OpenMyZip version 0.1 suffers from a .zip file parsing buffer overflow vulnerability.
e000f9b93dfd3a47dbaee9587785d5fe83e4dc6f8418c3eecb61d93e3c2a37d9Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
8cfcaadd7c2fa3fbbc336cd0f9df387364f3db42933d4f085b39926cb2e0d2aeMandriva Linux Security Advisory 2011-082 - Multiple vulnerabilities have been found and corrected in python-feedparser. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas. feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service via a malformed DOCTYPE declaration. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments. Cross-site scripting vulnerability in feedparser.py in Universal Feed Parser 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI. The updated packages have been patched to correct these issues.
e71a73bc07b958a000011bac9bf9924d0241b15dd54914ceb4ddfebd3a0a6670Mandriva Linux Security Advisory 2011-081 - Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a dot dot in the name attribute of a file element in a metalink file.
fc127713d8ef1e9a75c6a5226437ea6403cc42a9d2d302d3f21f67e296f07e1a74 bytes small Win32/XP SP3 StarWars movie shellcode.
fe12c9745febfbe9e02484775bfe4c3c13748bbb88d18692e30151b1c897c5f156 bytes small Win32/XP SP3 shutdown windows shellcode with a 30 second timer.
32a5d9489d35c679c592e0fb1602236045f377eea5231a18ac09a65aa409699650 bytes small Win32/XP SP3 cmd.exe shellcode.
f9ce8650ff072c4452e279d57119391623ec6f2bfb5aa5f40d7f1cbfcaf6a0c352 bytes small Win32/XP SP3 windows magnifier shellcode.
9fb60a79610c653ff4e27aeed6d85eb49fc41ab5b31e6d94c836f48edd801eecDebian Linux Security Advisory 2230-1 - Two vulnerabilities have been discovered in KVM, a solution for full virtualization on x86 hardware.
61ae493a42caf194662c3546704f4d2f3505ccec3866ac23397b6dc45d9e1095Oracle AS Portal 10g version 10.1.2 suffers from cross site scripting vulnerabilities.
01be71d80b7fe81294b6d74a1e6891d5fdc895d42564fa1b40b6c153a2cb4167Ubuntu Security Notice 1127-1 - Evan Broder discovered that usb-creator did not properly enforce restrictions when performing privileged disk operations. A local attacker could use this flaw to perform certain disk operations, such as unmount arbitrary mountpoints.
de314acad232a79f2909333ed42107e763ccec15776eb8316617d961dd2888d9The OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
7ee94f3a56f6254df39925a07ec62e26c9589c0323659c91919e45215efa510fRegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.
b7ae9e5c13f949ef958da4cba741067516bbc4c2800e033ff0d6ad4506945406Debian Linux Security Advisory 2228-1 - Several vulnerabilities have been found in Iceweasel, a web browser based on Firefox.
078486b1e8f5b88faea2f516d6b56bfc112bf90d660d1a22609bc809f5526969This archive contains all of the 334 exploits added to Packet Storm in April, 2011.
743f38c3c668eb2c1cfdc703d384f8c4faebedfd6246d72d48323a87341337efSecunia Security Advisory - Ubuntu has issued an update for php. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
622810909bb347d51ea1986a8fa97f3e68063ed3b9e76650806bcf6e8c97aca4Secunia Security Advisory - Ubuntu has issued an update for xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, cross-site request forgery attacks, disclose sensitive information, and compromise a user's system.
72f6280aaaf1b28c530adee72e02528fc2475249cce27dfcdfa88372e2c8cb69Secunia Security Advisory - Fedora has issued an update for mediawiki. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and conduct cross-site scripting and request forgery attacks.
47985ed4c28edb53200b6150be76172d0bdb3bb7e3e3c915b72e4f498fa3b492Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in CGI.pm included in Solaris, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library.
f43b4f585e2439b7b480950685faf027fb31ee89957b14a26714aa3677e74a96Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Apache APR-util included in Solaris, which can potentially be exploited by malicious people to compromise an application using the library.
688b0a3090fa9075a406ead9fa64dae384823f38c329731e9c62d6bd5155fca0Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Apache APR-util included in Solaris, which can be exploited by malicious users and malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
de3d0256b6b4f5dde68cba1acb57b8e68400ec9f6deb9083165e91e275011d84Secunia Security Advisory - Oracle has acknowledged a vulnerability in OpenSSL included in Solaris, which can be exploited by malicious people to bypass certain security restrictions.
a5ac363f8717291cb8a72e07e4285cf5579077ffd490fa617f1ace7b2c05c405Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Apache HTTP Server included in Solaris and OpenSolaris, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, manipulate certain data, gain access to potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
88e6093d6df332993ad48490c3d929b3cf6bebb1f8c207e0aec43e2b9cf35692Secunia Security Advisory - Oracle has acknowledged some vulnerabilities in Mozilla Thunderbird included in Solaris, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a user's system.
4b8759b30bb40ebcdb6e180bc52bc6b2a6ec247258ad01ae227ded760636cd37Secunia Security Advisory - A security issue has been reported in SSSD, which can be exploited by malicious people to hijack another user's account.
6674df041061f0cce82d722ebdc9cb149c4ce4556dcc38accdc1e76010b4e34c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed