Debian Security Advisory 1555-1 - It was discovered that crashes in the Javascript engine of Iceweasel, an unbranded version of the Firefox browser could potentially lead to the execution of arbitrary code.
bb1c01e4dfd91ff00aa736f566f6c209a0be7db277bd92e3d4d2fee46aaf25fdThe Joomla Filiale component version 1.0.4 suffers from a SQL injection vulnerability in index.php.
ef19e84f90b9b23b80a3e76cde76ca7066f275ccc8f04bdd3668de1fe05bd8eaWeb Calendar versions 4.1 and below blind SQL injection exploit.
0866b749c97f5d9f9a1dee969135913050291ee328e128627ae542caa88c78ceThe WordPress Spreadsheet plugin version 0.6 and below suffer from a SQL injection vulnerability.
70b9e3bccedcf79e3662985dbb63638fafad00e71bf15d96da5fc230c6e50257E RESERV version 2.1 suffers from a SQL injection vulnerability in index.php.
9d6c746a746d5bcc7407dd798d30dc5e4caf0528b4580f4b439ece5eab56791cZune Software ActiveX related arbitrary file overwrite exploit.
fe07915ea8161712a729864dee7930c34e64a1c67abce03d0a522c2e42c6c235Gentoo Linux Security Advisory GLSA 200804-26 - Openfire's connection manager in the file ConnectionManagerImpl.java cannot handle clients that fail to read messages, and has no limit on their session's send buffer. Versions less than 3.5.0 are affected.
9a173c75bcff99a26196d7432b49d5f697e8e5a626c7c27b72c52d13592aae9dGentoo Linux Security Advisory GLSA 200804-25 - Multiple vulnerabilities were found in VLC, allowing for the execution of arbitrary code. Versions less than 0.8.6f are affected.
733c1ed79b59af467f3202cfcca6cf46127798c0785059ffd164115fb1fb23faSQL Playground (SP) is a tool written in Perl that aims to exploit SQL injection vulnerabilities while presenting itself in a command line shell. Full paper provided to explain use.
75be991fcf358733f7aba32f37159a14403e1e0a1f2ac6105973847c1f6b3010Horde Webmail suffers from a cross site scripting vulnerability in addevent.php.
8bab3be0ae71488b8fa438d28d35ffcf680a84400d8b911e4b97523ae6599f43Secunia Security Advisory - TsukasaGenesis and Ajax have reported a vulnerability in KwsPHP, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people to disclose sensitive information.
59e4c4910be95e8c3721700f5dfa34f06db9822b70818ea18898fa6f25d50240Secunia Security Advisory - Russ McRee has reported a vulnerability in ContRay, which can be exploited by malicious people to conduct cross-site scripting attacks.
0365520df87efdf6ed6a2d81da8fa2d2afc150f65226b3f611d82030eda9cf8aSecunia Security Advisory - A security issue has been reported in grsecurity, which can be exploited by malicious, local users to bypass certain security restrictions.
8dab0b4c7a335d484baa2dfd5c9124b90e56c1cdcad10367a152b6f8d01ac1d1Asterisk Project Security Advisory - Javantea found multiple security issues in IAX2 including an incomplete 3-way handshake.
add784c1721895efd2acb383b937c9caa5e879556f5ec5e543e6590f319908a8Debian Security Advisory 1554-1 - Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser.
8890ad167551dccfe911cc93b3561f8bce5a0af820c5c05f61dd5edddef1f150Write up discussing the default key algorithm used in Thompson and BT Home Hub routers.
e9078db23cd811510dd6bf8d8871f2705feaf45194a34d289de4ad6fd8aa3564Simple SSH brute forcing utility written in Python using pexpect and pxssh.
02d031c453b64cacc9fb409d2fa59a01da0a406b6350b88ceda6fd841f6c433dSerendipity version 1.3 suffers from cross site scripting vulnerabilities in the referrer plugin and installer.
25a716caa89c016ca24d532a7d1b04d94cf20e36557d232ea4afb38aacaa2e77Ubuntu Security Notice 602-1 - Flaws were discovered in Firefox which could lead to crashes during JavaScript garbage collection. If a user were tricked into opening a malicious web page, an attacker may be able to crash the browser or possibly execute arbitrary code with the user's privileges.
a47128269ae4e622432ae0c98b30d3822d94df8b22706b01258f70e4d22ce53fUbuntu Security Notice 604-1 - Thilo Pfennig and Morten Welinder discovered that the XLS spreadsheet handling code in Gnumeric did not correctly calculate needed memory sizes. If a user or automated system were tricked into loading a specially crafted XLS document, a remote attacker could execute arbitrary code with user privileges.
990e40906caef2fdd3b2791c539e7f9a06adc8208c2193a001b4f35df9f8d3b1The Joomla FlippingBook component version 1.0.4 suffers from a SQL injection vulnerability.
b91cf82667d49b834c132ef9019b45a75e0ef8c89098c2e62799cb06f026b896
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed