Secunia Security Advisory - SuSE has issued an update for gnutls. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
f7439decc209fe72313177d2058ab25b5ac8e153b32e26f1be6f301db3c5893cHyperStop WebHost suffers from an arbitrary database backup vulnerability.
91f2df240a01bfe12144215ba967d991cc02352b3e92ffd31a33f251cc78c247vi and ex appear to suffer from an arbitrary code execution vulnerability via the tags file.
8e4fe4e30f1f789cf10e78023c7e75eb49e76cb5d096c0fcdd86bfc30ecfecd3Ubuntu Security Notice 646-1 - It was discovered that rdesktop did not properly validate the length of packet headers when processing RDP requests. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user. Multiple buffer overflows were discovered in rdesktop when processing RDP redirect requests. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user. It was discovered that rdesktop performed a signed integer comparison when reallocating dynamic buffers which could result in a heap-based overflow. If a user were tricked into connecting to a malicious server, an attacker could cause a denial of service or possible execute arbitrary code with the privileges of the user.
1a39857e464c47ce103fd843802e8f3ac9a25c778331cb477c908a2d3d530407Secunia Security Advisory - A vulnerability has been reported in FFmpeg, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
e313a27c9be6b7627b5e34f6b8fa78311efbeb76b4ca54117767ecd2796f036bSecunia Security Advisory - Two vulnerabilities have been reported in the Talk module for Drupal, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to bypass certain security restrictions.
15cd4ad0e529a13588c84a2736fd216bee92e36420e866b799a5f176d1b61387Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Link To Us module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
9be0b0fbb309b1fde4184359abb6c4e8aabaab768f6f7dc8e453707c43b3b44cSecunia Security Advisory - A vulnerability has been reported in the phpMyAdmin extension for TYPO3, which can be exploited by malicious users to compromise a vulnerable system.
94d2baaf1e2ae117658880f0d5f7ff6850ed6c33dd447cb9bcf2c5414fea8b34Secunia Security Advisory - John Cobb has discovered a vulnerability in Quick.Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.
3244c4ba85368ca46c7a69ab6fd1a8f9a076564c4299c552773bfadc861a66daMandriva Linux Security Advisory - Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release. A vulnerability in ClamAV's chm-parser allowed remote attackers to cause a denial of service (application crash) via a malformed CHM file. A vulnerability in libclamav would allow attackers to cause a denial of service via vectors related to an out-of-memory condition. Multiple memory leaks were found in ClamAV that could possibly allow attackers to cause a denial of service via excessive memory consumption. A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks. Other bugs have also been corrected in 0.94 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. The previous update had experimental support enabled, which caused ClamAV to report the version as 0.94-exp rather than 0.94, causing ClamAV to produce bogus warnings about the installation being outdated. This update corrects that problem.
7fed0fc5a456da386e0f0d493038985b933c7c0ca06e6ca0f353d56bc41c15feAlcomedia CMS has a default administrative login left in it upon installation.
ea4c805419e39d3b2ee1f6d726a302882ed43bcc3546f32264e6be9bae4539c4The World Association of Newspapers suffers from a remote SQL injection vulnerability in articles.php.
fee366ae992c786a3161cbe7d11678cc706d379c414b7b825b86f3682809d178The password checking routine of SafeBoot Device Encryption fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users. Affected is McAfee Safeboot Device Encryption version 4, Build 4750 and below.
78a8f15592e7899a1c913eeb459f8791629f0e1831fb0927ed20feae27499353ProActive CMS suffers from a local file inclusion vulnerability.
c9846d2ae423ae1ad4d13dcbe643b396a8cc054b3d6d0e7cb07107209dc5b324Secunia Security Advisory - HaCker_Egy has reported a vulnerability in E-Php Content Management System, which can be exploited by malicious people to conduct SQL injection attacks.
c64e4906acbad306d3d79004dfa9dbcde299f65714e0d9a3c3d0a912970017b2The Sama Educational Management System suffers from a cross site scripting vulnerability.
3d61ffe060557cc9b43397d81bedf6a4cc68db7a50191d85c6d8099e2a1d143fThe Link to Us module in Drupal suffers from a cross site scripting vulnerability.
5fbf55a40e4ec7f225239908cfb63b65ea1cd612ae872293125c575b5ae480f8HP Security Bulletin - A potential security vulnerability has been identified with HP OpenVMS SMGRTL Run Time Library. The vulnerability could be exploited locally by an authorized user to gain extended privileges.
b6bcce69547bc1df33441518cef314abf988c2f1bf7333d21aecb1881dc7a48dMenalto Gallery versions prior to 2.2.6 failed to set the secure flag in the session cookie allowing for session hijacking.
abff3ad67ab14ebf55f9da0c0e8959080407847a2106e0bb1f87d45c942811acCYASK version 3.x suffers form a local file disclosure vulnerability in collect.php.
906f1c59e697d9ab71c6ce749a8b5ca2a357dcc52ec4429b7b22316f1f6c5804Diesel Joke Site suffers from a remote SQL injection vulnerability in picture_category.php.
915d6d4b6ab21a487c553c1ad66f4fc4cb48c1be094e0e78df8a061ddf503a7bProArcadeScript version 1.3 suffers from a remote SQL injection vulnerability.
d44522cbdc96b2b533c8bca54fbfe7e615972c179d9b8f69981dfe5aedf290f2Addalink versions 4 and below suffer form a remote SQL injection vulnerability.
f67eacd3340319df0287d05c6431ff7bc8814ea7a330dc8b346b70f53c013389Secunia Security Advisory - SirGod has discovered a vulnerability in iScripts EasyIndex, which can be exploited by malicious people to conduct SQL injection attacks.
627cdfd31060885cc95f9631c0a89d4545350cad49971e918590830d128df7f7Secunia Security Advisory - Shinnok raydenxy has discovered a vulnerability in Personal FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
ca49574c61af6f0c3031b4f9667832add9f7a95deb164b3debea4a1ad220c240
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed