Mandriva Linux Security Advisory 2010-019 - An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip. The updated packages have been patched to correct this issue.
ff10bc8eca9a6a43d582662f4c5151e1182d17005b3fe1edbc0e40b347c70185KloNews suffers from a cross site scripting vulnerability.
f6277c13d0d9ef8a733fc7b172fd1649109bbdde68a10c1d454137aa94e234dcSecunia Research has discovered two vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by two integer overflow errors when processing Shockwave 3D models. These can be exploited to corrupt heap memory via specially crafted Shockwave files. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
17d57c1485e5cf9ef58b9f14925858958264e555b5c7bbdb27ea51453dfade52Cisco Security Advisory - The SSH server implementation in Cisco IOS XR Software contains a vulnerability that an unauthenticated, remote user could exploit to cause a denial of service condition. An attacker could trigger this vulnerability by sending a crafted SSH version 2 packet that may cause a new SSH connection handler process to crash. Repeated exploitation may cause each new SSH connection handler process to crash and lead to a significant amount of memory being consumed, which could introduce instability that may adversely impact other system functionality. During this event, the parent SSH daemon process will continue to function normally.
1d874dbf5d6f487281bc53e2314997329cf1a5a306a003e3d2762a43c3fd8a06The Joomla ACProjects component suffers from a remote SQL injection vulnerability.
bafdd4923b15f4328ba20bd35036373f9d7871ad52660905d5a7f57e1f811bd6Debian Linux Security Advisory 1974-1 - Several vulnerabilities have been found in gzip, the GNU compression utilities.
e397141f9be1ae80a34d9e6ea6e578ba79705dedef10ce6d881ad43ea196457aSecunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when processing Shockwave 3D models. This can be exploited to cause a heap-based buffer overflow via a specially crafted Shockwave file. Successful exploitation allows execution of arbitrary code. Version 11.5.2.602 is affected.
505af33a6b87fd4467a4f73d2dc13b84c179cbf7f2e43dbcb79b688f70793e2fMP3 Studio version 1.x universal local stack overflow exploit that creates a malicious .m3u file.
02cae41625ddecfe6ba7db667a91942dbe62aa1f936f122e3a2da1f45197e5b0Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error when processing a certain Shockwave 3D block. This can be exploited to corrupt memory via a specially crafted Shockwave file. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
ee5b1897f238ae118309546dbdae38bb523fb26b557924829cf8636189565ea0Debian Linux Security Advisory 1973-1 - Christoph Pleger has discovered that the GNU C Library (aka glibc) and its derivatives add information from the passwd.adjunct.byname map to entries in the passwd map, which allows local users to obtain the encrypted passwords of NIS accounts by calling the getpwnam function.
2c0040d6d3ae37a7b151bab40fb15ab222087de6846d4dcaf581e42f9a7bdb29Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system.
598b773c249af4228a7c112039d439c203d4c73f644fd92804a49573caa1f017Secunia Security Advisory - Some vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to poison the DNS cache.
6062ea8d7c1b3387216ac764d409328af464204306e9678af1ce0264775a3d89Secunia Security Advisory - A security issue has been reported in phpBB, which can be exploited by malicious users to bypass certain security restrictions.
9d75577a28f560bf41edf805dfb0de411a614f7a2f4e73be92c574731be03e45Secunia Security Advisory - A vulnerability has been reported in AdvertisementManager, which can be exploited by malicious people to conduct cross-site scripting attacks.
4950433017065843d9de0f5b5065caea491b04cfd8b5bf13a2b3c891a6364aafSecunia Security Advisory - Tavis Ormandy has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
747986dde66ccda9a9a0ab3b4fb088c386d5619d32303f0370b25284a74b9695Secunia Security Advisory - Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a vulnerable system.
2b9a941cc3d12f14a438095a91187ee4fd3150b0ccee15c7d0d8937d52741a0bSecunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to manipulate certain data and potentially perform certain actions with escalated privileges, and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and conduct spoofing attacks.
7a964cee15069baf708abc87570e3a7b148c9711d0c6a2ff032a42b403a50dd9Secunia Security Advisory - A vulnerability has been reported in LookMer Music Portal, which can be exploited by malicious people to disclose sensitive information.
ea89eb3c6f06c92e689f225f1748d08c502b84b74ada0e0586b88452dbf354deSecunia Security Advisory - A vulnerability has been reported in SAP Web Application Server, which can be exploited by malicious users to compromise a vulnerable system.
12a4c5b3339a8a13175511c5390c168f84bce4e9b554d329ad4f7ca6bc1f8794Secunia Security Advisory - A vulnerability has been reported in SoftDirec, which can be exploited by malicious people to conduct cross-site scripting attacks.
7c3e0f5e1c15029eefe9f6e56cfde3f994dc39c01ebee8b25f97cac88777a5c9Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Web Server, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.
7cc4ac331a7566f54d71685e583795b299c7007776d3fee987421bceac02fa2cSecunia Security Advisory - Some vulnerabilities have been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
ef485557bd02fabdaa1bbff4d56353479cf2dc6aa32db29209e2694b21545ad0The WordPress statspressCN plugin version 1.9.0 suffers from a stored cross site scripting vulnerability.
f6bd7dda63607ede5e4c13e0fc24faa70b7abb9bce55899b1ff2b68e12c7f8eeSecunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to disclose system information. manipulate certain data, cause a DoS (Denial of Service), and potentially gain escalated privileges, and by malicious people to cause a DoS.
9503daca2321b53287aea383738a77c23a9c3bde65cb6f01783d8a0b0550122eSecunia Security Advisory - Secunia Research has discovered eight vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.
926cae05aaa6921b5b526208b3725065757fdefbeac8f13a8bcb285624a9a2c4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed