what you don't know can hurt you
Showing 1 - 25 of 34 RSS Feed

Files Date: 2012-11-08

Apple Security Advisory 2012-11-07-1
Posted Nov 8, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-11-07-1 - QuickTime version 7.7.3 is now available and addresses multiple buffer overflows, memory corruption, and use after free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | apple
advisories | CVE-2011-1374, CVE-2012-3751, CVE-2012-3752, CVE-2012-3753, CVE-2012-3754, CVE-2012-3755, CVE-2012-3756, CVE-2012-3757, CVE-2012-3758
SHA-256 | 95366d789e2d5c28d406a06fd1ca4fc0cb19baf1959db6188a58334716e79283
Zoner Photo Studio 15 Buffer Overflow
Posted Nov 8, 2012
Authored by Julien Ahrens | Site security.inshell.net

Zoner Photo Studio 15 builds 2 and 3 suffer from a stack-based buffer overflow vulnerability. Full proof of concept code included.

tags | exploit, overflow, proof of concept
SHA-256 | 562915b74a8fedb12889e09ea4190964fe550f41396e218b3d54305d5f1f93d6
AWCM 2.2 Access Bypass
Posted Nov 8, 2012
Authored by Sooel Son

AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2012-2437, CVE-2012-2438
SHA-256 | 04b5cf86d1ba1376d915fcb77b40e90026665f961d78136e789d3c4736371974
Ubuntu Security Notice USN-1628-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1628-1 - Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security (TLS) protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression in Qt by default.

tags | advisory, protocol
systems | linux, ubuntu
advisories | CVE-2012-4929
SHA-256 | ed0e1302e786f48be680646fe32bbe1d52e2b672014c7237009d99ba58c39be1
Ubuntu Security Notice USN-1627-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1627-1 - It was discovered that the mod_negotiation module incorrectly handled certain filenames, which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that the Apache HTTP Server was vulnerable to the "CRIME" SSL data compression attack. Although this issue had been mitigated on the client with newer web browsers, this update also disables SSL data compression on the server. A new SSLCompression directive for Apache has been backported that may be used to re-enable SSL data compression in certain environments.

tags | advisory, remote, web, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2012-2687, CVE-2012-4929, CVE-2012-2687, CVE-2012-4929
SHA-256 | 78d859b0127ad9a08e2ef3ebae386c916040fc5754b3a2ee8a2f5eea27ac423a
Gentoo Linux Security Advisory 201211-01
Posted Nov 8, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201211-1 - Multiple vulnerabilities have been found in MantisBT, the worst of which allowing for local file inclusion. Versions less than 1.2.11 are affected.

tags | advisory, local, vulnerability, file inclusion
systems | linux, gentoo
advisories | CVE-2010-3303, CVE-2010-3763, CVE-2010-4348, CVE-2010-4349, CVE-2010-4350, CVE-2011-2938, CVE-2011-3356, CVE-2011-3357, CVE-2011-3358, CVE-2011-3578, CVE-2011-3755, CVE-2012-1118, CVE-2012-1119, CVE-2012-1120, CVE-2012-1121, CVE-2012-1122, CVE-2012-1123, CVE-2012-2691, CVE-2012-2692
SHA-256 | 73ec59ae980b4d7e5b8fa8eebfffdf5f421714d1583295709c6a59e187bc7d7b
Red Hat Security Advisory 2012-1438-01
Posted Nov 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1438-01 - Red Hat has updated the support life cycle for Red Hat Enterprise Virtualization version 2, extending the end of life for version 2 from November 3rd 2012 until March 1st 2013. During this period customers are recommended to upgrade their existing Red Hat Enterprise Virtualization 2.x installations to version 3.0. The upgrade from RHEV Manager version 2.2 running on Microsoft Windows to Red Hat Enterprise Virtualization Manager 3.0 running on Red Hat Enterprise Linux is fully supported and requires no downtime, during the upgrade all virtual machines will continue to run without loss of service.

tags | advisory
systems | linux, redhat, windows
SHA-256 | 212e08104136bf4e609a172a8779b5fdea80264d89222727cce40116942ed820
Ubuntu Security Notice USN-1626-1
Posted Nov 8, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1626-1 - Gabe Westmaas discovered that Glance did not always properly enforce access controls when deleting images. An authenticated user could delete arbitrary images by using the v1 API under certain circumstances.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4573
SHA-256 | 1448e620a78c5a2839b913c68bbbbc9d60ee54b306e4ffb6d1910709c13f079e
Secunia Security Advisory 51206
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for icedtea-web. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory, web
systems | linux, ubuntu
SHA-256 | f784289779c1aa8b509e0dc04d3575fc5406c7b925a5b6b65a2dc9854dfeaabb
Secunia Security Advisory 51186
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
SHA-256 | 46bc4bf47bbedf66953d0bcc2e507cc024ae22a15e7a9e05015e56318f37f495
Secunia Security Advisory 51156
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tavis Ormandy has reported multiple vulnerabilities in Sophos Anti-Virus, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks and compromise a user's system.

tags | advisory, local, vulnerability, virus, xss
SHA-256 | b08a7c2470ab6518631923185870143cd4ca98e17ae244daa22662ea9f1a6633
Secunia Security Advisory 51213
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Flash Player and Adobe AIR, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | f32a7cff1a5ea2b280124f9c3aa29d08b22a1caf3d327b88923e47f1112120db
Secunia Security Advisory 51210
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 2b181913a6c418a696dcf40b51389cbe10896b91e410f0d0ea693dc8c75d5b6f
Secunia Security Advisory 51229
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the CiviCRM module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | d4ae4124a4cdc1cab017118ad5c53fdb91d9af3debd714751afe1903d7b7c8f3
Secunia Security Advisory 51192
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Payflow SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | d0a6f8da0f1d3999ba6ffb37320622208cdd30e6e1596eb0c9c7fd2993cd95fc
Secunia Security Advisory 51195
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ben Sheppard has discovered a vulnerability in the Script Runner plugin for Atlassian JIRA, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 367794adc9956b8178337e42d8c8185d28a3b54c3b39c7a5ff64d492adbf73b3
Secunia Security Advisory 51232
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Moneris eSelectPlus PHP API, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof, php
SHA-256 | 53839467b353aba7d0d3800439bb8b9cd1b8a187ba31f5959be9d38b7fa65d1e
Secunia Security Advisory 51184
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in PayPal SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | caaa69e00c794bb80e4ff079a046d30a72c32a722593f4fc38ca0227434b8b40
Secunia Security Advisory 51227
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Magento, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 3cedcec8ac3d15a534c53f667cf9856f8bf9fb9dba81614394c5538d03041b4f
Secunia Security Advisory 51199
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for MantisBT. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, conduct script insertion attacks, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks and disclose potentially sensitive information.

tags | advisory, vulnerability, xss
systems | linux, gentoo
SHA-256 | 51c7d7e1cc6108aac2fd75a1c28e429cddec8e9f2034e20f68e2d1fa958497d3
Secunia Security Advisory 51190
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Trillian, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 33b9d44c93809623d4864826b4ffdf59cef36b20b75794269db37cd79e432a8c
Secunia Security Advisory 51196
Posted Nov 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Amazon Web Services SDK, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, web, spoof
SHA-256 | 14f57dcfaf77409d9c21dabcf2bb8cbd0b244ecbc04e1c597af7ff1f2c4ec108
AVerCaster Pro RS3400 Directory Traversal
Posted Nov 8, 2012
Authored by Patrick Saladino

AVerCaster Pro RS3400 version 3.1.20 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | b508c4fec94e9084eb272e6fbe458f5ca65f454a44df359df2078610c204cb42
Drupal Webform CiviCRM Integration 7.x Access Bypass
Posted Nov 8, 2012
Authored by Coleman Watts | Site drupal.org

Drupal Webform CiviCRM Integration third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | b76b03e4b8ce8562a35fd0ad76b0df92b97e07f3fb7533e3042532c7b5bb2f1a
Drupal OM Maximenu 6.x / 7.x Cross Site Scripting
Posted Nov 8, 2012
Authored by Justin C. Klein Keane | Site drupal.org

Drupal OM Maximenu third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | bd782ee3b000a7eb249c3d223977f90a2f65b0ee1c3fdd952e68b041fdf969f6
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close