Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
6dd5a7a76738f331b6d56ffe34c73c5418ac32061c5e057f8596fdfa57dafedaSecunia Security Advisory - A vulnerability has been reported in Asterisk Addons, which can be exploited by malicious people to cause a DoS (Denial of Service).
43da6f3bcd81ec8380a700082d05a13f0329aca6bf929e1a8f0f0986938842b1F5 FirePass suffers from a cross site scripting vulnerability in relation to content inspection management. The vulnerability has been identified in version 6.0.2, hotfix 3. However, other versions may be also affected.
fa7b53eb4bb1e877c52a314ba71465ab9d213435941d94a9bd4b34842b380de6Secunia Security Advisory - CWH Underground has reported some vulnerabilities in PHP Address Book, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
33da8c6ab210223c5063675606143ee0a81563d3dccda02717ad8a9c0f8ab20biDefense Security Advisory 06.04.08 - Local exploitation of an untrusted library path vulnerability in multiple products distributed by VMware Inc. could allow an attacker to execute arbitrary code with root privileges. The Linux version of VMware products include a program called 'vmware-authd', which is installed set-uid root. When this program is executed, it reads configuration options from the executing user's VMware configuration file. One such option allows the user to specify the directory in which to look for shared library modules needed by the program. By loading a specially crafted library, an attacker can execute arbitrary code with elevated privileges. iDefense confirmed the existence of this vulnerability in the following VMware products: VMware Workstation 6.0.2.59824 for Linux, VMware GSX Server 3.2.1.14497 for Linux, and VMware ESX Server 3.0.1.32039.
a82b3045bcbc7a5650e09e9a047819ec79df3ee1ffa50125706f3b923c1b76ebHP Security Bulletin - A potential security vulnerability has been identified in HP StorageWorks Storage Mirroring (SWSM) Software. This vulnerability could allow remote execution of arbitrary code.
1d54adcee7cbc910b0100f39df938d50f5f9311e4f988da03c3380a0032aa84cSamTodo version 1.1 suffers from a cross site scripting vulnerability.
ab9831a0b463f48bdc3e09b921f629f7d91079d58ef486e9ebc8307b61aed4f2Secunia Security Advisory - His0k4 has discovered a vulnerability in the Simple Shop Galore component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
2a05d68bb52a43a4718da1b32b429ddc310b81c25fd6ab0c96fec92ad76af6bbSecunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
50acc17566d11b3767e7447fe8cf5e9b0e968429f8ce9b7006675b372bc7fd0dSecunia Security Advisory - A weakness has been reported in Sun Service Tag, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
1392cdba06f6b46f1793ed652b21303ee2a71148f75436206af77069d594e385Secunia Security Advisory - Some vulnerabilities have been reported in Slash, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
ecfc323d84110f171a6380db1ee0da1f1b6b174a21bd1c6f18bf9a85d4a7bfbdThe Cisco Linksys router WRH54G httpd suffers from a denial of service vulnerability that does not require authentication. Proof of concept included.
acce020d14e953af66608c1967a9b1c56d262e4d287c0e330894da545fc14b76Black Ice Software Inc. Barcode SDK arbitrary file download and memory corruption exploit that makes use of BIDIB.ocx version 10.9.3.0.
04f7427a5614667e90537034e1adbdc4367df07ff47bacc46071e583b0771f99Black Ice Software Inc. Barcode SDK remote buffer overflow exploit that makes use of BITiff.ocx version 10.9.3.0. Second version of this exploit.
acd614394f7c1d36c348f3967feef9a3109f0de8f56688956b03ab04625975f1Black Ice Software Inc. Barcode SDK remote buffer overflow exploit that makes use of BITiff.ocx version 10.9.3.0.
c304ac9069623f34d41a918496778ecffc24be9fa20591985d22ff9a6da6537dThe Joomla JoomlaDate component suffers from a SQL injection vulnerability.
9ea79a51d9222f1c9729fadbc951f33cb0641fe2c2ef4814909fa7a07e97bd40Asterisk remote crash exploit that makes use of the SIP channel driver when run in pedantic mode.
db2ab9ee9d59a596f7044b24b5300f22e105a5675856a7c4ec1d51facdecaa1cpSys version 0.7.0.a suffers from a remote SQL injection vulnerability.
5aeb09e0c59fefa33079a68c2f3552dea95a1717ab32d38ac0336d6fa0645979Power Phlogger version 2.2.5 suffers from a SQL injection vulnerability.
5a33253d09584199173f11630ac9c5394e56b2ce2d7722689e6f5ca55b4aad05The Joomla simpleshop component versions 3.4 and below suffer from a SQL injection vulnerability.
dba0ca4fa9d9300b254d68db29e08aefa8cda45df55b0f954f63101101dd197a427BB version 2.3.1 suffers from SQL injection and cross site scripting vulnerabilities.
e5b719c9648f8adac417dd67a798ac78bf7c99d095792e36a84ca712ecd83756The e107 eChat Menu plugin suffers from a blind SQL injection vulnerability.
1b7fbfef7e2cd5ea8f2a3772e49ad6dd80ae9fc988152e19f55bab870b1e25a2A parameter injection vulnerability exists in Akamai Download Manager. By exploiting this vulnerability, the remote attacker can make the users to download arbitrary file, and save it to arbitrary location while they are visiting a vicious web page. It means an attacker who successfully exploits this vulnerability can run arbitrary code on the affected system. Akamai Download Manager ActiveX control version 2.2.3.5 is affected.
902f16a639acb0caf6e7858f4b2ecb43999eac24dfc531821022e19dc957cfc0Asterisk Project Security Advisory - The ooh323 channel driver provided in Asterisk Addons used a TCP connection to pass commands internally. The payload of these packets included addresses of memory which were to be freed after the command was processed. By sending arbitrary data to the listening TCP socket, one could cause an almost certain crash since the command handler would attempt to free invalid memory. This problem was made worse by the fact that the listening TCP socket was bound to whatever IP address was specified by the "bindaddr" option in ooh323.conf.
aac2cc0599489e9604748b85058afad532715726a0cde88e1b0bcb8f18309c24CA Secure Content Manager contains multiple vulnerabilities in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.
47555d68b8e92edea082d71fedeb7d325edf58e7a50e1aaa6b62fd587d4992bb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed