has issued an update for epiphany-extensions. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
6a88c1659be6ab6610825ca1d009e8a4a536c1defdbaeea2766f28fd638b7ba4Secunia Security Advisory - A vulnerability has been reported in HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM), which can be exploited by malicious people to disclose potentially sensitive information.
410f3555675831091012476e6488932b8b919bbf048056bad16b298905466321Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
b548449f5350373e73e84b13c632e114818a933a220e4ef993f9ec6ff9ae151cSecunia Security Advisory - rPath has issued an update for php, php-mysql and php-pgsql. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
930338ddee1b8873509e8126305a88a7a10f6eb1f1e459091ab18579ca0a082aSecunia Security Advisory - Aria-Security Team have reported some vulnerabilities in CodeWidgets.com Online Event Registration Template, which can be exploited by malicious people to conduct SQL injection attacks.
2decc31480700d4b5a29998937a2d34fa12c004e4a26f2fe2177554bc241f1c1Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
83afc8ed5ef376653f86a0e2ee0defd06826a3f6d42ea4c540af4e0ffafe6b4aGentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.
eab1acd588148e6adf677900e62f05bdaf7074c1aa70850b6845ac89dbdd0b41Gentoo Linux Security Advisory GLSA 200710-26 - Kees Cook from the Ubuntu Security team discovered that the hpssd daemon does not correctly validate user supplied data before passing it to a popen3() call. Versions less than 2.7.9-r1 are affected.
012b7d4d52e8e4e09de2bdfd2094c95d865d951d644213ac90d25fd0f76d71b8Gentoo Linux Security Advisory GLSA 200710-25 - The Gentoo MLDonkey ebuild adds a user to the system named p2p so that the MLDonkey service can run under a user with low privileges. This user is created with a valid login shell and no password. Versions less than 2.9.0-r3 are affected.
a9cc2c13b2f25aae4cc6e67d85ce50710789974a348bb9ba2658c94d72f28fafDebian Security Advisory 1389-2 - It was discovered that zoph, a web based photo management system, performs insufficient input sanitizing, which allows SQL injection. This is an updated advisory to make the update for oldstable (sarge) available, which had been uploaded to the wrong suite.
f8ca2fb7175e3642e21336e27e8c6c2a603a8d477089fb70cb2b30e87dddd8ebTechnical Cyber Security Alert TA07-297B - Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
cc3fbb5692b6ba90a94d59bd1b329f210cbcbfa34f116d9a4982522bd7c7cbe7Technical Cyber Security Alert TA07-297A - RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist parameter passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
59aff07fbc7cb248a79460c34338a09f4c05f561284997fab82a6468a04eb42biDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability within IBM Corp.'s Lotus Domino allows attackers to execute arbitrary code in the context of the IMAP service. iDefense has confirmed the existence of this vulnerability within version 7.0.2.2 of Lotus Domino running on Linux as well as Windows Server 2003. Previous versions, as well as builds for other platforms, are suspected to be vulnerable.
0304708cfc410b15aed0f23fd4996567832c37b86e490498dffe944a48c6632biDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability in IBM Corp.'s Lotus Notes mail user agent could allow attackers to execute arbitrary code in the context of the current user. iDefense confirmed the existence of this vulnerability in version 7.0.2 of IBM Corp.'s Lotus Notes. Additionally, versions 6.5.1, 6.5.3 and 7.0.1 were reported to be vulnerable. Other versions are suspected to be vulnerable.
767bfa82660c5dc3967cefdd0c2303cc5f98f866a5e4da72f0ffc96d87cc593aHP Security Bulletin - A potential vulnerability has been identified with HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) running httpd.tkd. The vulnerability could be exploited to allow remote unauthorized access to data.
61fbeffc4e9eabfcc5445b208a1bd69ee3ba35f93ef9f74c01f52c729344cd0aCREApark Gold Key Portali suffers from a cross site scripting vulnerability.
81768f9c239124a3e7f918a10406ca909e8efc66733de3e90a2b2e46947591acThe RSA KEON Registration Authority Web Interface suffers from multiple cross site scripting vulnerabilities. Version 1.0 is susceptible.
26c310be669771da1384f9cf1a2df0bcb062948b01a68a3476d898341ac35511BosMarket and BosNews version 4 suffer from cross site scripting vulnerabilities.
dc4dc3f8a5baebbe1657bdcf31407c21d49b21ef89c35fc070879e3dcd92147eThe OpenSUSE Workflow Administration and Management Platform is vulnerable to cross site scripting attacks.
e35626f6c975599cf00e1370b81fa300425b54d2d5184fc6d6e2a02776ca97c8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed