Secunia Security Advisory - Two weaknesses with unknown impacts have been reported in STLport.
eee44d147ea94423048ba5211efcbb4db48636151cb3545874a0ae4c5466e1cbSecunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
d293cd2bb43fa4fb43e3985735fdbe86cc9439f3b4278c510a1f5ce31cf43eaaSecunia Security Advisory - Sun has acknowledged some vulnerabilities in Apache2 for Solaris, where the most critical can be exploited by malicious people to cause a DoS (Denial of Service), conduct HTTP request smuggling attacks, and bypass certain security restrictions.
9d9f975b47d8abe002e0e57f66ab81f5c2070031eb7049bafdb112f25f1f8cbeSecunia Security Advisory - Sun has acknowledged some vulnerabilities in Apache for Solaris, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to conduct HTTP request smuggling attacks and potentially bypass certain security restrictions.
cec6c3cb3b1bada114ea4ab291156c698843c259e79815c315c670ee22a47222Secunia Security Advisory - Yog and KeyShore have discovered a security issue in LetterMerger, which can be exploited by malicious, local users to disclose potentially sensitive information.
6ac23094a942d3d90f01d0402eacbb66fdb6b6d4e6d2dece16d0c175ffb55ef2Secunia Security Advisory - Some vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users to conduct SQL injection attacks or disclose potentially sensitive information, and by malicious people to bypass certain security restrictions.
de25b55dafc45f138bddefc3111693164ce0f73cef489b478dc101edbd92a9a3Secunia Security Advisory - Ramon 'ports' Kukla has reported two vulnerabilities in NCP Secure Entry Cilent, which can be exploited by malicious, local users to gain escalated privileges.
adff95f425aaf4f1fa01e5d4dcdcc4718565e66292f63a7e9316711d5587cf1eSecunia Security Advisory - KingOfSKa has discovered a vulnerability in VUBB, which can be exploited by malicious people to conduct SQL injection attacks.
77d43f8edec53b5f9c1970ddfff3ade712d380fbb86e88670516c7ff4999c4beSecunia Security Advisory - r0t has reported some vulnerabilities in NZ Ecommerce, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
209746a819e79da7c0c0e3a415ecaa6a90e9bb03cd0be744f53dd8afe321d6c2Secunia Security Advisory - Scott Sinclair has reported a vulnerability in irssi, which can be exploited by malicious people to cause a DoS (Denial of Service).
98d706539bfa04481097451fff3fedaf9634306c6be032ec09bfe9fba84dbc25Secunia Security Advisory - Debian has issued an update for xpdf. This fixes some potential vulnerabilities with unknown impacts.
e706236fdf2350bfb8c753ac78e46da936bdbdb0a7f88fb4d1a5830b7a01cfdfSecunia Security Advisory - Red Hat has issued an update for tar. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system.
4b4b7c8822735653a7ad86bbf1ea5232c7233418c748ea09d70f62afc10c3274Secunia Security Advisory - Alan Cox has discovered a vulnerability in Evolution, which can be exploited by malicious people to cause a DoS (Denial of Service).
c838b6b84a028fa2a090d15029882f84ab91218532b8a6f0e609ebacd0e643ffHP Security Bulletin - A potential security vulnerability has been identified with HP System Management homepage (SMH) versions 2.0.0 through 2.1.4 running on Microsoft Windows. The vulnerability could be exploited remotely to allow unauthorized access to files via directory traversal.
f324a460efb4230938f321b54c1ba7aea824eddfb7b6abe47fdaed64a206bbd1Limbo CMS version 1.x suffers from a remote code execution vulnerability.
9cd4f74502344d6a2967cab022ed97bae2ffa7d4d4b86384730435244580e086The PEHEPE Membership Management System is susceptible to cross site scripting and remote command execution vulnerabilities.
b098120136d7a4eb33f000804826f57a10e093cd67e5c4ea2740a8bc0bb056ebThunderbird's HTML rendering engine insufficiently filters the loading of external resources from inline HTML attachments. External files are download ed even if the "Block loading of remote images in mail messages" option is enabled. Proof of concept exploitation details provided.
057c7809f914d2cc547f908ff073031a5f5aef248cd9adc15a4a1a86adbb1e48PHP4 and PHP5, when used with Sendmail, allow for a security bypass in mb_send_mail.
c145c851aa0176be54e9ab631a049b6fb825e224d09b9d8e6cdba8c73ed9da88A vulnerability in c-client library versions 2000, 2001, and 2004 allows mail_open to be used as a vector to open a stream to local files, bypassing safemode and open_basedir restrictions.
5cad86568fba36d75b88e0c315daf8dc23941ef4f29307560d79ddef418eca1bQwikiWiki version 1.4 is susceptible to cross site scripting attacks.
e5cbcce0328f0ed24cc3dedfc191bb881957a104ded840929d7844cf37d59acdEJ3 Topo version 2.2.178 is susceptible to cross site scripting attacks.
beb93ce5504c3c24f9400a12ca8ad5e645ca57e4c65eb6b1b79f243182749bc7MyBB version 1.3 is susceptible to SQL injection attacks via a malformed user supplied cookie.
18ffdf10dbf996184c334f55fac8e48cecf411f8eaafe1c5935a5b891df589f8n8cms versions 1.1 and 1.2 are susceptible to SQL injection and cross site scripting attacks.
fe471b60db375a64d5b19a4b42c60dabfa75f6dd88154be9fd9797ae544316d4Debian Security Advisory DSA 983-1 - Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in pdftohtml, a utility that translates PDF documents into HTML format.
29572c6e598f16a25909d775f4c4935a9809e944db1cf6f84185809d67071945The ExpressPay stored-value card system used by FedEx Kinko's is vulnerable to attack. An attacker who gains the ability to alter the data stored on the card can use FedEx Kinko's services fraudulently and anonymously, and can even obtain cash from the store.
0721fb96cdf8d42ee8fb8dbb6c780e372c22c3b0075ba652830fc9eb2a7efd49
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed