Inputs in the SoftMaker Shop are not properly sanitized, and XSS is possible in a lot of the systems input fields and url parameters.
989d64ff92ec348cea175e02feb70987463780058b155ccd053fd704d7becb05Daffodil CRM does not properly sanitize its login inputs leading to SQL injection and authentication bypass.
06980cbcaf09d4bab3e41a2def3cc78c1aa54a9a3b18efdb7c26c54d0ddb1eaaDebian Security Advisory DSA 963-1 - NISCC reported that MyDNS, a DNS server using an SQL database for data storage, can be tricked into an infinite loop by a remote attacker and hence cause a denial of service condition.
e6ab1d91c028d73d11f8c7f0d5784999a330c46c46b1db06b30841c30df3ecf2Mandriva Linux Security Advisory - OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick the user into bypassing intended security settings.
cab961570f8d57ea307af96ad760c20214a37ddfa33fd7ceaa0f0f8d4232b8cdMandriva Linux Security Advisory - xpdf - Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap.
457d43153a758a07d1fdf5b1942ed06b64988c47291163e10a43aa4264defbabMandriva Linux Security Advisory - kdegraphics - Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. Kdegraphics-kpdf uses a copy of the xpdf code and as such has the same issues.
ca847350d4e9c78d595f3eb83ae129c87198bb763c89c946688a6e00d1578608Mandriva Linux Security Advisory - poppler - Heap-based buffer overflow in Splash.cc in xpdf allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. Poppler uses a copy of the xpdf code and as such has the same issues.
300247e8e0078bcc551d8bb369cb9be8515f777b8876478a40e41a8eb90cf1bbMandriva Linux Security Advisory - Buffer overflow in Library of Assorted Spiffy Things (LibAST) 0.6.1 and earlier, as used in Eterm and possibly other software, allows local users to execute arbitrary code as the utmp user via a long -X argument.
15b7408a8aa87c89d102d2c6ae4698e6b81c2333cc852dc17bf2eb4b0a43d337
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed