Ubuntu Security Notice 615-1 - Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or possibly execute code with user privileges. Note that the ITip Formatter plugin is enabled by default in Ubuntu. Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker code cause a denial of service or execute code with user privileges. Matej Cepl discovered that Evolution did not properly validate date fields when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service. Note that the ITip Formatter plugin is enabled by default in Ubuntu.
193a2293c57e306c6e96a9d6f95e6c78b667727a51dc2eba5e75442bdf6761aa
Network General Enterprise Administrator from Net Scout allows for administrative actions to be performed as a user when direct URLs are visited.
14564c6061f9804588871f0714218b35c62f1000db0fcab460f638deeb011337
Secunia Research has discovered a vulnerability in the Red Swoosh client which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a user's system. Versions 3322 and below are affected.
4c1c94e64ef56ec7d276524f46e13d42871504c8a3f4fc2492eee724c354c6dc
Akamai has become aware of a security vulnerability within the Akamai Client Software which can be exploited to conduct cross-site request forgery attacks. This vulnerability exists only in the Akamai Client Software and does not affect Akamai's other services in any way. Akamai has no evidence to date that any attempt has been made to exploit this vulnerability. Versions up to and including 3322 are affected.
72ff99c29e5128ebdff18a697f10091cc821a63f45ca30f4c8dbc6cce682c502
Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.14.
58f5ad9d336e18d9c4801579273c3fdb7f75dfbd8a8a1cdb31d96c3b7da6c5f8
SchoolCenter versions 8.0 and below suffer from a URL handling cross site scripting vulnerability.
2e60f98e4c8e0ba904bcdadd443411a7ae55d711a435b722329fa1970cdaae07
WEBAlbum version 2.0 and below suffer from a remote stored cross site scripting vulnerability.
4a243ea4bd1630011d4692bf1836c6fa923d09d800068ac5fb50c3226c883751
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Akamai Red Swoosh client, which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a user's system.
350a1daba2315f5b199be94e029fca2059c8e5512d3d6bbd4db7db7504e11599
Secunia Security Advisory - jiko has discovered two vulnerabilities in 1Book, which can be exploited by malicious people to compromise a vulnerable system.
5c76283e49500743fce299de0f6fe91e5106e5d2bffdabee77150415c5e2c097
Secunia Security Advisory - MustLive has discovered a vulnerability in PowerPhlogger, which can be exploited by malicious users to conduct SQL injection attacks.
77acc5219cf9f98b1e3e02f639b33e0b3d848ee45960150c92f3bb4bf7ece484
Secunia Security Advisory - A security issue has been discovered in StorageCrypt, which can potentially be exploited by malicious people to disclose sensitive information.
bb86b5dc8bdffcdc4fdf91a6c9052982a717ae65f86f275ed498b3587aa3e8d6
Secunia Security Advisory - A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library.
42026948b41ba316d176465c8a421d0685bf411d035449d88ce022a07b3ec734
Secunia Security Advisory - CWH Underground has discovered some vulnerabilities in 427BB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
9060e610dd50b52a613737ac79ead9564da6e4f46f005df86c6726db51912eec
Secunia Security Advisory - Some vulnerabilities have been discovered in phpInstantGallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
e7c9849928c54f85ee47483a434af13a5ba7845c57f15cb8f4c0adf8027152d9
Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
91b40281ce7ee38a05f64834a33d14e46a2bd5b785751996be1a68933528d4d7
Secunia Security Advisory - A vulnerability has been reported in Akamai Download Manager, which can be exploited by malicious people to compromise a user's system.
c8fddb72bbd9382463833ff006bee4be6a22d07ffb1cf2ea04f427f910badcab
Secunia Security Advisory - ZAMUT has reported a vulnerability in the EasyBook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
397cd86b02b5354787f58c074b344976b391185b9401db243490dacb5ad21927
Secunia Security Advisory - His0k4 has discovered a vulnerability in the JotLoader component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
493227a2000788f9a25a3c647e459a71e25c1e91dbab1e9844bb54c56ef43873
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to gain escalated privileges.
4127f93df0a4dbc44a371949e8fdc16012719b4eea232248a373f98232de5e2f
Secunia Security Advisory - Core Security Technologies has reported a vulnerability in NASA BigView, which can be exploited by malicious people to compromise a user's system.
6232a348d25a81febf2d6257fd2a31910850d32f19aafcecc8c77d97ed3504d9
Secunia Security Advisory - A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
4a0c7e32e94c27b07b640b71ba5df9aa31135b7db7f52c21a2b988287189dbb6
Secunia Security Advisory - shinnai has discovered some vulnerabilities in Black Ice Barcode SDK, which can be exploited by malicious people to compromise a user's system.
b454ee97db47d053c3f2d034c66d666524c436a54bbb2b01cb834c81013ae334
Secunia Security Advisory - Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
f55cf4fd61a7fbb5c21740b03c389e087dae26608db30582f2ba12f45d74dafb
Secunia Security Advisory - nnposter has reported some vulnerabilities in F5 FirePass, which can be exploited by malicious people to conduct cross-site scripting attacks.
cc9e852b17a1c6c6012f0864c1c948d9c7a8f488cdd11b7b34183dc32d95daf8
Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
230d62664f8fae86b13aec765d811aed971649c3d94ff60fef05f4cd420c2add