Metinfo version 3.0 suffers from cross site scripting and file disclosure vulnerabilities.
7f319f2402a28e5e4096eaa10b19faff0ce156e97e765e047a4884bd747ffe1bAtarim CMS suffers from a remote SQL injection vulnerability.
404615916cf6955ea5457e55e3d505e04df0ec50c688cd1444348ab446942a69XT:Commerce versions prior to 3.04 SP2.1 suffer from a cross site scripting vulnerability.
cbb8958ae755239b45a683362f3b5c3c00587f78d4ed6c34364a131c6c388c2cApple Directory Services suffers from a memory corruption vulnerability.
8481c28235d20fa0485ba7450f678bb97a628f8d197b96a6443f807b2cf74e70MP3-Nator version 2.0 buffer overflow exploit that uses SEH.
c335135c6b41d9b95eeeda603689e81445e46de5a906f21a2827dfa74a0b506bSecunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an array-indexing error when parsing Sorenson Video 3 content and can be exploited to corrupt memory during decompression via a specially crafted file. Successful exploitation may allow execution of arbitrary code.
e114b679b8b2a77228eda194e3cac070aeb1c50ddabcdbb4ade3ae86857bb33eCore Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: The Landesk web application does not sufficiently verify if a well-formed request was provided by the user who submitted the request. Using this information an external remote attacker can run arbitrary code using the 'gsbadmin' user (that is the user running the web-server). In order to be able to successfully make the attack, the administrator must be logged in to the appliance with the browser that the attacker uses to make the attack (for instance, exploiting a XSS in a different tab in the browser).
3dc2b0c9c31c4becfd753be92f87f46eef1496e094193a2f7775f7b49bd1734bMandriva Linux Security Advisory 2010-226 - ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field. The updated packages have been upgraded to 4.1.2 which is not vulnerable to this issue.
4922bf5e49738648e35510aa4a2ea9668d75610f78d049af534d2393734212b8eBlog version 1.7 suffers from multiple remote SQL injection vulnerabilities.
1a2cfd3278dbeda4157eb5b3fbc85a0cca754a64c1bc18f52e9b73ac95b5b61fUbuntu Security Notice 1016-1 - Bui Quang Minh discovered that libxml2 did not properly process XPath namespaces and attributes. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.
42391e777177980eaa8a5166d54d647c74cbbfd5c179c16b35279e026478183fUbuntu Security Notice 1015-1 - Christoph Diehl discovered that libvpx did not properly perform bounds checking. If an application using libvpx opened a specially crafted WebM file, an attacker could cause a denial of service or possibly execute code as the user invoking the program.
3d7f3698fdd765644a29b164662bfb4cf37221e935597d1b1ca3cd7f365c3935vBulletin Downloads FileInfo suffers from a remote SQL injection vulnerability.
5a1f9cba7d1877678b412adcfd181ae8d615cb3784c52e11c6d21277ca0e477aThe Babylon online dictionary and translation software fails to sanitize user input before rendering it on the Trident control, effectively leading to a cross-application scripting vulnerability. The Trident control runs in Local Machine Zone (LMZ) which is not Locked down and due to this the vulnerability can allow for code execution.
521bd04a9d93d3243cb54ea1da35796ea3e0170a38c45bee3986db191b659c09Ganesha Digital Library version 4.2 suffers from a remote SQL injection vulnerability.
be422c82ab9b717f734b92a528468b6a145c36d9d26759a2997218d163e9861eACROS Security Problem Report #2010-11-10-02 - A binary planting vulnerability in Microsoft Word 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
39cad8e7dbdb46dd9950300db060a957a65f86625e02967c627e6fd585188855ACROS Security Problem Report #2010-11-10-03 - A binary planting vulnerability in Microsoft Excel 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
372b067ad956bff5c5fe8c059ec5b674e34786161a23b90e60aea1fcf580aa01ACROS Security Problem Report #2010-11-10-01 - A binary planting vulnerability in Microsoft PowerPoint 2010 for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
a329c4134ecfbda8db94bc668a6c672d4361d55bd4c8152e98d15e161f6e7be7Mandriva Linux Security Advisory 2010-225 - A vulnerability was discovered and corrected in libmbfl (php). The updated packages have been patched to correct these issues. The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream patch.
2203cef88168e2a77c3c7b7ba0c8963ffdbbd9e4cd234e5ebd370f2a7b74d1adGNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
f00861ee6f7e585ce9d2ae6ddb5901a650f59a99fd2152c83e5a17a2c9369cf7Qtweb Browser version 3.5 suffers from a buffer overflow vulnerability.
0d8a567b27cb86e07b0971e9019ea85575a9f07cd1427dcee9e58f28278ba618Ricoh Aficio Web Image Monitor version 2.03 suffers from cross site scripting and redirection vulnerabilities.
9cb8a3f297c5e5664ca6551ba861cee32ff3b727dc04c87fa31e1cc0c6f6332fFCKeditor versions 2.4.3 and below suffer from an arbitrary file upload vulnerability.
920c992916ff6edc7e82d97321249e6a3fbb8bce83280449881f67dcc1433d8bFree CD to MP3 Converter version 3.1 buffer overflow exploit leveraging SEH.
e6e553c4fd82afaa40ad6292f49dd709214d217833d58db95041e429d9616f49Free CD to MP3 Converter version 3.1 buffer overflow exploit.
ca000b5840fc351b5afa8e17bfb99c1a3a34496fad529ed37eb2374ad5901ca3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed