Technical Cyber Security Alert TA06-200A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
729654164b51a6a62c67a7fc463fa5e4908171755072dd0b90197fb632583582
rPath Security Advisory - Previous versions of the libpng package contain a weakness in processing images that is known to create a denial of service vulnerability and is expected also to allow unauthorized access. This weakness is triggered by malformed png images that may be provided to applications such as web browsers by an attacker.
32f2e1977a6be9cee119a0f457b46c0c4d26ac2322445ba8f7d03d2f5c6150e9
Gentoo Linux Security Advisory GLSA 200607-06 - In pngrutil.c, the function png_decompress_chunk() allocates insufficient space for an error message, potentially overwriting stack data, leading to a buffer overflow. Versions less than 1.2.12 are affected.
c52c1fdc9df9fae168bd21bb5d44e810ceff1c721841f8a39adffea4bc0ea41d
Cisco Security Advisory - Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains vulnerabilities related to third-party software and the command line interface (CLI). CS-MARS ships with an Oracle database. The database contains several default Oracle accounts which have well-known passwords. If access to the database is obtained, the default accounts may be used to access sensitive information contained in the database. CS-MARS ships with the JBoss web application server. A component of the JBoss installation may allow a remote, unauthenticated user to execute arbitrary shell commands with the privileges of the CS-MARS administrator. The CS-MARS CLI contains several vulnerabilities which may allow authenticated administrators to execute arbitrary shell commands with root privileges. All vulnerabilities addressed in this advisory have been corrected in CS-MARS software version 4.2.1.
6d8365bbd3df900adf1c27abe88979a9285dccdcd49ddb8df480d3c4b145d83c
rPath Security Advisory - All versions of the ethereal and tethereal packages contain vulnerabilities in packet dissector modules, which may allow various attacks including subverting the user who is running ethereal. Since ethereal is generally run as root to view network traffic directly, this may allow complete access to the vulnerable system.
c44a6d6485544a4f0867e5c2113e2255a5f08d8b4523239a0d24aa294287a2ef
Ubuntu Security Notice 320-1 - Multiple vulnerabilities in php4 and php5 have been fixed in Ubuntu.
ed4325f174f86f7991aa6c241942bd4940d3f151a71e55e144c77ccbc88a385b
The Demo Store version of AFCommerce Shopping Cart is susceptible to SQL injection and cross site scripting flaws.
af49e1fb5a31ada2438785fe63a8aee4c5ffc469e25e30ba194fe642e1d3ac99
RPS, or Rigter Portal System, versions below 4 suffer from file inclusion and SQL injection vulnerabilities.
eb30668f52a301223fdc15b4a56edd24bd66ea7a0c2f648136d2163df0b6182e
WinRAR versions less than 3.60 beta 7 and greater than 3.0 suffer from multiple buffer overflows due to a lack of constraints while copying data.
f8b7381f74499f50992c3a3cf3c3f915a313f8b38f1c339d779fb109ce1a2ea2