Secunia Security Advisory - A vulnerability has been discovered in Mihalism Multi Host, which can be exploited by malicious people to conduct cross-site scripting attacks.
59c5602dd7e17c5387218c43b8723c802115d417c798c8dec3905e91c29f166cSecunia Security Advisory - A vulnerability has been discovered in IZArc, which can be exploited by malicious people to compromise a user's system.
55bf8dfb47730edd08a8e37db54b826d2d7ff04ea227db615e8e23a3a11613baSecunia Security Advisory - A vulnerability has been reported in Cisco Packet Tracer, which can be exploited by malicious people to compromise a user's system.
1878231cbf97dfd7bb144f77d2441b84b09ce1208f54f69bea9a84248d7720ebSecunia Security Advisory - A vulnerability has been discovered in Roxio Media Creator, which can be exploited by malicious people to compromise a user's system.
9f4e57aed5f4cd78f4b9061958c9989fadf3a9cc363f2e4cc9309bafca5050bcSecunia Security Advisory - A vulnerability has been discovered in PKZIP, which can be exploited by malicious people to compromise a user's system.
925f1eab18cc78e5425b6e2469aaecbe8653f77fff3fe26e4db1daca1a1d2ab4Secunia Security Advisory - Eskarina Smith has discovered a vulnerability in Auto CMS, which can be exploited by malicious people to compromise a vulnerable system.
30bd0e40b39d15569c741461140f2ccddd74e046bcb9ad0c45c2d7479519868cSecunia Security Advisory - A vulnerability has been discovered in Webmatic, which can be exploited by malicious people to conduct cross-site request forgery attacks.
611f5b1675f113f3b604940df5d0956e641babf96b3d1f8e78d1414049b7dfefSecunia Security Advisory - High-Tech Bridge SA has discovered some vulnerabilities in Target CMS, which can be exploited by malicious user to conduct script insertion attacks, SQL injection attacks, and disclose sensitive information and by malicious people to conduct cross-site scripting attacks, SQL injection attacks, and disclose sensitive information.
ddfec899b1ab1c50035314d560df9740f497f8e8be528d6f1b136dffbc4dceadSecunia Security Advisory - A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system.
0d00c1b4e675c7bd4b30d074129ba67d2f1b86dc46ab68cc539ea4b959a1cc55Secunia Security Advisory - Two vulnerabilities have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
ee65adfc9275f91ab1b1732ee32ef40a5402278daf6d470422f65ba26e850748Ubuntu Security Notice 977-1 - It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
f538172b30fc98a58580052fdd4fd67f69c60186f5886f382b323b4806770858Cisco Security Advisory - Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
a2d98d925e13eeb5d472669ec7bf4946d776200c5a12e9cda576c4f23cb8884bCisco Security Advisory - Cisco Unified Presence contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of presence services. suffers from a denial of service vulnerability.
fd10881632bee7f401d9c0d239da6fd842c0cb2063228aef9d9abbf7cd795342Google Earth version 5.1.3535.3218 DLL hijacking exploit that leverages quserex.dll.
8269c17266ece92c5ebee258170f27e2afc30fbeda782866d4eba29a1241b3beNullsoft Winamp version 5.581 DLL hijacking exploit that leverages wnaspi32.dll.
4d95a031560cb1a18e6c908c0decf1141e2f7ed0b36e6a081ddfed39de031cb2Microsoft Office PowerPoint 2007 version 12.0.4518 DLL hijacking exploit that leverages pp4x322.dll.
659757bcae543efbf80e8f8f6f717651711f63ea94892914845ab4013c3f0853This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DIRAPIX module responsible for parsing the RIFF-based Director file format. When handling the mmap chunk, the process trusts the chunk size immediately following the fourCC value. It is passed to Ordinal1111 exported by the IML32X module which is responsible for allocating a heap buffer for processing the rest of the chunk. If an incorrect size is provided, later memory copies can corrupt data beyond the allocated buffer. This can be abused to execute remote code under the context of the user running the web browser.
81e8ba67b1a1a3b42dc58319b1e12d7d52164ce3c75ee9898b373eeafb8c25bbThe GFI WebMonitor administrative interface suffers from a remote script code injection vulnerability.
e759d7240347b5d2e90c6c08c5d87afae48474ff41901286e4df0ca8ca2ec635Secunia Security Advisory - A security issue has been reported in SSSD, which can be exploited by malicious people to bypass certain security restrictions.
6b13df3817c7e6eed732be0ad89e03cbca6deceb0ab05cc1c6a3f4247b50b684eSitesBuilder suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.
9ddb9f8ee3dbfbca251be71bd7f8cd3c8174dd85d260f70d2cf5549fe3d5b859Media Player Classic version 6.4.9.1 DLL hijacking exploit that leverages iacenc.dll.
6d9a6980de12fdd13d47ce9d5c352dd814f744329403ea133224351f75adab74cvechecker reports about possible vulnerabilities on your system by scanning the installed software and matching the results with the CVE database. This is not a bullet-proof method and you will most likely have many false positives, but it is still better than nothing, especially if you are running a distribution with little security coverage.
5d43fb948d296ce79943d6b84634a90f68d6a566816163a8756bd4f272f9b566Ubuntu Security Notice 976-1 - It was discovered that Tomcat incorrectly handled invalid Transfer-Encoding headers. A remote attacker could send specially crafted requests containing invalid headers to the server and cause a denial of service, or possibly obtain sensitive information from other requests.
c49a0ef250ba4b756e90aad4b96a7cf91f66b6d92e371674186a3b60746823f0Corel PHOTO-PAINT X3 version 13.0.0.576 DLL hijacking exploit that leverages crlrib.dll.
811fda6346ea715a28ba39414e668f74d982441c3b608161752866b780c8f6beZero Day Initiative Advisory 10-165 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trend Micro Internet Security Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the UfPBCtrl.dll ActiveX control. The extSetOwner function accepts a parameter and assumes it is an initialized pointer. By specifying an invalid address, an attacker can force the process to call into a controlled memory region. This can be exploited to execute remote code under the context of the user invoking the browser.
07b138612875eae7ce6e5d1402d90d0d0a8f23d8d53ab9b3da1751e280f46d7a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed