Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Indeo Codec.
5f90093f15576c93a7e535668a04f311b35d663f41b6f8032f3426c120380983Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Microsoft Office Project.
85fde7d2fb06828a2fc44b2c222a6521d35553bed85166548611e98e6cc84f77Technical Cyber Security Alert 2009-342A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.
ec6c304e559e65a67740bedd042870280468e99a38a0efa95860ac3a04f81782Zero Day Initiative Advisory 09-091 - This vulnerability allows remote attackers to execute arbitrary code on vulnerability installations of HP Application Recovery Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the OmniInet process listening by default on TCP port 5555. The OmniInet process uses a custom protocol for handling requests. When handling MSG_PROTOCOL (0x010b) packets arbitrary user supplied data is copied to the stack without proper bounds checking. Successful exploitation of this vulnerability can lead to remote code execution under the SYSTEM context.
c91eea10325dd73f5d29148d40da67751e4d3a05b137239098bfa7cfbcd90b9cUbuntu Security Notice 867-1 - Robin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remote attacker could send a crafted NTP mode 7 packet with a spoofed IP address of an affected server and cause a denial of service via CPU and disk resource consumption.
6c30be182ae26f6df9a4ef44bce722030691c736b06b01afcfc2436788af8aa2Mandriva Linux Security Advisory 2009-276 - The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected static media files, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL. Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression. The versions of Django shipping with Mandriva Linux have been updated to the latest patched version that include the fix for this issue. In addition, they provide other bug fixes. Packages for 2008.0 are being provided due to extended support for Corporate products.
ddae85e78f414c5a0d4d2d3cf0abcaf32ba67b9db589ba9481843ce773286b54Mandriva Linux Security Advisory 2009-030 - Data length values in metadata Audible Audio media file (.aa) can lead to an integer overflow enabling remote attackers use it to trigger an heap overflow and enabling the possibility to execute arbitrary code. Failure on checking heap allocation on Audible Audio media files (.aa) allows remote attackers either to cause denial of service or execute arbitrary code via a crafted media file. This update provide the fix for these security issues. Packages for 2008.0 are being provided due to extended support for Corporate products.
9e38ac57b978f81b9a736dd76fb0aa10e2d398eee8cbab2106dee52124428a27Mandriva Linux Security Advisory 2009-038 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Blender working directory. This update provides fix for that vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
9a26844c67c94caa224d0a62392f35e4642f54fb484c6efa85d144cc839b5606Illogator Shop suffers from a remote SQL injection vulnerability that allows for remote authentication bypass.
2955775d321021621b596f5a35fe0e9b1ec1771d4c0b0505c6dd624da6293204DPI version 1.1-Final powered by Clixint suffers from a cross site scripting vulnerability.
8995f0363094231d3f9791938496531df3248f9928e007e62d58bcf4bf0014782009 You! Hostit! suffers from a cross site scripting vulnerability.
78e5d19377bbd1a93856df7b621e3435a3f54b4e578b478b31bb4238c27e6f1eMandriva Linux Security Advisory 2009-046 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current dia working directory. This update provides fix for that vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
7a499212820bfd2f5ff05357dc117f21dde34ad5d234838f8d93e6296c7017bfMandriva Linux Security Advisory 2009-059 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current X-Chat working directory. This update provides fix for that vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
e41de6e8cc24cdf26f1fc4e97c1dbeab4c45e1ebf1dfe5c7e0b74c0ee164b69bCA's support is alerting customers to a security risk with CA Service Desk. A cross-site scripting vulnerability exists that can allow a remote attacker to potentially gain sensitive information. CA has issued patches to address the vulnerability.
c693621b91a9aa7cb65f2332d160db6216d422e57c07d7703086080646986b6dZero Day Initiative Advisory 09-090 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Intel Indeo41 codec which is accessed by various applications through the Video Compression Manager. This codec is registered to handle IV41 streams within a container such as the AVI format. While decompressing a video stream malicious data can cause a loop to execute excessively and consequently corrupt the application's stack. By providing specific values this can lead to an exploitable condition which can be leveraged by attackers to execute arbitrary code under the context of the user accessing the file.
ecbc354dea6cfc3080099e33781d9d75220ba38fa20c08cb762d561f635cbfd6Zero Day Initiative Advisory 09-089 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Intel Indeo41 codec which is accessed by various applications through the Video Compression Manager. This codec is registered to handle IV41 streams within a container such as the AVI format. Due to the lack of bounds checking on a specified size within the 'movi' record a heap overflow can occur. If successfully exploited this vulnerability can allow attackers to execute arbitrary code under the context of the user accessing the file.
0fd7cca6902347a23e3907f81b6bb96edbb65de9d846ca581a54ace009928fdbZero Day Initiative Advisory 09-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious web page. The specific flaw exists during deallocation of a circular dereference for a CAttrArray object. If the CAttrArray object has been freed prior to the tearing down of the webpage, the application will access the freed memory during the deallocation of the circular dereference. This can lead to code execution under the context of the currently logged in user.
e33fa748c28002f94d22528e4a1f5ef737f27f1b8c83a2c6f46f201f8f91c913Debian Linux Security Advisory 1948-1 - Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets.
93a6af3f2f904141066f4c44555291616f560099115091d28c235a43e2444799
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed