what you don't know can hurt you
Showing 1 - 25 of 27 RSS Feed

Files Date: 2010-08-23

Mandriva Linux Security Advisory 2010-157
Posted Aug 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-157 - The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-3053
SHA-256 | b173a76939af6c5aad8e3c142be5be456997a18cbc9f297e473e41f0ed555dd9
Mandriva Linux Security Advisory 2010-156
Posted Aug 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-156 - The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file. Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow. FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted font file. Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File font. bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service via a crafted BDF font file, related to an attempted modification of a value in a static string. Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attackers to cause a denial of service via vectors involving nested Standard Encoding Accented Character calls, related to psaux.h, cffgload.c, cffgload.h, and t1decode.c.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-3053, CVE-2010-3054
SHA-256 | 9e90a6c7f677a8c24bc756a6cf54ad66e38c6abd8a3a89e4321e5004c57a68f1
Joomla Zoom Portfolio SQL Injection
Posted Aug 23, 2010
Authored by Chip D3 Bi0s

The Joomla Zoom component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bde49b41b81b0694b91ad98a9e30d782f88ac6721762452fcbff003bd48670c3
Link CMS SQL Injection
Posted Aug 23, 2010
Authored by hacker at sr.gov.yu

LINK CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f9a165a3716e7db0d95c1af2e8076d90de66233eb52e3e36257e6619022c3e49
AneCMS SQL Injection
Posted Aug 23, 2010
Authored by Sweet

AneCMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7dcc1ef4dcaee1ec2bee451b6c9718b602c9d6fa6c1a5aba36802c55690ac6a2
Ananta Gazelle CMS Local File Inclusion / Cross Site Scripting
Posted Aug 23, 2010
Authored by Sweet

Ananta Gazelle CMS suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | bde7546b0efdf21e28ac9f2cbf481393d25fd1b8153aa26dc8ec32f57ba140a8
4images 1.7.8 Remote File Inclusion
Posted Aug 23, 2010
Authored by LoSt.HaCkEr, aDaM_TRoJaN

4images version 1.7.8 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 92b6b16efd72a2eca7101d73a478eda04ca72ef7118af5a8671bdbde4d73f28f
X Zero Community Classifieds 5.2 SQL Injection / Cross Site Scripting
Posted Aug 23, 2010
Authored by indoushka

X Zero Community Classifieds version 5.2 suffers from cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | ee8bc5d957d3ef9b4ff637bbb2e1078a689222b8b6305b87a4032d0012595236
Video Script ASP Database Disclosure
Posted Aug 23, 2010
Authored by indoushka

Video Script ASP suffers from a database disclosure vulnerability.

tags | exploit, asp, info disclosure
SHA-256 | ba820fe2c4c454957f07e2bcdbd7544f831a5c670d411bfebcc5d36b003f846f
UblogReload 1.0.5 Database Disclosure
Posted Aug 23, 2010
Authored by indoushka

UblogReload version 1.0.5 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 215f7eb23e3b643d71a02371c5da1f31d16b90f3ce5f622c790758384aa55ab7
Joomla Biblioteca 1.0 Beta SQL Injection
Posted Aug 23, 2010
Authored by Salvatore Fresta

The Joomla Biblioteca component version 1.0 Beta suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 33c428cd3ada802505f237332a1470c5202e0ece4b1b0ca8bca89a2c33eb3c8a
Joomla / XOOPS Zina SQL Injection
Posted Aug 23, 2010
Authored by Th3 RDX

The Zina component for both Joomla and XOOPS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3e36fe435155c83fd6aefc587005e3204c1f429fa23f378a5e998b7ab71c7353
Secunia Security Advisory 41073
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for DeviceKit-power. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
systems | linux, fedora
SHA-256 | 3eddcfe7f5cc20b4c7a5e9817b7f884fe60e9b6fb922895abdeefd98f383aba8
Secunia Security Advisory 41069
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in FTPGetter Standard, FTPGetter Professional, and FTPGetter Professional Portable Edition, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f8718b69dee310b6102a673edf8ee5a00b7370c622a1211f790b34b3afec2545
Secunia Security Advisory 41077
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has acknowledged a vulnerability in uzbl, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, fedora
SHA-256 | 84248bcd692e493c24b4895ced6efe36ce37390db490c71edf7bfb456b7efe5d
Secunia Security Advisory 41075
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for phpMyAdmin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | b70c60dc3a2096660a52d9770e5e8e07449f9b1e5f023291e7a30c0672e106f6
Secunia Security Advisory 41036
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in netStartEnterprise, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | c18539d98b7742b324a9db9be71f0e30eddce69c320babce2af64a346f306a7f
Secunia Security Advisory 41059
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the JPodium component for Joomla!, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 9ac02e8c9a6693e2417e2e48e987c3717150651d44864d457fd24eed94112b07
Secunia Security Advisory 41066
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in 3D-FTP, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 12ac2dab5354a41952d5acbd6f3df5a3e29a4492651ef616a5bb2f38cda56a93
Secunia Security Advisory 41067
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Auto FTP Manager, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 56a1d097d59c209ecfd3e8c3c5e07a7c207e34fe8c7c96ac986c0891e4f66a2e
Secunia Security Advisory 41068
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in MAXdev MD-Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 6250a4737ff4c38d778286eb409c411aa6fe0829250d8464ecb830c80712d09f
Secunia Security Advisory 40792
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in libgdiplus for Mono, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | 49dcf44d5a071c5c9cfc442c23fa4015312fb941d53ba8b3903078a320117761
Secunia Security Advisory 41037
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for lvm2. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, debian
SHA-256 | 2b4745fe5a22926a6756e028984651bd932bac57848c2831b6d5353f68751262
Secunia Security Advisory 41045
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - l3D has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | windows
SHA-256 | 588fb54b826666832fa950627f95b4c0803721df67da001e7c776634aacdb3fd
Secunia Security Advisory 41057
Posted Aug 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Content Integrator, which can be exploited by malicious people to disclose system information or potentially sensitive information and cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 3f0ab2c26e94fd0e5e63142b9c4e7e0c80f8e9dfc4085856cff2df328bce1200
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close