the original cloud security
Showing 1 - 25 of 34 RSS Feed

Files Date: 2012-11-08

Apple Security Advisory 2012-11-07-1
Posted Nov 8, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-07-1 - QuickTime version 7.7.3 is now available and addresses multiple buffer overflows, memory corruption, and use after free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | apple
advisories | CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758
MD5 | 4ad07f3171fea3cde3affc5ca6d2cf4d
Zoner Photo Studio 15 Buffer Overflow
Posted Nov 8, 2012
Authored by Julien Ahrens | Site security.inshell.net

Zoner Photo Studio 15 builds 2 and 3 suffer from a stack-based buffer overflow vulnerability. Full proof of concept code included.

tags | exploit, overflow, proof of concept
MD5 | b34cfd49143568f1989ebd2af2483c95
AWCM 2.2 Access Bypass
Posted Nov 8, 2012
Authored by Sooel Son

AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2012-2437, CVE-2012-2438
MD5 | e72bca7f9bc6ff5c2dbd0a1a9f28d554
Ubuntu Security Notice USN-1628-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1628-1 - Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security (TLS) protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression in Qt by default.

tags | advisory, protocol
systems | linux, ubuntu
advisories | CVE-2012-4929
MD5 | b1eabd436f8df01f88a6cb94c238c300
Ubuntu Security Notice USN-1627-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1627-1 - It was discovered that the mod_negotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that the Apache HTTP Server was vulnerable to the "CRIME" SSL data compression attack. Although this issue had been mitigated on the client with newer web browsers, this update also disables SSL data compression on the server. A new SSLCompression directive for Apache has been backported that may be used to re-enable SSL data compression in certain environments.

tags | advisory, remote, web, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-2687, CVE-2012-4929, CVE-2012-2687, CVE-2012-4929
MD5 | 479f43fd0a4b55159b9574029e2abc02
Gentoo Linux Security Advisory 201211-01
Posted Nov 8, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201211-1 - Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion. Versions less than 1.2.11 are affected.

tags | advisory, local, vulnerability, file inclusion
systems | linux, gentoo
advisories | CVE-2010-3303, CVE-2010-3763, CVE-2010-4348, CVE-2010-4349, CVE-2010-4350, CVE-2011-2938, CVE-2011-3356, CVE-2011-3357, CVE-2011-3358, CVE-2011-3578, CVE-2011-3755, CVE-2012-1118, CVE-2012-1119, CVE-2012-1120, CVE-2012-1121, CVE-2012-1122, CVE-2012-1123, CVE-2012-2691, CVE-2012-2692
MD5 | 10140efa7ff3d34cca35289b8126609f
Red Hat Security Advisory 2012-1438-01
Posted Nov 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1438-01 - Red Hat has updated the support life cycle for Red Hat Enterprise Virtualization version 2, extending the end of life for version 2 from November 3rd 2012 until March 1st 2013. During this period customers are recommended to upgrade their existing Red Hat Enterprise Virtualization 2.x installations to version 3.0. The upgrade from RHEV Manager version 2.2 running on Microsoft Windows to Red Hat Enterprise Virtualization Manager 3.0 running on Red Hat Enterprise Linux is fully supported and requires no downtime, during the upgrade all virtual machines will continue to run without loss of service.

tags | advisory
systems | linux, redhat, windows
MD5 | 28486259b68937f487c5aa57bb766314
Ubuntu Security Notice USN-1626-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1626-1 - Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4573
MD5 | 53abd725c746b330b76afe637ba92208
Secunia Security Advisory 51206
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for icedtea-web. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory, web
systems | linux, ubuntu
MD5 | 0b6ec1a2d277b5fd4537b947fdbc18a8
Secunia Security Advisory 51186
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | db32ae9ea1be3aedcea81f3365ad37b4
Secunia Security Advisory 51156
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tavis Ormandy has reported multiple vulnerabilities in Sophos Anti-Virus, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.

tags | advisory, local, vulnerability, virus, xss
MD5 | f520f92e7e9f18b3ee2e64f4ee6ddcbe
Secunia Security Advisory 51213
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
MD5 | e12722df74c48d862b7aff79f3afa311
Secunia Security Advisory 51210
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
MD5 | f4148ddc5eb2b037111499c012244413
Secunia Security Advisory 51229
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the CiviCRM module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 18aaec596ae8aa4d44632a04fb84bdfd
Secunia Security Advisory 51192
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Payflow SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | cb156d4beebd645278206ed2310dd17b
Secunia Security Advisory 51195
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ben Sheppard has discovered a vulnerability in the Script Runner plugin for Atlassian JIRA, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 296ff6a288adc25c423e6bb03e185c3e
Secunia Security Advisory 51232
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Moneris eSelectPlus PHP API, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof, php
MD5 | 136caf84d0f24fc7a251fe26340b76da
Secunia Security Advisory 51184
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in PayPal SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | b2e24be695a2fdc02e1a1cdc5c1cc812
Secunia Security Advisory 51227
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Magento, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 9f83b3879ee28d3e882f9857e32f45e1
Secunia Security Advisory 51199
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for MantisBT. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, conduct script insertion attacks, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
systems | linux, gentoo
MD5 | ff98886a682ca0fd2159209522a53e56
Secunia Security Advisory 51190
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Trillian, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | e236b4a7f9399d9a17832546fa3f8151
Secunia Security Advisory 51196
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Amazon Web Services SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, web, spoof
MD5 | 223cfbc98e28f9a5c3bf6a529ed3583c
AVerCaster Pro RS3400 Directory Traversal
Posted Nov 8, 2012
Authored by Patrick Saladino

AVerCaster Pro RS3400 version 3.1.20 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 57824db2e490e341096a3c404415a480
Drupal Webform CiviCRM Integration 7.x Access Bypass
Posted Nov 8, 2012
Authored by Coleman Watts | Site drupal.org

Drupal Webform CiviCRM Integration third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | e6312abeaf2d7e5b7f02dd814102d61c
Drupal OM Maximenu 6.x / 7.x Cross Site Scripting
Posted Nov 8, 2012
Authored by Justin C. Klein Keane | Site drupal.org

Drupal OM Maximenu third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 10552bbcc13f74edbcdaac5fbfc67ba7
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close