AlgoPars Software Co suffers from a remote SQL injection vulnerability.
cb80b84e4a89dc7d1369a13d116cdf146b6a561999dba164d3f6f8553ea40f51PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
ac46269507cda5773554b5fa288a540d4d815b375884ab3939dd48747c846c15This is a proof of concept denial of service exploit for Adobe Reader / Acrobat 10.0.1.
f4707181a5488c9a9c04dd3216eef79a7d475b24d554758aac8d2f6d346f71c2Red Hat Security Advisory 2011-0882-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.
1110695f1e97b5b4f6657fd235000165d4abbff25d96cadd1d93de7d9b0af48eRed Hat Security Advisory 2011-0881-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.
d5b543350c6b219c4dba13b68ad6d5967dcdb4d359eb2678d8220aff9794bd24Debian Linux Security Advisory 2263-1 - It was discovered that Movable Type, a weblog publishing system, contains several security vulnerabilities.
8fc54eb762cee66133b2d40eae0d58683f681c792f3c0ff4b4ee21e596413b40Red Hat Security Advisory 2011-0880-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite 5.4.1. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. Various other issues were also addressed.
23e57d99b78195d5d080dfd7d6831e809d977086b9839464c667dc791c8b7697Red Hat Security Advisory 2011-0879-01 - Red Hat Network Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows organizations to utilize the benefits of the Red Hat Network without having to provide public Internet access to their servers or other client systems. It was found that RHN Satellite did not protect against Cross-Site Request Forgery attacks. If an authenticated RHN Satellite user visited a specially-crafted web page, it could lead to unauthorized command execution with the privileges of that user, for example, creating a new user account, granting administrator privileges to user accounts, disabling the account of the current user, and so on. Various other issues were also addressed.
57cd463dbaf289e333106899b57f173975b34eaa6fa399b66cf2c25c2b6269c9Rapid Full Download suffers from a cross site scripting vulnerability.
fbe0605fdd813b383bc91fde5c694b932966bbe956980781c33f65dc3f3393feUbuntu Security Notice 1154-1 - It was discovered that a heap overflow in the AWT FileDialog.show() method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. It was discovered that integer overflows in the JPEGImageReader readImage() function and the SunLayoutEngine nativeLayout() function could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. Various other issues were also addressed.
b8678edae4561e9f93f6e10ebcdb337635cb2b334bf27aa584409a4de58814efThe vBExperience add-on as shipped with vBulletin versions 3.x.x and 4.x.x suffers from a cross site scripting vulnerability.
e45483003574c24072a4ea684eb504b8ab7dfaaaf34ed36b7ffdcec312891b79WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.
0bce39b5bffc7a4bc13046662ad8b39b8fab588076ace249f26f92528f70f715Essential PIM version 4.22 is shipping with multiple outdated and vulnerable libraries.
1c8068f330cbf75f9c18acb0f6c9b09b5389bace36fd4ae4a08117062a144c41This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed <object> and attempts to call a function on it, leading to the use-after-free.
b32377ac3beaa1414985310c6140cd9cbefd81ce42b9a9337bf648771c0e9476Braa is a mass snmp scanner. The intended usage of such a tool is of course making SNMP queries - but unlike snmpget or snmpwalk from net-snmp, it is able to query dozens or hundreds of hosts simultaneously, and in a single process. Thus, it consumes very few system resources and does the scanning VERY fast.
d650d34cdf30fcbbbbf4e4f11c8f5d51fd5caa3cca58d620fa1d978b8c18919cSecunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
e9de96d7a27fe2ef47311fac6b645340abd8bea016be2663ae5d7fef45efb9ecSecunia Security Advisory - A vulnerability has been reported in GNU Troff, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
0c2f1086b1564a3ee08bc29d5ee4f71904c8da2139bc8d0d255ec2bf5ea10d66Secunia Security Advisory - Red Hat has issued an update for jabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
e252a32eb3396b16ddd43c38e73f72749e52bf121868a4ce25eb996da5acb316Secunia Security Advisory - Red Hat has acknowledged a vulnerability in Red Hat Network Satellite Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.
2059ff447bd990c3a1df7730d113062cf6715164e273cc7dd394fe76666911f2Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Business Service Manager, which can be exploited by malicious people to bypass certain security restrictions.
5fd96d98ae5cf3b6dba7fafb39ee0f4b26a12552aa75a6fcf5d125259ac272beSecunia Security Advisory - Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system.
3a86f8fa57b00ff3aa37d3aa1925abcd8a167d8f1adcc9750f97f32370fbf73eSecunia Security Advisory - A security issue has been reported in Digicom IP CAMERA 100W, which can be exploited by malicious people to bypass certain security restrictions.
91d95bb3adba83a97264b94731cd7053d4be0fa5911392077d150a19352cf7f7Secunia Security Advisory - Context has reported a weakness in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information.
f0b409c2e2d51fcd670dd1cd4e6a729b20f6cc503e7fc1735a74769815b3ce77Secunia Security Advisory - Multiple vulnerabilities have been reported in Group-Office, which can be exploited by malicious users to conduct SQL injection attacks.
5744d13fef6bb2a05ad20708f4f3fe5698f096f7d0041eefe4ca9f465a1ae36dSecunia Security Advisory - A weakness has been reported in FreeBSD, which can be exploited by malicious, local users to disclose certain system information.
de742db5ec137cee565a182830a12f3a95334988a44609265d77b64cf5f58a61
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed