Ubuntu Security Notice USN-806-1 - It was discovered that Python incorrectly handled certain arguments in the imageop module. If an attacker were able to pass specially crafted arguments through the crop function, they could execute arbitrary code with user privileges. For Python 2.5, this issue only affected Ubuntu 8.04 LTS. Multiple integer overflows were discovered in Python's stringobject and unicodeobject expandtabs method. If an attacker were able to exploit these flaws they could execute arbitrary code with user privileges or cause Python applications to crash, leading to a denial of service.
c8fae5e6de505386b8a8bf4f7a7ec80d7d5ec6659c0974814d50ac793bc6138d
Technical Cyber Security Alert TA09-204A - Adobe has released Security advisory APSA09-03, which describes a vulnerability affecting Adobe Flash. Other Adobe applications that include the Flash runtime, such as Adobe Reader 9, are also affected.
8ff12095356d939f20d9b9628c3aa12c061184870a1b8c5909d5e22e66a4d540
Communigate Pro versions 5.2.14 and below suffer from a cross site scripting vulnerability.
4e0228d024901ce8166756271e48ce39e5ac78dcf8b1da33e12d5ccc94c661ee
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
6370f819a2d31421a297ab65cd4b65434207b3d34db73fa45a59da790210b9dc
The Joomla Joomloads component suffers from a remote SQL injection vulnerability.
106f4d5ed140559da25bb2b51e24d7fb1867e902430965e5171dfa6dae003c25
PHP Melody version 1.5.3 suffers from a remote file upload and SQL injection vulnerabilities.
578183abffa2b682eadaf863479e76409411940b1fbf01c875cb6b8a274a1947
PowerTM version 1.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
cf9d8aa96b9dee35f949deadafdd0f12129a470db3d5d28fa16abf040af5c175
WINMOD version 1.4 local stack overflow exploit that creates a malicious .lst file.
580ca793824f61c7250c938f1c46d7e88a0d41e7e9e4e5c32cc127a5ec257b61
AWCM version 2.1 suffers from local file inclusion and remote SQL injection vulnerabilities. The SQL injection vulnerability allows for authentication bypass.
185edd6e46fc0fc5bfb95531fe5ce93b2cf011506c6c3f2ab72ee190f1290894
The my_gallery version 2.4.1 plugin for e107 suffers from a local file disclosure vulnerability in readfile().
cfc848134d90297d8b1e87adcfb56229a852765353221339c2b362ae6383cdcd
The pdf in this tarball takes advantage of an Adobe Flash vulnerability. This is real malware and should only be used for analysis purposes. Be careful and do not view this unless you want to get rooted.
1b26e4edbd7653713594a900e85c2c30331824e2b87505c5f7cf3c1389153470
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
6396eb5f7f6cfaac1d8b3df0b2b8c0e9e3a83d9051e53cc4dbb90b0f7df26e86
Secunia Security Advisory - A vulnerability has been reported in The BLOB Blog System, which can be exploited by malicious people to conduct cross-site scripting attacks.
a239582cb53c247fd011376282e63bb2f6db1ae75746af9bf5ec177cc561b49c
Secunia Security Advisory - MizoZ has reported some vulnerabilities in Clone2009, which can be exploited by malicious people to conduct SQL injection attacks.
468d30205ebe376629d6fca9366d015561579417e013397862c9db2fdcd0c7ab
Secunia Security Advisory - A weakness and a vulnerability have been discovered in Joomla!, which can be exploited by malicious people to disclose certain system information and compromise a vulnerable system.
50b80bca2f0292c26a79b1a74f59690a0e8f170ded6a7198d5fdec11c5075716
Secunia Security Advisory - A vulnerability has been reported in Akamai Download Manager, which can be exploited by malicious people to compromise a user's system.
58699ad8d59354a6ad14499e7a94577168d423f05774ba43ca6dc8e99afdd22b
Secunia Security Advisory - Some vulnerabilities have been reported in the Bubbletimer module for Drupal, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks, and by malicious users to conduct script insertion attacks.
6c587d4dcf3097c24bf96d481ddc2c9ee3ede67e765669b067c04e5f90fc1693
Wmshop Premium versions 8.1, 12.0, and 13.0 suffer from a database configuration disclosure vulnerability.
1c6f8d36ee0db9125d251d6b4b76c53cb8e69ff8d38f2279852c7a88bc6595b5
Wmshop versions 5.08 through 6.0 suffers from a forum password disclosure vulnerability.
89cb14e32960a3458fafac4dd59f0424e691ec4c65d6db751af09fb2539bb992
Valentina suffers from a database configuration disclosure vulnerability.
3244696757bac2ee26830bd88712890ccbd1f0c363127d4ae8325530d4685563
Valentina suffers from a cookie handling vulnerability that allows for privilege escalation and a shell upload.
14a549b7355f6602692da4dfd32c3ac09737b0f82c5eec644aa9dfcfcd8418cd
Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. Arbitrary remote code execution can be achieved by creating a special website and enticing the victim into visiting that site. iPhone OS versions 1.x through 2.2.1 and iPhone OS for iPod Touch versions 1.x through 2.2.1 are affected.
133f492014f2bfbfa80c0caa0d28b13729b130a662880909a1e4dec7f7c492d9
Debian Security Advisory 1840-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
06bec18fe61ea63a11f102981e53bbd0c64e40a1fd5f1ef0e72bd54842fa19bf
Microsoft Windows x86 null-free bindshell shellcode for Windows 5.0 through 6.0 all service packs.
e30984bbffd193b9456095ecf59c11dc4559ea1dda013038d818184452fc953f
Secunia Security Advisory - A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system.
98d694aceb19dc6548cb50a8c834af1197dc89de39aa73c9f8588b65a86e6c69