Secunia Security Advisory - A vulnerability has been discovered in QQPlayer, which can be exploited by malicious people to compromise a user's system.
264223e1f03aeeeda9d8690b283b2710b1d03b1fc9681cf1ffc9da2fcefecec3Secunia Security Advisory - A security issue and two vulnerabilities have been reported in FishEye and Crucible, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions.
ae7bff099eaac6dada7362e5c48cdf05b5a203a87064dba2685186f927f90b09Secunia Security Advisory - A vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
71ad34046d6858ce83add7c3a49741734829c613cf1f532d205c43be600e862dSecunia Security Advisory - A vulnerability has been discovered in the Yet Another Photoblog plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
db4fb4b3786ef1d8c579b8f78d4a077e256f76c16f3cbbbdc36d9c01c14ced27Secunia Security Advisory - Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
e79ab4d9fcdab789ea391c5c2aa7ca30438a40141819ed140605ad5ad2882199Secunia Security Advisory - Multiple vulnerabilities have been discovered in Blogs manager, which can be exploited by malicious people to conduct SQL injection attacks.
cc532cd298ba6bca25fe816f7be02446dfcecea346313b940d65c3cc124e7051Secunia Security Advisory - IBM has acknowledged a vulnerability in BIND included in AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).
b2b0d065d170a673d0928bf535c0cc25796bfa7f432caf655c520de623bb1172Secunia Security Advisory - A vulnerability has been discovered in the WP e-Commerce plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
877906befa367267eaeee5f37d8faf859d71fd11e46ba0e3222679110d5bc01dSecunia Security Advisory - Multiple vulnerabilities have been discovered in Freelancer calendar, which can be exploited by malicious users to conduct SQL injection attacks.
6a94a330605d972a049089a0c533c21a6a942d5f98eb69e5633f2a1a962c9521Secunia Security Advisory - Gentoo has issued an update for abcm2ps. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
3fbccafbb20091a0d9b6c212c4747798e078d2b1c67f254eb13d6912bb5105a9Secunia Security Advisory - Gentoo has issued an update for maradns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
b0b0fee164d9a81af0ea42cbc4a189eac033e7bd0cc409f1a23e0a627e013742Secunia Security Advisory - Gentoo has issued an update for radvd. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
749c53e4ea4c939abfa571fe730e4f786451311072043a71204d652d872b45eaPacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
568f63c98410073668be2ccda05bf8f671271f5e5d69f757a680a0c844b774ccDebian Linux Security Advisory 2351-1 - Huzaifa Sidhpurwala discovered a buffer overflow in Wireshark's ERF dissector, which could lead to the execution of arbitrary code.
8ad5bd3c82f4a866ef130e1db2b7312fb606ef04dcd9be1c94bb5eeff2651887Ubuntu Security Notice 1276-1 - Tim Brown discovered that Ark did not properly perform input validation when previewing archive files. If a user were tricked into opening a crafted archive file, an attacker could remove files via directory traversal.
8badff12978d2b31cd896be809de12c187315b2ed4e5917ae571a4712fd9a670Mandriva Linux Security Advisory 2011-177 - FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font in a document. The updated packages have been patched to correct these issues.
d1c80051d86766838a8ed051cdd8fa1bd432c310998733cdb5733bbaa7f1d5f3Ubuntu Security Notice 1275-1 - Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy.
d80ad01354876eab576255c2bcf356baa28e1b46fd819624cd2d2de9c1971dd2Ubuntu Security Notice 1273-1 - Marius Wachtler discovered that Pidgin incorrectly handled malformed YMSG messages in the Yahoo! protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. This issue only affected Ubuntu 10.04 LTS and 10.10. Marius Wachtler discovered that Pidgin incorrectly handled HTTP 100 responses in the MSN protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash, leading to a denial of service. Various other issues were also addressed.
427e2e9a5b920f0b25f9f9b3c39fe9ad971c32495eb39a7878a1e2fcbfef91eeUbuntu Security Notice 1274-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
9e7423525f5b4b44481126894707f0075d0f30025f51d44fb3915a1d1dc8603aThe WordPress Adminimize plugin suffers from a cross site scripting vulnerability.
e3fcac5800cb081eccd0103140131d31ae97573e74893df4d2534bedfe2bc636The WordPress Alert Before Your Post plugin suffers from a cross site scripting vulnerability.
08d3fc67166b7a5dde8938e54d9f6abaac63669cda608264ae6bfc46e498a285The WordPress Advanced Text Widget plugin suffers from a cross site scripting vulnerability.
d01297eb1466e0e348e2850142bc385b6f2d01f2695df702dd53b282d8719102The WordPress Lanoba Social plugin suffers from a cross site scripting vulnerability.
488156f2b0c78c95b446a0edcb5fb77572e6c71cd4d936676cff7b88509843f8Ubuntu Security Notice 1271-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. It was discovered that the GRE protocol incorrectly handled netns initialization. A remote attacker could send a packet while the ip_gre module was loading, and crash the system, leading to a denial of service. Various other issues were also addressed.
780e7898e3ae112f38373badd4790c4b6d45b0de5dde9d12f1bfd6ee1d6bbe8aUbuntu Security Notice 1272-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
743cb378b3852f5f0342fd308ffb4497b15ec55b0738d504936a9d732df2d9d0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed