1024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from a directory traversal vulnerability.
3be2f44cf76e5ae7fd20ecc2e29adc30229ad16974dd5ac1a6083b763d488d8eMandriva Linux Security Advisory 2011-071 - kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702. Additionally it was discovered that kdelibs4 for 2009.0 was using an old private copy of the ca-bundle.crt file containing the root CA certs, this has now been resolved so that it uses the system wide and up to date /etc/pki/tls/certs/ca-bundle.crt file last updated with the MDVSA-2011:068 advisory.
ca74073a54bdf3fa6ed44368aeb87bf7fa79b29e76ea5a6dff0258a6cfd9f7fdMandriva Linux Security Advisory 2011-070 - GNOME Display Manager 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a face icon file under /var/cache/gdm/. The updated packages have been patched to correct this issue.
0f118fb359865e8ede51fb480d81a21ec3b20361b945d201f83a80eb5aee21c4Fiberhome HG-110 routers suffer from cross site scripting and local file inclusion vulnerabilities.
25b1b59839207535d1b10fdda49adf6dd271eec45326a77d87756b0b77bb02e41024cms Admin Control Panel version 1.1.0 Beta Master-cPanel package suffers from cross site scripting vulnerabilities.
ee30cc9ef6e3c2fbccfc4751f4a67c2589a0bea5b4988189e37b6e9bbbb7287d1024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from cross site scripting vulnerabilities.
8cf4b9bea8adf52595b36b697b381a16521a1d20af19ec4ee2bc7ebe2230c924Live Wire Edition theme version 2.3.1 for WordPress suffers from cross site scripting, denial of service, path disclosure and abuse of functionality vulnerabilities.
79b89bb2c36ba7e839e6894861693e23d1bfac75cb85db1f03d2104a7ce96832Mandriva Linux Security Advisory 2011-069 - It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php.
4ddd0bc9be0cce6a362be1bdc7eb82ad31d1d7d9b1b1227994b66c3ddc1352111024cms Admin Control Panel version 1.1.0 Beta Master-cPanel package suffers from a local file inclusion vulnerability.
7975b0f9f1c6865f41f7054ad4a84e1a382158deff42c3fd8fde2fef9aa1a5d6This Metasploit module exploits a vulnerability found in AOL Desktop 9.6's Tool\rich.rct component. By supplying a long string of data in the hyperlink tag, rich.rct copies this data into a buffer using a strcpy function, which causes an overflow, and results in arbitrary code execution.
575398da23b144e83224a7732459cb00c12c5012deeba1c3667a78c5a47f47141024cms Admin Control Panel version 1.1.0 Beta Complete-Modules package suffers from local file inclusion vulnerabilities.
fa4242a228ac0874e96bc27bc2c4b836686a7cdf15990449815adda1a30be809Post-Newsweek Media CMS suffers from a remote SQL injection vulnerability.
5bf56b5de3bb5440ac2789625e71af361d3fe7d2f2082276208abe9770e10bccSecunia Security Advisory - SUSE has acknowledged a vulnerability in the pure-ftpd package for SUSE Linux Enterprise Server, which can be exploited by malicious, local users to gain escalated privileges.
a4190e8e805f0c817f46542f4f42aff5fcb61412698da4e27fd772e53742ec8cSecunia Security Advisory - Multiple vulnerabilities have been discovered in GreenPants, which can be exploited by malicious people to conduct SQL injection attacks.
35abf734d642c8b023c1e00914099365b9b405ff4d77e963479a1494d3ab3e19Secunia Security Advisory - A vulnerability has been discovered in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
2a4a63d1ab9b61462dc05cb8908430aef73dbf6ad0fb0d62d6bb2a995b686e01Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
805e46ebbe929bbd2de95eaddfec8a87a4154fc2e430f4ea1a3387ce578a9315Secunia Security Advisory - Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
293e7e3b8274befd8c9011a666dcddd1ce26b06fd45190accb2530fdac056dcaSecunia Security Advisory - Slackware has issued an update for dhcp. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
270d38b57415eeb3120ee8bb90a6d9c850fe35458619ded8bc69be53ed6cd5d3Secunia Security Advisory - Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
e3833abb0a56c1f82de266e4b355b70221eae718338b51873b8ab41997fa8b4bSecunia Security Advisory - Ubuntu has issued an update for x11-xserver-utils. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges or by malicious people to compromise a vulnerable system.
1f090e68af92b90c65ab04c28367d0705f16c6a93324293c67037307f59c5822Secunia Security Advisory - Some vulnerabilities have been reported in Moonlight, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security features, and potentially compromise a user's system.
f85a84ea4f8e38a6016bbddd3a35a8c8bb2f41baa65352623c046b9bf817ce1aSecunia Security Advisory - Mesut Timur has discovered a vulnerability in Redmine, which can be exploited by malicious people to conduct cross-site scripting attacks.
816818911d69c079cc7f733d92d63e2c8e1745695d73e9aa2e97a80fd09ffb62Secunia Security Advisory - SUSE has issued an update for telepathy-gabble. This fixes a vulnerability, which can be exploited by malicious people to conduct hijacking attacks.
1869ae77c7888ca2b60b6c8a1910a99abdd56f0a4481163d06bb713ce15b2a37Secunia Security Advisory - Fedora has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
452c73d3fd153c2a4f29893e07c42c301037b0caa27b3afe22de5e82821ab26dSecunia Security Advisory - Debian has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
4c89f23e73f2037e689469d04ed9de755cb621eacea638924208aa0a035e8fee
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed