Secunia Security Advisory - Canberk BOLAT has discovered a vulnerability in webERP, which can be exploited by malicious people to conduct cross-site request forgery attacks.
c59fd9fcc87569bdb30695328b95e878044a249f9d11bb03fc2d00b95deb0342Secunia Security Advisory - Red Hat has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
35b4331de007650a2e143414edb7391e33711b6e10ac7040f28562bac6f5ff8dSecunia Security Advisory - A security issue has been reported in Cerberus FTP Server, which can be exploited by malicious users to bypass certain security restrictions.
725becbe00ae7390a9267f4add8a8688dc327cf9ab3d46c83cd92211244d1891Secunia Security Advisory - Two security issues have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information or compromise a user's system.
6f5f34b4ad2bfeea625dca05378a62d4055a72b1f2f191b0dc3d4f6e14d0dc48Secunia Security Advisory - Some vulnerabilities have been discovered in Flash Slideshow Maker, which potentially can be exploited by malicious people to compromise a user's system.
90146bac392f9378b0fb0eceda6ddea544c379189736bec41bfb57674f36edc2Secunia Security Advisory - SUSE has issued an update for samba. This fixes a security issue, which can be exploited by malicious, local users to disclose potentially sensitive information and potentially gain escalated privileges and a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
27e3650afbd7188bd9f68c0865ece8f03479ea585644d85fa245d603ae4cd942Secunia Security Advisory - A vulnerability has been reported in TortoiseSVN, which can be exploited by malicious people to conduct spoofing attacks.
6b73f7062c2e4b78f09895a86949e725b0fbd0281ef9a3642533164cc8193d69Secunia Security Advisory - SUSE has issued an update for java-1_6_0-ibm. This fixes multiple vulnerabilities, where some have an unknown impact and others can potentially be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), or compromise a vulnerable system.
c5a5067ecea7f34e8ae8658f770010799e44002e29f5ca152aa7929d70bd3c97Ubuntu Security Notice 956-1 - Evan Broder and Anders Kaseorg discovered that sudo did not properly sanitize its environment when configured to use secure_path (the default in Ubuntu). A local attacker could exploit this to execute arbitrary code as root if sudo was configured to allow the attacker to use a program that interpreted the PATH environment variable.
3037de18c813969c11a9138193a5c6d4ce5ee796f319b9f4908916e348a376d4Ubuntu Security Notice 930-3 - USN-930-1 fixed vulnerabilities in Firefox. Due to a software packaging problem, the Firefox 3.6 update could not be installed when the firefox-2 package was also installed. This update fixes the problem and updates apturl for the change. If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.
d96e955e633c21c2b944cddb9d5f07a0fd30a9997df75ae04a38e81f45a41e0c102 bytes small disable ASLR security Linux / ARM shellcode.
520d236fa1dfb1562d34c69e8d596039453ef6a1a483848217601172fa478804Sumatra PDF Reader version 1.1 denial of service exploit that creates a malicious .pdf file.
c44ea0b92225e6341cf08efb459f66ecb0dacf1b55b5476959f908d23e3c8e2eThe Joomla MyBlogController component suffers from a local file inclusion vulnerability.
7c4a00dea124fe8ec630b536a788d4005ea4a20b37305106e1430b4d71b0d8fbNinkoBB version 1.3RC5 suffers from a cross site request forgery vulnerability.
2f56c197ddd4f551d855ddfa273d724e5cc806bb6b9c56d252ae2e9cf1c4e79aVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the "pushstring" (bytecode 0x2C) or "debugfile" (bytecode 0xF1) operators while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
3f7e4dc92a22736fa3f589280444532f96662b13632121646cf4611724de1e88VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the "newfunction" operator (bytecode 0x44) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
f58254d5f3b6d1cf52f6ca52d6734189e636869959d57a022821cc9dd7a79d37VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the "newclass" operator (bytecode 0x58) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
5a3c27f58ef22d53f3392d94eb0a1d0dd91137e0e4134b00ed239e9e8f93b6f4VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a buffer overflow error when processing the undocumented #1023 (3FFh) tag while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF.
8e98145038703e76381839f70aa51a5e4815fb736906a31bf3122300f82893d7Your Photo Store suffers from a remote shell upload vulnerability.
9e9dbe001bef7df831fa79c2a4f4a5e766621284066d45661e6ada519f419746Web Design Noida suffers from a remote SQL injection vulnerability.
149c0de4c3e81564f8a769b2818ffe83d5664c00d494bdba92bed6a84c51012fDigital Whisper Electronic Magazine issue 10. Written in Hebrew.
1c1b93c810d19a1b70c9058a74d56615397c84028833fb5a23729144b1c6de72Zero Day Initiative Advisory 10-116 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a PDF file containing a malformed CLOD Progressive Mesh Continuation Resolution Update. Specific values can cause a memory corruption during floating point operations which can be subsequently leveraged to achieve arbitrary code execution under the privileges of the current user.
fb6f837ab29506719db7c2c404526251209e476229efaa2a32568558edb91ad3Secunia Security Advisory - Multiple vulnerabilities have been reported in Kolab Server, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct spoofing attacks, gain access to potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
ea600cbe327c4f9a94d4f214097c0858ebbc436feeb93b174f30be55b1ba4f12Secunia Security Advisory - Fedora has issued an update for lftp. This fixes a weakness, which can be exploited by malicious people to bypass certain security features.
9b53c278446b67f8b30a72e995e17d60fa30c9553bf8d8f50803006ef1a1e7c7Secunia Security Advisory - Fedora has issued an update for kvirc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
d9322c4dc9d6a10c60e3ff68f32163bc314b80ae83f35a7a122c12bae961aa68
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed