VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.
a76cbf6bdbee711ebfce8dc173c64df62c4636a89ebcd164f53aaf43db1e466fSecunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a logic error in the Ichitaro speed reader (jtdsr.dll) when attempting to reconstruct higher-level objects and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d5e75933e09e845ef137f1e214acd3daba62b091b867d3f86c99c49c4fb8a1bdVarious Qt applications including KSSL (the KDE class library responsible for SSL negotiation), Rekonq, Arora and Psi IM are vulnerable to UI spoofing due to their use of QLabel objects to render externally controlled security critical information. The primary area of concern at this time relates to the named applications SSL certificate dialogue UI however other similar dialogue boxes may also be vulnerable.
f1104d7ba2003aa2ac18e3d2d43aeb4860aa6ccd918b4b4b79f4e418e6abe44fBuzzyWall version 1.3.2 suffers from a file disclosure vulnerability in resolute.php.
45de689290b5cbef7d1050696b1b9ba13023d06196a0aec487b42c6873368590Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Ichitaro speed reader (jtdsr.dll) when parsing "Text" chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d4c58b78a917a3975cccd3fd186aa9b3e2b0fa0d8eb7ac3c3fa3f6db6467cd41VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
f155029aeaa8cd2c97b5f87a4c567067ee56940483899fa350ddc410ece0847952 bytes small Linux MIPS execve shellcode.
cc1b78aeeacc95c824cbe8f2a340f5174ce764c3c12f6a86f69675cb927a7109Ark version 2.16 suffers from a directory traversal vulnerability when handling a malformed ZIP file.
65500fe3d0754fdf5656832e5ced430dddaaf1e71169286b94df909c93e51efaWiRouter KeyRec is a powerful and platform independent piece of software that recovers the default WPA passphrases of the supported router's models (Telecom Italia Alice AGPF, Fastweb Pirelli, Fastweb Tesley).
a97d53abc66a5ede50525e7279ad5ff673e41bb55e99fe16aa311f3a012a004aBlazeVideo HDTV Player version 6.6 Professional universal DEP and ASLR bypass buffer overflow exploit.
cd503a7eb1398e42493c9c50930545257e289549f4b450834e2fd5e2a62499ffApple's website suffered from a cross site scripting vulnerability.
01196a422a4a0418ae81d1349b58d7caa353d0735da739b6a411729c877883b4eFront Enterprise Edition version 3.6.9 suffers from a remote SQL injection vulnerability.
687a5adc5550bc0b83bdc53525284811b877bea295a08faf8786a5d18c035f6ceFront versions 3.6.9 and below suffer from remote SQL injection, authentication bypass, and default credential vulnerabilities.
aefe030445dc4bcb2dfa045d31d290d0aa40a079be3b8cf12a26783b16de5e9cURL Shortener Script version 1.0 suffers from a remote SQL injection vulnerability.
145ec8b8e859c8dadf42056f7eec3e4f616a6d2557fd75b35967c67397c0fed8Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d24cd05a6e4d709be1e57e4e15c52c15b5a2ed2e2c1e3e61fc50b6f372182659Debian Linux Security Advisory 2318-1 - Multiple security issues have been discovered in cyrus-imapd, a highly scalable mail system designed for use in enterprise environments.
6aa0ec325a5be815c81bb67feae0cefdc3e2781d9482a41e3105fe41139fed85ICIMP 2012, The Seventh International Conference on Internet Monitoring and Protection, Call For Papers has been announced. It will take place May 27th through June 1st, 2012 in Stuttgart, Germany.
0234447e2945a126c837b75adea302129c710c8a748994730ebd93ab6477410e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed