FreeNews version 1.1 suffers from a cross site scripting vulnerability.
21ace3528bae3c10942e4ecb9e02ef76257fcebac4e2ddd86accb91200e01417FreeNews version 1.1 suffers from a shell upload vulnerability.
aed84b53d94de1e8cd9c04e2322490c74d50660c494cd37366ba299825204f4aPhortail version 1.2.1 proof of concept cross site scripting exploit.
b77c5c8d25baad7ee0b48aa737a826b24566cf77dc11dddd426244c67dbc140dGentoo Linux Security Advisory GLSA 200903-10 - A buffer overflow might lead to the execution of arbitrary code or a Denial of Service. An unspecified component of the B3D loader is vulnerable to a buffer overflow due to missing boundary checks. Versions less than 1.5 are affected.
ec0fd6683d3c3110d1eebe8d9e48f5b54c399f7f65cef3d63c65972a81f774f5Gentoo Linux Security Advisory GLSA 200903-09 - Multiple buffer overflows in OpenTTD might allow for the execution of arbitrary code in the server. Multiple buffer overflows have been reported in OpenTTD, when storing long for client names (CVE-2008-3547), in the TruncateString function in src/gfx.cpp (CVE-2008-3576) and in src/openttd.cpp when processing a large filename supplied to the -g parameter in the ttd_main function (CVE-2008-3577). Versions less than 0.6.3 are affected.
d0dd2c09cb6142ed005907fc4336df440befa6923e2633c94f2cdad8d7416358Gentoo Linux Security Advisory GLSA 200903-08 - An insecure temporary file usage has been reported in gEDA, allowing for symlink attacks. Dmitry E. Oboukhov reported an insecure temporary file usage within the sch2eaglepos.sh script. Versions less than 1.4.0-r1 are affected.
eade1902d4618f6e7e26d24eb0e0c023f179d8e2f009a4c43eb5262a089dee3bGentoo Linux Security Advisory GLSA 200903-07 - A missing boundary check in Samba might lead to the disclosure of memory contents. Samba does not properly check memory boundaries when handling trans, rans2, and nttrans requests. Versions less than 3.0.33 are affected.
8fd49d83e8050c0a9a19f33968df74257795838ff4bb5514b96f26cb549e2276Gentoo Linux Security Advisory GLSA 200903-06 - An error in nfs-utils allows for bypass of the netgroups restriction. Michele Marcionelli reported that nfs-utils invokes the hosts_ctl() function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups. Versions less than 1.1.3 are affected.
9b39b04606335bdaab1674b4b1ffa216be3d10650cb082d83a7346141c09d41fGentoo Linux Security Advisory GLSA 200903-05 - Multiple vulnerabilities in the PDFjam scripts allow for local privilege escalation. Martin Vaeth reported multiple untrusted search path vulnerabilities (CVE-2008-5843). Versions less than 1.20-r1 are affected.
8bfe0aeaa94cb8885733bdbc7963abc82f144d83e8d58f55daa63da2af7f8877Mandriva Linux Security Advisory 2009-068-1 - A crafted PDF file that triggers a parsing error allows remote attackers to cause denial of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method. A crafted PDF file that triggers a parsing error allows remote attackers to cause denial of service. This bug is consequence of an invalid memory dereference on JBIG2SymbolDict::~JBIG2SymbolDict destructor when JBIG2Stream::readSymbolDictSeg method is used. This update provides fixes for those vulnerabilities. This update does not apply for under Corporate Server 4.0 libpoppler0-0.4.1-3.7.20060mlcs4. The previous packages were not signed, this new update fixes that issue.
4e323da1368a38f9cc9e608ee61624d1029f85448fa1473e7c58492d8f40e4b4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed