Ubuntu Security Notice USN-246-1 - Multiple vulnerabilities in imagemagick.
2c932a143e5c6db4068bb308eb07016d50b4791ae71c7affa3c4b64147c4a086
Ubuntu Security Notice USN-245-1 - Maksim Orlovich discovered that kjs, the Javascript interpreter engine used by Konqueror and other parts of KDE, did not sufficiently verify the validity of UTF-8 encoded URIs. Specially crafted URIs could trigger a buffer overflow. By tricking an user into visiting a web site with malicious JavaScript code, a remote attacker could exploit this to execute arbitrary code with user privileges.
137d1369fa980e9e557cf30490ce57d1b20d218f248ea94f0754accf74da61c1
KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability - Maksim Orlovich discovered an incorrect bounds check in kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE, that allows a heap based buffer overflow when decoding specially crafted UTF-8 encoded URI sequences.
de2920898469668b8477e01dd441a86ad76defc9f97dee827f74e04b4fc113f6
Multiple buffer overflows are present in the handling of command line arguments in chpasswd leading to the execution of arbitrary code.
0ebfb70ca1e7383337063fc89108d5c1d67d8ded700ce5d04a9207952c6d22bd
Critical Security - 22:03 2006.01.19 - Tftpd32 2.81 Format String + DoS PoC
49cd1a133d19b760994fc7b65be963ff64ea036b547d9b3018548f5a1df333d9
WebspotBlogging v3.0 suffers from SQL injection due to improper input sanitization. POC included.
85a9df049d3f72684a1b10ce845c1dee3ebc9faad3840e981056139f84e67ae0
IRM Security Advisory No. 015 - IRM has discovered an information leakage vulnerability in TYPO3 that allows remote users to disclose the file system path of the application when requesting certain files.
b385aa7f32f1b3f660c029e843151ccaf36a908f5c9b73246ebe93270c894671
Land Down Under website engine is vulnerable to HTML injection via a stylesheet tag.
a8cbf703b7746d10df0e7ff480a88000007779de01f74161fce93404a6ebf855
MyBB suffers from HTML code injection in the signature field via an image tag.
c410da084c108cd59068f82241a35d6600c0f7a3a16281bfbfccadcdd1c372d9
XMB Forum suffers from HTML code injection in image tags.
7635b757365c91a8a05b5cf0791a698f16e07b42b86fe7d373ccce24e7b0b875
Technical Cyber Security Alert TA06-018A - Various Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
c32012a8e44781f8409f9639566c1b108afe0366c6ed838709ba52283cf0c8ca
Fortinet Security Advisory: FSA-2006-07 - Fortinet Security Research Team (FSRT) has discovered a URI buffer overflow Vulnerability in the BitComet P2P Client software. It indicates a possible exploit of buffer overflow vulnerability in BitComet. BitComet is one of the most popular P2P Client for file sharing, which uses bittorrent protocol. There is a bug in BitComet, a remote attacker could construct a special .torrent file and put it on any bt publish web site. When a user downloads the .torrent file and clicks on publishers name, BitComet will crash. An attacker can run arbitrary Command on victims host by specially crafted .torrent file.
219c9ec0eded6976a100d7e6ae91e416fcf26afd6ecfcd75a5dc11de98fb928e
SaralBlog 1.0 suffers from XSS and SQL injection due to lack of sanitized user input.
94535b50dc337b20cea374c540f4ec94c74b3cbd39b4ecb887439f27c6d6f48b
eggblog v2.0 is vulnerable to XSS and SQL injection.
3aa462996ca11ec741e56a7fdd22879b445af11586c5ab9569118179c6c17f00
Cisco CallManager (CCM) is the software-based call-processing component of the Cisco IP telephony solution which extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, voice-over-IP (VoIP) gateways, and multimedia applications. Cisco CallManager versions with Multi Level Administration (MLA) enabled may be vulnerable to privilege escalation, which may result in read-only users gaining administrative access.
e665fa1c49678a873fbea395221a9b83f27ece918f989d91591c2e9f5d0dc978
Cisco CallManager (CCM) is the software-based call-processing component of the Cisco IP telephony solution which extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, voice-over-IP (VoIP) gateways, and multimedia applications. All Cisco CallManager versions are vulnerable to these Denial of Service (DoS) attacks, which may result in services being interrupted or servers rebooting.
526b6fe76e55d3f5c29d34c72b425c4259e171e9c336c5a68e64b5de33d68420
The Cisco IOS Stack Group Bidding Protocol (SGBP) feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability.
893bdafb33b0995fdf5d4d369fdc534ec823c50ba74e4af414716e55597bbcb8
The following security vulnerability issues have been identified in the DM Primer part of the DM Deployment Common Component being distributed with some CA products.
3bb77b73a739e829a3825d2e8abbaa2acbef94cd5a8a75f892c2a5e96d8e7d82
An ICQ.com search script (search_result.php) is vulnerable to cross-site scripting attacks. An attacker can exploit the vulnerable script to have arbitrary script code executed in the browser of an authenticated ICQ user in the context of the ICQ webpage. resulting in the theft of cookie-based authentication giving the attacker temporary access to the victim's account, as well as other type of attacks.
a5257e8e1d2af84aed2b72552a5755e7eeb34b71c8d79f623e480c71900ec7bf
ar-blog v 5.2 suffers from several XSS vulnerabilities.
e52814ba6ace4fd1b6449020b50302b0d952dd9587fa59c21d3137813b00171f
Blogger's personal page redirection mechanism contains a classic HTTP response splitting vulnerability in the "Location" HTTP header. The problem occurs due to use of unsanitized user-supplied data in the "Location" HTTP header, which enables attacker to inject CRLF(%0d%0a) characters thus splitting server's response taking full control over the contents of second HTTP response. Exploitation of the vulnerability can lead to cross-site scripting (XSS), cache poisoning and phishing attacks.
b1bba7cc5beca200d483fb1ac898c490176fc394f70bf51480e8ff51ed266fc0
FreeBSD-SA-06:05.80211 - An integer overflow in the handling of corrupt IEEE 802.11 beacon or probe response frames when scanning for existing wireless networks can result in the frame overflowing a buffer.
c7e92da25652f196a0c236de3b89e2bc5b35fabba4031b08e7c6f82cba7d1af8
The package SYS.KUPV$FT contains 3 SQL injection vulnerabilities in the functions ATTACH_JOB, OPEN_JOB, HAS_PRIVS. Oracle fixed these vulnerabilities with the package dbms_assert.
cacfccadb67c767daee94524725fa95624e17dcb4d30045bcd1abbb1c25e6f85
phpxplorer allows anyone to view any file on the system via a specially crafted URL.
0e2a165833039e14f64fe587b7e6c02b6d694d30df05d0bd7a27d0241ce52f8f
iDefense Security Advisory 01.17.06 - Remote exploitation of a denial of service vulnerability in EMC Corp.'s Legato Networker allows attackers to crash the nsrd service.
3dd9e50232b3ed57286616217dd334d37e267dd9f103b98f1d2c925be61ba489