Ubuntu Security Notice 615-1 - Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service or possibly execute code with user privileges. Note that the ITip Formatter plugin is enabled by default in Ubuntu. Alin Rad Pop of Secunia Research discovered that Evolution did not properly validate the DESCRIPTION field when processing iCalendar attachments. If a user were tricked into accepting a crafted iCalendar attachment and replied to it from the calendar window, an attacker code cause a denial of service or execute code with user privileges. Matej Cepl discovered that Evolution did not properly validate date fields when processing iCalendar attachments. If a user disabled the ITip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denial of service. Note that the ITip Formatter plugin is enabled by default in Ubuntu.
193a2293c57e306c6e96a9d6f95e6c78b667727a51dc2eba5e75442bdf6761aaNetwork General Enterprise Administrator from Net Scout allows for administrative actions to be performed as a user when direct URLs are visited.
14564c6061f9804588871f0714218b35c62f1000db0fcab460f638deeb011337Secunia Research has discovered a vulnerability in the Red Swoosh client which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a user's system. Versions 3322 and below are affected.
4c1c94e64ef56ec7d276524f46e13d42871504c8a3f4fc2492eee724c354c6dcAkamai has become aware of a security vulnerability within the Akamai Client Software which can be exploited to conduct cross-site request forgery attacks. This vulnerability exists only in the Akamai Client Software and does not affect Akamai's other services in any way. Akamai has no evidence to date that any attempt has been made to exploit this vulnerability. Versions up to and including 3322 are affected.
72ff99c29e5128ebdff18a697f10091cc821a63f45ca30f4c8dbc6cce682c502Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.14.
58f5ad9d336e18d9c4801579273c3fdb7f75dfbd8a8a1cdb31d96c3b7da6c5f8SchoolCenter versions 8.0 and below suffer from a URL handling cross site scripting vulnerability.
2e60f98e4c8e0ba904bcdadd443411a7ae55d711a435b722329fa1970cdaae07WEBAlbum version 2.0 and below suffer from a remote stored cross site scripting vulnerability.
4a243ea4bd1630011d4692bf1836c6fa923d09d800068ac5fb50c3226c883751Secunia Security Advisory - Secunia Research has discovered a vulnerability in Akamai Red Swoosh client, which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a user's system.
350a1daba2315f5b199be94e029fca2059c8e5512d3d6bbd4db7db7504e11599Secunia Security Advisory - jiko has discovered two vulnerabilities in 1Book, which can be exploited by malicious people to compromise a vulnerable system.
5c76283e49500743fce299de0f6fe91e5106e5d2bffdabee77150415c5e2c097Secunia Security Advisory - MustLive has discovered a vulnerability in PowerPhlogger, which can be exploited by malicious users to conduct SQL injection attacks.
77acc5219cf9f98b1e3e02f639b33e0b3d848ee45960150c92f3bb4bf7ece484Secunia Security Advisory - A security issue has been discovered in StorageCrypt, which can potentially be exploited by malicious people to disclose sensitive information.
bb86b5dc8bdffcdc4fdf91a6c9052982a717ae65f86f275ed498b3587aa3e8d6Secunia Security Advisory - A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library.
42026948b41ba316d176465c8a421d0685bf411d035449d88ce022a07b3ec734Secunia Security Advisory - CWH Underground has discovered some vulnerabilities in 427BB, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
9060e610dd50b52a613737ac79ead9564da6e4f46f005df86c6726db51912eecSecunia Security Advisory - Some vulnerabilities have been discovered in phpInstantGallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
e7c9849928c54f85ee47483a434af13a5ba7845c57f15cb8f4c0adf8027152d9Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.
91b40281ce7ee38a05f64834a33d14e46a2bd5b785751996be1a68933528d4d7Secunia Security Advisory - A vulnerability has been reported in Akamai Download Manager, which can be exploited by malicious people to compromise a user's system.
c8fddb72bbd9382463833ff006bee4be6a22d07ffb1cf2ea04f427f910badcabSecunia Security Advisory - ZAMUT has reported a vulnerability in the EasyBook component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
397cd86b02b5354787f58c074b344976b391185b9401db243490dacb5ad21927Secunia Security Advisory - His0k4 has discovered a vulnerability in the JotLoader component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
493227a2000788f9a25a3c647e459a71e25c1e91dbab1e9844bb54c56ef43873Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious, local users to gain escalated privileges.
4127f93df0a4dbc44a371949e8fdc16012719b4eea232248a373f98232de5e2fSecunia Security Advisory - Core Security Technologies has reported a vulnerability in NASA BigView, which can be exploited by malicious people to compromise a user's system.
6232a348d25a81febf2d6257fd2a31910850d32f19aafcecc8c77d97ed3504d9Secunia Security Advisory - A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
4a0c7e32e94c27b07b640b71ba5df9aa31135b7db7f52c21a2b988287189dbb6Secunia Security Advisory - shinnai has discovered some vulnerabilities in Black Ice Barcode SDK, which can be exploited by malicious people to compromise a user's system.
b454ee97db47d053c3f2d034c66d666524c436a54bbb2b01cb834c81013ae334Secunia Security Advisory - Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
f55cf4fd61a7fbb5c21740b03c389e087dae26608db30582f2ba12f45d74dafbSecunia Security Advisory - nnposter has reported some vulnerabilities in F5 FirePass, which can be exploited by malicious people to conduct cross-site scripting attacks.
cc9e852b17a1c6c6012f0864c1c948d9c7a8f488cdd11b7b34183dc32d95daf8Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).
230d62664f8fae86b13aec765d811aed971649c3d94ff60fef05f4cd420c2add
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed