all things security
Showing 1 - 25 of 52 RSS Feed

Files Date: 2012-02-15

Red Hat Security Advisory 2012-0135-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0135-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2011-3563, CVE-2011-3571, CVE-2011-5035, CVE-2012-0497, CVE-2012-0501, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506
MD5 | 1d55c5a0d3dc85ce999fbb9ef339fff7
Red Hat Security Advisory 2012-0116-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0116-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. Non-member VLAN packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-1020, CVE-2011-3347, CVE-2011-3637, CVE-2011-3638, CVE-2011-4110
MD5 | 80bccdf5c509aae88bc9da2ceeac24cb
Debian Security Advisory 2410-1
Posted Feb 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2410-1 - Jueri Aedla discovered an integer overflow in the libpng PNG library, which could lead to the execution of arbitrary code if a malformed image is processed.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3026
MD5 | e01cb27bf4e0d03bd9ff1088eff5439c
Ubuntu Security Notice USN-1366-1
Posted Feb 15, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1366-1 - Paul Wise discovered that debdiff did not properly sanitize its input when processing .dsc and .changes files. If debdiff processed a crafted file, an attacker could execute arbitrary code with the privileges of the user invoking the program. Raphael Geissert discovered that debdiff did not properly sanitize its input when processing source packages. If debdiff processed an original source tarball, with crafted filenames in the top-level directory, an attacker could execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0210, CVE-2012-0211, CVE-2012-0212, CVE-2012-0210, CVE-2012-0211, CVE-2012-0212
MD5 | 021158b8a9c5ab2488cef9034096bad1
Red Hat Security Advisory 2012-0137-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0137-01 - TeX Live is an implementation of TeX. TeX takes a text file and a set of formatting commands as input, and creates a typesetter-independent DeVice Independent file as output. The texlive packages provide a number of utilities, including dvips. TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
MD5 | 5bfd6a052585080cb5d8254377375af2
Red Hat Security Advisory 2012-0109-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0109-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. A heap overflow flaw was found in the way QEMU-KVM emulated the e1000 network interface card. A privileged guest user in a virtual machine whose network interface is configured to use the e1000 emulated driver could use this flaw to crash the host or, possibly, escalate their privileges on the host.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2011-4576, CVE-2011-4577, CVE-2011-4619, CVE-2012-0029
MD5 | a49711ee8164556645fd5fe183fa93d1
Debian Security Advisory 2409-1
Posted Feb 15, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2409-1 - Several vulnerabilities have been discovered in debdiff, a script used to compare two Debian packages, which is part of the devscripts package.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-0210, CVE-2012-0211, CVE-2012-0212
MD5 | 3882aac45ec57ca901acde9867033c79
Red Hat Security Advisory 2012-0136-01
Posted Feb 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0136-01 - The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. A heap-based buffer overflow flaw was found in the way the libvorbis library parsed Ogg Vorbis media files. If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libvorbis should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-0444
MD5 | 8a3f6d413f14ebda793e5b17b3ebfb2b
FreePBX Credential Disclosure
Posted Feb 15, 2012
Authored by Doug W

FreePBX suffers from a remote credential disclosure vulnerability via the web interface.

tags | exploit, remote, web, info disclosure
MD5 | efdc1ed016f2470c90103ddca9c5b00d
360-FAAR Firewall Analysis Audit And Repair
Posted Feb 15, 2012
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

tags | tool, perl
systems | unix
MD5 | 79117abead8812af1001c463666847d7
Adobe Shockwave Player Parsing block_cout Memory Corruption
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a memory corruption vulnerability when parsing the field of KEY_ATOM of Director File.

tags | advisory
advisories | CVE-2012-0759
MD5 | 93ea44a8f1bb33b5fc0dbba0934e3d15
Adobe Shockwave Player Parsing Heap Overflow
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a parsing cupt atom heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2012-0758
MD5 | 2d79df0828357da26b0bbcd16992ea83
Fink Project Cross Site Scripting
Posted Feb 15, 2012
Authored by Am!r | Site irist.ir

Fink Project suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0d3c1efaff37f653a90547abda53651e
Grady Levkov Cross Site Scripting
Posted Feb 15, 2012
Authored by Am!r | Site irist.ir

Grady Levkov suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c74bba12f84ad5767f209c72f29c5c3a
Besancon Groupe Cross Site Scripting
Posted Feb 15, 2012
Authored by Atmon3r

Besancon Groupe suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6a3bb3d9802120571a343ce87961b907
Firaxis Game SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

Firaxis Game suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 410f1309583fcff057abe6566f59ae83
The Greenroof SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

The Greenroof suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ecc87cfd17cdbafa0f0f51d639cc3a76
Tube Ace Cross Site Scripting
Posted Feb 15, 2012
Authored by Daniel Godoy

Tube Ace, the adult PHP tube script, suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 2010d2024561ad998b9a7e5c47a9b91e
Xenon Web Services SQL Injection
Posted Feb 15, 2012
Authored by Th4 MasK

Xenon Web Services suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | ede8b8f446419ee2137a97d623355d04
Secunia Security Advisory 47890
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for php5. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, debian
MD5 | c8aeeba8d948ee782fb521d5415692ba
Secunia Security Advisory 47960
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain knowledge of sensitive information or manipulate certain data or by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
MD5 | 15ece3aaadd3edbdf8ff6454138275e9
Secunia Security Advisory 47953
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges.

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | 7b7a8a75ade0ea4dd9f743010e1a191a
Secunia Security Advisory 48009
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Java SE, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
MD5 | eb7dbe34dc0ccf9b12a75a0ad6c1bbcd
Secunia Security Advisory 47984
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the cformsII plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | dc33b21682f9007aa2910daafe8a1319
Secunia Security Advisory 47951
Posted Feb 15, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Mumble, which can be exploited by malicious, local users to disclose sensitive information.

tags | advisory, local
MD5 | 349c7d7a8344e3a52fe8489f28adbbb2
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close