MX-System version 2.7.3 suffers from a remote SQL injection vulnerability in index.php.
3a1fd80ea9dd9fc795df567e10b9b2fc86b871412e68eb482303ce190ad26b7aCore Security Technologies Advisory - The Borland Interbase 2007 database server is vulnerable to an integer overflow when a malformed packet is sent to the default TCP port 3050. The integer overflow can cause a stack overflow, which allows arbitrary code execution with system privileges. Service pack 2 (0.1.0.256) on Solaris and Windows are both vulnerable.
162a64117efd8eb84f7236e3d10643be16aefc4e640167283fec90fcd738ad1aGentoo Linux Security Advisory GLSA 200805-19 - Multiple vulnerabilities in ClamAV may result in the remote execution of arbitrary code. Versions less than 0.93 are affected.
94f4cd377666b3a02a7235e283b082ccc3e04990b3a577a9aec33d2e22c6b09bGentoo Linux Security Advisory GLSA 200805-18 - Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, SeaMonkey and XULRunner, some of which may allow user-assisted execution of arbitrary code. Versions less than 2.0.0.14 are affected.
0be1f28cc28c33f9527f262fab77a030b56ac3b42790cbcd8cb8957fadd87d38Secunia Security Advisory - dun has reported two vulnerabilities in TAGWORX.CMS, which can be exploited by malicious people to conduct SQL injection attacks.
65cb4f3f7deb2a5bac584a4f82be1d79b104500bfdd44a881384328202eb0cf5Secunia Security Advisory - Raz0r has reported a vulnerability in microSSys CMS, which can be exploited by malicious people to compromise a vulnerable system.
f8fbbad968e0519e12e54cfcf3ec4bc956938d7272cb32a5efee6ab2d7dd58acSecunia Security Advisory - A vulnerability has been reported in Nagios, which can be exploited by malicious people to conduct cross-site scripting attacks.
f5eb34297a8b113981a557f26925aa1a95766b315e0a76a8a46e9ed03d2aeae6Secunia Security Advisory - CWH Underground has discovered a vulnerability in how2ASP Webboard, which can be exploited by malicious people to conduct SQL injection attacks.
c48fe82ce962ca4877d613a31759b7ef26b818f84bc4191f77bf711c1f0b8ce4Secunia Security Advisory - Some vulnerabilities have been reported in CA ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system.
b96e6a8c7a599cacf935c9709aa67075d81e4a26d1404b6bacf203718dca4d80Secunia Security Advisory - Matrix86 has reported two vulnerabilities in the Forum Rank System module for PHP-Fusion, which can be exploited by malicious people to disclose sensitive information.
f4c4af49be7e05282af6208650535cb7992114bfc0f4d90401f562a705be193fSecunia Security Advisory - Will Dormann has reported some vulnerabilities in PhotoStockPlus Uploader Tool ActiveX control, which can be exploited by malicious people to compromise a vulnerable system.
49967c5cf86922c808985e470413f562d5a74f8cadfa47d76c420cb9e870e874Secunia Security Advisory - Russ McRee has reported a vulnerability in dotCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
968e23b63cb2539ebc4e378b0c7c3be1f17f6d01d8e742c96b3dae314b49780cSecunia Security Advisory - A security issue has been reported in HP-UX, which can be exploited by malicious, local users to bypass certain security restrictions.
5b03d47c3d048b2c9e2e940936911ce342578500914a6e13e37d57adc9bbd93eGentoo Linux Security Advisory GLSA 200805-17 - Tavis Ormandy and Will Drewry of the Google Security Team have reported a double free vulnerability when processing a crafted regular expression containing UTF-8 characters. Versions less than 5.8.8-r5 are affected.
d88e369b9e48822ff46b850329243a153947387b3f1c99e2f7086e62266430edDebian Security Advisory 1583-1 - Several remote vulnerabilities have been discovered in Gnome PeerCast, the Gnome interface to PeerCast, a P2P audio and video streaming server. Luigi Auriemma discovered that PeerCast is vulnerable to a heap overflow in the HTTP server code, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request. Nico Golde discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a buffer overflow in the HTTP Basic Authentication code, allowing a remote attacker to crash PeerCast or execute arbitrary code.
71942b2ac6658a087c35510bc6a9190f912af7eaf0b6ca21034f4ac8552df7f4Debian Security Advisory 1582-1 - Nico Golde discovered that PeerCast, a P2P audio and video streaming server, is vulnerable to a buffer overflow in the HTTP Basic Authentication code, allowing a remote attacker to crash PeerCast or execute arbitrary code.
f497d5c7caf81a7af7bfa11086cae1d44845600da0443835be483250fa4486ccDebian Security Advisory 1581-1 - Several remote vulnerabilities have been discovered in GNUTLS, an implementation of the SSL/TLS protocol suite. A pre-authentication heap overflow involving oversized session resumption data may lead to arbitrary code execution. Repeated client hellos may result in a pre-authentication denial of service condition due to a null pointer dereference. Decoding cipher padding with an invalid record length may cause GNUTLS to read memory beyond the end of the received record, leading to a pre-authentication denial of service condition.
d2f29ae70f7b4441b6a3254c5c79d7457ce29380453a05d402274526b66a0c52ComicShout version 2.5 suffers from a remote SQL injection vulnerability in index.php.
552e238f194d7d3b98d6ff0c318c2fd476c3ddd97a90a94e22141bcfa22b0d0aMantis Bug Tracker version 1.1.1 suffers from remote code execution, cross site scripting, and cross site request forgery vulnerabilities.
f69ef268367fecefac3205565ba9c1d3f5e36237f4b833741139a9350750a069CERT-FI Vulnerability Advisory on GnuTLS - GnuTLS versions prior to 2.2.4 suffer from denial of service and buffer overflow vulnerabilities.
4fad2f62281a9573d22d833f9bf5892a8a3c0c9175ed6f917a2b3b249e3db76deCMS version 0.4.2 suffers from remote SQL injection and bypass vulnerabilities.
f6ff84c0783097a21f22c7185d59fbc46712386c4cc4ec409e38e35e99d39536Stargames Control Panel versions 4.6.2 and below suffer from a cross site scripting vulnerability.
a7e392cb9b2a900bff037782cbdc3f100c3767c8f715832b9369a1fbfd5f55feAppServ Open Project versions 2.5.10 and below suffer from a cross site scripting vulnerability.
54ed458145c4ec35f691ab5d23197dad293dabf759f28984e4ffb1a5a61bce90EntertainmentScript version 1.4.0 local file inclusion exploit that takes advantage of page.php.
28a6414bbd6b0a8aff27caf50b5106c84959092170e3283996dedc835f609539EntertainmentScript suffers from a remote SQL injection vulnerability in play.php.
2404fbf0960e44e2e6d66079fda32045c025f00068ac4fc0d27d8f7f9e478ff3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed