Ubuntu Security Notice 2098-1 - Florian Weimer discovered that LibYAML incorrectly handled certain large yaml documents. An attacker could use this issue to cause LibYAML to crash, resulting in a denial of service, or possibly execute arbitrary code.
f0a7764fc4f2b6e4e018e6c63ebc040786c6139f8993b7919c01966527090c68Gentoo Linux Security Advisory 201402-4 - Multiple vulnerabilities have been found in libwww-perl, the worst of which could allow attackers to execute arbitrary code. Versions less than 6.30.0 are affected.
fcf4a9d24a64af0d45ccfe4eeeaac5b293d0ff2ab6df35386844d9029a6651cfFortiWeb version 5.0.3 suffers from a reflective cross site scripting vulnerability.
a7a0708e43a7b3875b576a4d0952af21e0aa1f389175bbbb4dbd387ac959da73Inteno DG301 routers are susceptible to a remote command injection vulnerability. Proof of concept included.
8b76e6779429975b9c369e86d1e0d8e31af365096fd2ecc0ca1dcc4883d30e25FortiOS version 5.0.5 suffers from a reflective cross site scripting vulnerability.
9be7b1b61981b0f344361d46641dab626acd0430496aa0b7cf8882f79c5f29dbSlackware Security Advisory - New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
04258e7f7d5fc005eb001766cbc87d485935f54d351163c095aa154938c3f254Red Hat Security Advisory 2014-0136-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
e5e5cbf8877412e5e99cbd6a344b227e0434e4aeb1873f8d2c01a9a43871b849Red Hat Security Advisory 2014-0135-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
d13a6a1f9d6b37881dc683c6b75c246fdb2b6fae26f4875c4f85be8c5a938598Red Hat Security Advisory 2014-0134-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
bb00457bb9e4fc9e82fb6b685b6de6dce5bc060225beb86174fd4a148507b46fRed Hat Security Advisory 2014-0133-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting attacks, or could potentially be used to gather authentication tokens and other data from third-party websites.
c5fcf6f9f6778d5a4422c57409d892d9ac6a1b02c051a83ed7f7a87f2571cca5This whitepaper discusses the various type of cross site scripting attacks (reflected, stored, DOM, and mutated). It also encompasses 16 solved challenges. Written in Spanish.
bc543a96e318a73cdeefad02ee4de9c48c143df8ed4dc2608e4017ade8a45e8aImpressCMS version 1.3.5 suffers from arbitrary file deletion and cross site scripting vulnerabilities.
45cc65b3f712ac60fa5db97277852cb0802805b782b3e87cd2a24c2fb2cba4cfRed Hat Security Advisory 2014-0132-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting attacks, or could potentially be used to gather authentication tokens and other data from third-party websites.
bfb09b2347a74eaceb6441aeaf76d5d4f8817b0e0d9131ca81fafeb009e0988bRed Hat Security Advisory 2014-0131-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 3 was retired on January 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 3 ELS after January 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. In order to provide customers with a final opportunity to migrate their systems to a supported version of Red Hat Enterprise Linux, the retirement process for Red Hat Enterprise Linux 3 ELS will complete on March 31, 2014. On that date, the Red Hat Enterprise Linux 3 ELS channels will be moved to the "Retired" channels area on the Customer Portal, and customers will be unsubscribed from the Red Hat Enterprise Linux 3 Extended Life Cycle Support channels.
ec09faf778b4d0fb426fcccbc5b68cd511f61af168b6c98d26019d5b3be2911fContao CMS versions 3.2.4 and below suffer from a code execution vulnerability.
3325f9526c412938ec9ebe20c8778c890efd75ee7fc5b9592bb65c2db48c7fbcpMap is a tool for for passively discovering, scanning, and fingerprinting hosts on the local network. Included is a precompiled Windows binary.
095bcea8b6a33df4cbab7a6c095be48be3754fb9ddf32a1ef3e207c81bb547a5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed