Secunia Security Advisory - rPath has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
66d2039639e42dc7cfc6efaaeae6a15cSecunia Security Advisory - Some vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system.
8d1f89ed7811e23baa117ff508d27679Secunia Security Advisory - A vulnerability has been reported in the mod_imagemap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
964b58fd20cf66e9e54ab375191ca601Secunia Security Advisory - Sun has issued an update for Adobe Flash Player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
6395f44f6249dde65cf8d18f6c1cef38Secunia Security Advisory - A vulnerability has been reported in the mod_imap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
ce27aeaa3a203c4b2dca6a243f789fdbiDefense Security Advisory 12.11.07 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s DirectShow could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability exists in the DirectShow SAMI parser, which is implemented in quartz.dll. When the SAMI parser copies parameters into a stack buffer, it does not properly check the length of the parameter. As such, parsing a specially crafted SAMI file can cause a stack-based buffer overflow. This allows an attacker to execute arbitrary code. iDefense has confirmed Microsoft DirectX 7.x and Microsoft DirectX 8.x are vulnerable. Microsoft DirectX 9.0c or newer is not vulnerable.
e693d3582cbe875a9d4d0f14be2e879ciDefense Security Advisory 12.11.07 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code in the context of the current user. The vulnerability lies in the JavaScript setExpression method, which is implemented in mshtml.dll. When malformed parameters are supplied, memory can be corrupted in a way that results in Internet Explorer accessing a previously deleted object. By creating a specially crafted web page, it is possible for an attacker to control the contents of the memory pointed to by the released object. This allows an attacker to execute arbitrary code. As of April 5th, 2007, iDefense testing shows that Internet Explorer 6.0 and Internet Explorer 7.0 with all available security patches are vulnerable. Older versions of Internet Explorer may also be vulnerable.
9c4c580a8e36817b3afe5e7aa86438edOpenStego is a command line tool for image based steganography. It supports embedding of messages or files in 24bpp images.
c7e95145039f2fd6cdffa1b32a757763HP OpenView Network Node Manager version 07.50 CGI remote buffer overflow exploit that spawns a shell on tcp/4444.
b951951b30d381eef1be4d2ef5fcb558ViArt CMS version 3.3.2 suffers from a remote file inclusion vulnerability.
9d1b60b4b11d87b8ca3f41b9ff7e7d59Fastpublish CMS version 1.9999 suffers from a remote file inclusion vulnerability.
906b08f5d6c0ad9d7e1b09adab9a22b9Apple Mac OS X xnu versions 1228.0 and below local kernel denial of service proof of concept exploit.
10a647463477175d18b997a41f947014Aanval Basic is the light-weight alternative to the full Aanval Snort and Syslog. Aanval is the leading web-based snort and syslog interface for correlation, management and reporting. Capable of handling more than 1+ Billion events, Aanval has been protecting Domestic and Foreign Governments, Fortune 50 Enterprises, Global Financial Institutions and local Small Businesses since 2003.
0f963cbf65655c655a4da41870d5650cliveSnort is a simple, yet useful live Snort monitoring web-application that takes advantage of AJAX/Web 2.0 technology to make the task of monitoring and viewing the most recent Snort events easier.
0173424aa299b2701d9e4ed32714c0fdMicrosoft Office 2007's digital signature protection does not protect meta-data.
4344e3549407ac807bc6531c29a6bf52SUSE Security Announcement - The Samba suite is an open-source implementation of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.
82308caf56f9dc3eeeb3831af2756513Debian Security Advisory 1428-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
fefafb29d006c19f1561977674396f15Secunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
d69f5340bce4f8f4835c9127d9ff16c4Secunia Security Advisory - Slackware has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
587b8c6b9eb082b42037be30eda21bd1Secunia Security Advisory - Debian has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
e87b97683a97d3f7089939c77a0d4bd1Secunia Security Advisory - Dave Lewis has reported a vulnerability in Websense Enterprise and Websense Web Security Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
803d29181426e914062e948338cabdb9Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM AIX, which have unknown impacts.
3f341c5952ce1998e43b9e848d5519e5Secunia Security Advisory - A vulnerability has been reported in Red Hat Enterprise Linux, which can be exploited by malicious, local users to gain escalated privileges.
72a44ed29fee0ed9607509b9a1a4b1a5Secunia Security Advisory - Debian has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
be3b577bcd234c99793c20d7474de745A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows with the Message Queuing Service enabled. Authentication is not required to exploit this vulnerability. The specific flaw exists in the RPC interface defined on port 2103 with UUID fdb3a030-065f-11d1-bb9b-00a024ea5525. During the processing of opnum 0x06 the service copies user-supplied information into a fixed length stack buffer. Sending at least 300 bytes will trigger a stack based buffer overflow due to a vulnerable wcscat() call. Exploitation of this issue can result in arbitrary code execution. Affected versions are Windows 2000 SP4 and Windows XP SP2.
1bd474b25aceb117a8378f9633f4f4c3
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed