Sonexis ConferenceManager versions 9.2.11.0 and 9.3.14.0 suffer from multiple cross site scripting vulnerabilities.
de6e4d3b5961ca6b8c0771fb8c0bbb98a1eca1d8a74a30f719e8e3999f27a287Whitepaper called IDS For Grid and Cloud Computing - An Explanation On Inner Workings and Construction.
354c2e231ed017ede385cce2677f5f85c42d60193ffade2d867a26e4e3caf1b6Ubuntu Security Notice 1107-1 - Sebastian Krahmer discovered that the xrdb utility incorrectly filtered crafted hostnames. An attacker could use this flaw with a malicious DHCP server or with a remote xdmcp login and execute arbitrary code, resulting in root privilege escalation.
2aead4c5c3997792e40047475fdd54a49a7f75e90e4569be899aaca5b57c23ccMadni Designers Web Portal suffers from a remote SQL injection vulnerability.
9258bd9a30ad287c1afb42822d53395a5d63a97d41c909918dce216e6ea22776Changes introduced into Apache Tomcat version 7.0.11 to the HTTP BIO connector to support Servlet 3.0 asynchronous requests did not fully account for HTTP pipelining. As a result, when using HTTP pipelining a range of unexpected behaviours occurred including the mixing up of responses between requests. While the mix-up in responses was only observed between requests from the same user, a mix-up of responses for requests from different users may also be possible.
501487f42ce2fb5f3296da2502f12843f17bb597d28ef9115797ae26e604495dA regression in the Apache Tomcat version 7.0.11 fix for CVE-2011-1088 meant that security constraints were ignored when no login configuration was present in the web.xml and the web application was marked as meta-data complete.
f6b2b096dcc36a205b8bfec2257398759e64fec7afb1afb2949dc551b477a0f8Sonexis ConferenceManager version 9.3.14.0 suffers from a remote SQL injection vulnerability.
37aba3b355976382ff4224b89f1bb3b7b846ece9b9010e83d7b60d3569629382Ubuntu Security Notice 1106-1 - It was discovered that several invalid HTTPS certificates were issued and revoked. An attacker could exploit these to perform a man in the middle attack to view sensitive information or alter encrypted communications. These certificates were marked as explicitly not trusted to prevent their misuse.
a2faec13d225df49225a484c607ff696ed18dac58d338a46a02900253e26633eThis whitepaper is part two of Web Application Vulnerabilities in Context of Browser Extensions. This particular paper focuses on Opera.
14d8aff7c62756ff9159a423beaf3b612f50231e9c41339bc28c5792fd2df2c3MPlayer version r33064 Lite buffer overflow exploit that creates a malicious .m3u file that spawns calc.exe.
ad1c11a4d46279c220e1ea74ac41d03d47409cf95440dbd460bc785d4047ee3aAnfibia Reactor version 2.1.1 suffers from a cross site scripting POST injection vulnerability in login.do.
586debeac011f1b5df9fe27f6bebf0c0142a76112f15487253577175eb3505c0Mandriva Linux Security Advisory 2011-067 - The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service via a request that contains a lock token. Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version.
3cec616a438351034abd1c3dda5c73b15ac0e5c808ea9988cf3f894ae6f07cdaRedmine versions 1.0.1 through 1.1.1 suffer from cross site scripting vulnerability.
b9c003bf49679bb4af9c7f4e23661309917656fb9653e18a636258cb8ccf07bcAn ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.
b678a0b413550ec37fd50aa3338c0642a3b7f81dcdd9c330b6d7ffb73e786564Secunia Security Advisory - Two vulnerabilities have been discovered in qooxdoo, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information.
b4902408226cf6b0edf9de60e1a450091cd416d7a183fa3b2c74f0803571f4d6Secunia Security Advisory - Two vulnerabilities have been reported in Netgear ProSafe Wireless-N Access Point WNAP210, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions.
16f8c33879142d8ca6ecee3e96b38e2fb27996144d96f6e7b26754790d5af157Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in TutorialMS, which can be exploited by malicious people to conduct SQL injection attacks.
6d78ecf3c4f4ba11ee32d9076f8401593b04763b0aca34a5a8ef4116537890acSecunia Security Advisory - Red Hat has issued an update for glibc. This fixes some weaknesses and a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to compromise a vulnerable system.
0376efbbc2a850ee0f18dab4843bf4e948df99cec5315b93ef83a91c7013ee60Secunia Security Advisory - A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks.
ca765724a628d13f5bca44072f22961d1314d599a946849c49219604996776dcSecunia Security Advisory - A security issue has been reported in Solaris, which can be exploited by malicious, local users to disclose sensitive information.
5b5037812e8a85d3cd5d2841a7eb97ed76c99704b4e7ba64884a02dc19d34dcfSecunia Security Advisory - Red Hat has issued an update for glibc. This fixes two weaknesses and a vulnerability, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system.
e5a41013386aa89ca287ef33a2f230fd8ece44f2106fad47ca53b27107caeab6Secunia Security Advisory - A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to compromise a vulnerable system.
d17e3d016c705e08eb45bb94ba7ab93021cf70f87904b614ff3ed724a7f0f4c2Secunia Security Advisory - A vulnerability has been discovered in UseBB, which can be exploited by malicious people to conduct cross-site request forgery attacks.
788a6e439e717e2c7ffa38c2028ad4b768d73c1f1df709561adbd7cf3a6293c1Secunia Security Advisory - A security issue has been reported in X.Org xrdb, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
c92cb417cdc289d6e15db23587746ac9e586cccc57046544afe1f68246cfd459Secunia Security Advisory - Fedora has issued an update for gdm. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
7f3750c21ebc23c084b71524d2541aa69f1236da3725dc120925d7ab62c14afb
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed