Secunia Security Advisory - securfrog has discovered some vulnerabilities in MDaemon, which can be exploited by malicious people to cause a DoS (Denial of Service) and by malicious users to potentially compromise a vulnerable system.
24175cdad1c68bf9dff4a4e0af976752af56eb7354783778a274c0255f6164a5Gentoo Linux Security Advisory GLSA 200806-02 - Anthony de Almeida Lopes reported a vulnerability in libxslt when handling XSL style-sheet files, which could be exploited to trigger the use of uninitialized memory, e.g. in a call to free(). Versions less than 1.1.24 are affected.
dd80cca4ccf8f40fddcf806239995324c95cfa78db36e7280dc165d51db08d8bGentoo Linux Security Advisory GLSA 200806-01 - Adam Zabrocki reported a boundary error within the split_redraw() function in the file split.c, possibly leading to a stack-based buffer overflow. Versions less than 0.73-r1 are affected.
414fca87f1f0d02364890b4e35a28616e977900a8f6218104885544e9c2c462fsiteXS CMS version 0.1.1 suffers from directory traversal, arbitrary file upload, and remote file inclusion vulnerabilities.
b3bb67ea76fdc9ae70d32fe567d1a5b94251c951743ec6c89cf46961b7879aebHP Security Bulletin - A potential security vulnerability has been identified in HP StorageWorks Storage Mirroring (SWSM) software. This vulnerability could allow remote execution of arbitrary code.
3c0854d9b27b4f13e87a348e3120db51d74fd1b2e802968fcdc9eb08f63b19c4Microsoft's Windows Installer (msiexec.exe) suffers from a stack overflow vulnerability in versions 4.5.6001.22159 and 3.1.4000.1823.
7fb9685e586619f79ce94dc12fde63c4d3015dff0841b6555bf5e7d120a7bcfbBattle Blog versions 1.25 and below suffer from a remote SQL injection vulnerability in comment.asp.
9096c95bdfeaee58f27a05204eb86c5a1fe98574b25119e32a7225d8e25b36feDebian Security Advisory 1591-1 - Several local (remote) vulnerabilities have been discovered in libvorbis, a library for the Vorbis general-purpose compressed audio codec. libvorbis does not properly handle a zero value which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow. Integer overflow in libvorbis allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. Integer overflow in libvorbis allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file which triggers a heap overflow.
5cbc1c4257a832ae7221c8430db4f565a983d55995d8984353d9335f85399dd1Defcon 16 Updates - Quick note describing events and contests that will take place this year at Defcon 16 in Las Vegas, Nevada, USA from August 8th through the 10th and how you can get involved.
e26c08922d3d7c3b75d5fc743cf737b8f4a5632b3a161c31fb77e56fbbb82e32Tomcat versions 5.5.9 through 5.5.26 and versions 6.0.0 through 6.0.16 suffer from a host-manager cross site scripting vulnerability.
8808a3da5ed86e0f31b49d8245c32c84d0730206e950d7964fd18089497a3952The Joomla iDoBlog component versions b24 and below suffer from a remote SQL injection vulnerability.
685f74f5c202274edc28d1641d5e4009ee4c472231558922a2c7a019dc3536b2The Joomla Joomradio component version 1.0 suffers from a remote SQL injection vulnerability.
ed90a32eabd08b4b9081ba542204bf82dae94ba7a989065ab761c5b6a13b6766Secunia Security Advisory - Tan Chew Keong has reported a vulnerability in FFFTP, which can be exploited by malicious people to compromise a user's system.
1e8df4941cb6a0731e7ea1a925211e0d53d15a0d1d281cb7a7356f4cfbc51c00Secunia Security Advisory - irk4z has reported two vulnerabilities in CMSimple, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system.
d13b520fff6fb742e18250f8fbb6f4505eb4e9dd431cee24af2d2d460a68fbc5Secunia Security Advisory - A vulnerability has been reported in Kaya, which can be exploited by malicious people to conduct HTTP header injection attacks.
e13fb5a213f103d9b53f484edb01153070579c923542fa42625e3ebe67390f49Secunia Security Advisory - A vulnerability has been reported in Apple Safari in combination with Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
2ca511e769cc4d40480a69d6aa549de74b0b764ad6058fe58faf25a923aed55eSecunia Security Advisory - Some vulnerabilities and a weakness have been reported in GreenSQL-Console, which can be exploited by malicious people to disclose system information or conduct cross-site scripting attacks.
a6f10b599c6166bb2f57e63bdb9b75cfb30572ef84f6395e8351e773dd96f134Secunia Security Advisory - Some vulnerabilities have been reported in multiple VMware products, which can be exploited by malicious, local users to bypass certain security restrictions.
5da11bf9b5f3d6f616241d22ea4c88a1c93f4338b3edb246c9cf47aa54453fbdSecunia Security Advisory - Debian has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise an application using the library.
6c1b352cc8acac48b3d845014ca1b423dd80c164de49db5e7aa25313d4f47aedSecunia Security Advisory - A vulnerability has been reported in Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks.
73289a40df61dee8972e7933b6fe3d72e19a4643d4e5cdcef6541270b04225d1The Joomla equotes component suffers from a remote SQL injection vulnerability.
49b321c552abc71154d93221f614150f59cc4fcdad6fdc1a88dfe2046431edd1Softpedia SiteXS CMS version 0.1.1 suffers from an arbitrary file upload vulnerability.
05be9a437dd9066bfa57e3c71ecf722823750a85880e6d6cbe030ce839be78c2SMEweb version 1.4b suffers from SQL injection and cross site scripting vulnerabilities.
0c2102907a6be68354331f07020dcfdc9f8b8817d24324aeff9e059e5cb91a93
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed