Mandriva Linux Security Advisory 2010-019 - An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. The updated packages have been patched to correct this issue.
ff10bc8eca9a6a43d582662f4c5151e1182d17005b3fe1edbc0e40b347c70185
KloNews suffers from a cross site scripting vulnerability.
f6277c13d0d9ef8a733fc7b172fd1649109bbdde68a10c1d454137aa94e234dc
Secunia Research has discovered two vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by two integer overflow errors when processing Shockwave 3D models. These can be exploited to corrupt heap memory via specially crafted Shockwave files. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
17d57c1485e5cf9ef58b9f14925858958264e555b5c7bbdb27ea51453dfade52
Cisco Security Advisory - The SSH server implementation in Cisco IOS XR Software contains a vulnerability that an unauthenticated, remote user could exploit to cause a denial of service condition. An attacker could trigger this vulnerability by sending a crafted SSH version 2 packet that may cause a new SSH connection handler process to crash. Repeated exploitation may cause each new SSH connection handler process to crash and lead to a significant amount of memory being consumed, which could introduce instability that may adversely impact other system functionality. During this event, the parent SSH daemon process will continue to function normally.
1d874dbf5d6f487281bc53e2314997329cf1a5a306a003e3d2762a43c3fd8a06
The Joomla ACProjects component suffers from a remote SQL injection vulnerability.
bafdd4923b15f4328ba20bd35036373f9d7871ad52660905d5a7f57e1f811bd6
Debian Linux Security Advisory 1974-1 - Several vulnerabilities have been found in gzip, the GNU compression utilities.
e397141f9be1ae80a34d9e6ea6e578ba79705dedef10ce6d881ad43ea196457a
Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when processing Shockwave 3D models. This can be exploited to cause a heap-based buffer overflow via a specially crafted Shockwave file. Successful exploitation allows execution of arbitrary code. Version 11.5.2.602 is affected.
505af33a6b87fd4467a4f73d2dc13b84c179cbf7f2e43dbcb79b688f70793e2f
MP3 Studio version 1.x universal local stack overflow exploit that creates a malicious .m3u file.
02cae41625ddecfe6ba7db667a91942dbe62aa1f936f122e3a2da1f45197e5b0
Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error when processing a certain Shockwave 3D block. This can be exploited to corrupt memory via a specially crafted Shockwave file. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
ee5b1897f238ae118309546dbdae38bb523fb26b557924829cf8636189565ea0
Debian Linux Security Advisory 1973-1 - Christoph Pleger has discovered that the GNU C Library (aka glibc) and its derivatives add information from the passwd.adjunct.byname map to entries in the passwd map, which allows local users to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
2c0040d6d3ae37a7b151bab40fb15ab222087de6846d4dcaf581e42f9a7bdb29
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system.
598b773c249af4228a7c112039d439c203d4c73f644fd92804a49573caa1f017
Secunia Security Advisory - Some vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to poison the DNS cache.
6062ea8d7c1b3387216ac764d409328af464204306e9678af1ce0264775a3d89
Secunia Security Advisory - A security issue has been reported in phpBB, which can be exploited by malicious users to bypass certain security restrictions.
9d75577a28f560bf41edf805dfb0de411a614f7a2f4e73be92c574731be03e45
Secunia Security Advisory - A vulnerability has been reported in AdvertisementManager, which can be exploited by malicious people to conduct cross-site scripting attacks.
4950433017065843d9de0f5b5065caea491b04cfd8b5bf13a2b3c891a6364aaf
Secunia Security Advisory - Tavis Ormandy has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
747986dde66ccda9a9a0ab3b4fb088c386d5619d32303f0370b25284a74b9695
Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a vulnerable system.
2b9a941cc3d12f14a438095a91187ee4fd3150b0ccee15c7d0d8937d52741a0b
Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to manipulate certain data and potentially perform certain actions with escalated privileges, and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and conduct spoofing attacks.
7a964cee15069baf708abc87570e3a7b148c9711d0c6a2ff032a42b403a50dd9
Secunia Security Advisory - A vulnerability has been reported in LookMer Music Portal, which can be exploited by malicious people to disclose sensitive information.
ea89eb3c6f06c92e689f225f1748d08c502b84b74ada0e0586b88452dbf354de
Secunia Security Advisory - A vulnerability has been reported in SAP Web Application Server, which can be exploited by malicious users to compromise a vulnerable system.
12a4c5b3339a8a13175511c5390c168f84bce4e9b554d329ad4f7ca6bc1f8794
Secunia Security Advisory - A vulnerability has been reported in SoftDirec, which can be exploited by malicious people to conduct cross-site scripting attacks.
7c3e0f5e1c15029eefe9f6e56cfde3f994dc39c01ebee8b25f97cac88777a5c9
Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Web Server, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.
7cc4ac331a7566f54d71685e583795b299c7007776d3fee987421bceac02fa2c
Secunia Security Advisory - Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
ef485557bd02fabdaa1bbff4d56353479cf2dc6aa32db29209e2694b21545ad0
The WordPress statspressCN plugin version 1.9.0 suffers from a stored cross site scripting vulnerability.
f6bd7dda63607ede5e4c13e0fc24faa70b7abb9bce55899b1ff2b68e12c7f8ee
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to disclose system information. manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges, and by malicious people to cause a DoS.
9503daca2321b53287aea383738a77c23a9c3bde65cb6f01783d8a0b0550122e
Secunia Security Advisory - Secunia Research has discovered eight vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.
926cae05aaa6921b5b526208b3725065757fdefbeac8f13a8bcb285624a9a2c4