Vt-Forum Lite System version 1.3 suffers from a cross site scripting flaw.
f9797bbb1dab51394ce6eb582895096e5a7f79d880d5a1f713ec91def5a9b103
Debian Security Advisory 1225-2 - This update covers packages for the little endian MIPS architecture missing in the original advisory. Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
9b5a61be1209a33b69d9033e026c5875223cfe93f68004bfb082f55278507952
ac4p suffers from cross site scripting vulnerabilities.
9742cc8cffca81247322418075956e8d5d5a22a01dc917c118a77dff7e288e60
FISH is a free file integrity tool that creates a file signature database (default db.xml) for the file types (ie. exe, dll, sys) specified in the configuration file (config.xml). This signature database is then fed to the FISH (sigdb in the config) at a later date to check for the presence of new, deleted and altered files. A brief summary is written to the console and a report (default report.xml) is created, highlighting changes.
67fabcb396b4141f8b2802bce355899c0dd23bd152dfabdb94073250099f2f4c
SMFversions 1.1 Final and below suffer from a cross site scripting vulnerability.
c935e7021fc8cd55dad3b25ac642e258e71a8b21e3a7f1b96d775c147bb55f1a
Debian Security Advisory 1225-1 - Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
b8802fbabc5d6b2f0f5b3911a56141d4315129662cbe5c6e2bb0d79426dfbab9
Debian Security Advisory 1224-1 - Several security related problems have been discovered in Mozilla and derived products. It was discovered that malformed FTP server responses could lead to denial of service. It was discovered that the correction for a cryptographic flaw in the handling of PKCS-1 certificates was incomplete, which allows the forgery of certificates. "shutdown" discovered that modification of JavaScript objects during execution could lead to the execution of arbitrary JavaScript bytecode. Jesse Ruderman and Martijn Wargers discovered several crashes in the layout engine, which might also allow execution of arbitrary code. Igor Bukanov and Jesse Ruderman discovered several crashes in the JavaScript engine, which might allow execution of arbitrary code.
ef157e1f0a10253e32a973c33caeb0b4bfdf188051acc761ef2b4b8cb9266c5a
OnLine Bookmarks version 0.6.12 suffers from cross site scripting and SQL injection vulnerabilities.
ab552bbf4e4b4fab09a753ba4520b0c589e03113f7391334703db2562255b5ad
fl0p is a passive L7 flow fingerprinter that examines TCP/UDP/ICMP packet sequences, can peek into cryptographic tunnels, can tell human beings and robots apart, and performs a couple of other infosec-related tricks.
a6ccc98cfad2330b7baf0827c44657e35cb6c387ab1e55e4b3f8bb762b4161bc
Improper command and information validation transmitted by Hastymail to the mail servers during the normal use of this application facilitates that an authenticated malicious user could inject arbitrary IMAP/SMTP commands into the mail servers used by Hastymail across parameters used by the webmail front-end in its communication with these mail servers. This vulnerability has been found in development version 1.5 and stable version 1.0.2.
a3e1f1a44710237610d3100801340ec499b4ad76630080fc5ed1b6ef649d4782
ISMail version 2.0 is vulnerable to a cross site scripting attack.
c0a92aa12c829c1e72c2441655b5e46a090475e777aaa52e446e0739ca20c876
Listpics version 5 suffers from a direct database download vulnerability.
c61c8acd1531fc32b4717c227bc07cc8db9a1d16f85af612cf1ebf341e3ebd1d
Metyus Okul Ynetim Sistemi version 1.0 suffers from a SQL injection vulnerability.
460fc554c8f75f3d78505a041907e2628ff2735ca06f3f93531ac3272c7a5068
The BlueSocket web administration interface is vulnerable to a cross site scripting attack. Versions below 5.2 are susceptible.
c6811675ab88b514fd32f50e74e601ef360a5b8bee5f7c36be46f781d442d4d0
DuWare DuPaypal suffers from a SQL injection vulnerability.
9b4bd7d5ebfc31a53beb69d6e77955d38813f82e50163fdac194aa7d2273dcde
DuWare DuForum version 3.0 suffers from a SQL injection vulnerability.
8dcb61ca2e31d4ec20d015d8f6f6abd4c395cbaf80218dbce213be500c9ab04f
DuWare DuPortal pro version 3.4 suffers from a SQL injection vulnerability.
163c03bf7d30480dc3dc13e5b65785f4ebeeda6ac5f6967bc6ace288ce88e98f
DuWare DuClassMate suffers from a SQL injection vulnerability.
5a3614ecb663287960802cedff8e00fd96e1f40574d1755d728ffb4870c9ecc3
DuWare DuDownloads suffers from a SQL injection vulnerability.
07ba511d6d0291f78ba3e3768e1247747f11f2a346d2ead2fe8e58ed19ad4b45
DuNews suffers from a SQL injection vulnerability.
9a8e8aafdd6fde0ecc324911018ca2acef930be371902492d1862165f246b185
Mandriva Linux Security Advisory - Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image.
105c2e68437eaadc52aaecc2706328d8c6621e2064ab473b94e18ab28b1e594b
Mandriva Linux Security Advisory - An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges.
8fff966183bc1fab582bbf39741a5eb8380a55dd138a2a7ca53a41a324d52e40
iDefense Security Advisory 12.01.06 - Remote exploitation of an integer overflow vulnerability in Novell Inc.'s ZENworks Asset Management could potentially allow an attacker to execute arbitrary code with the privileges of the administrator. A heap overflow may occur when processing specially crafted packets sent to the Task Server or Collection Server daemons. This problem specifically exists due to an integer overflow when allocating memory for remotely supplied data. iDefense has confirmed the existence of this vulnerability in version 7.0.0.36 of the CClient.exe and Msg.dll files included with Novell Inc's ZENworks Asset Management 7.0 SP1. Older versions are suspected to be vulnerable as well.
e9a40c3458b59e53ba5d15197a2a5455f8843d85ded949fbb675a67d1cd6d2ba
iDefense Security Advisory 12.01.06 - Remote exploitation of an integer overflow vulnerability in Novell Inc.'s ZENworks Asset Management could potentially allow an attacker to execute arbitrary code with SYSTEM privileges on Windows or root on the various supported UNIX based operating systems. A heap overflow may occur when processing specially crafted packets sent to the Collection Client daemon. The root cause of this vulnerability is identical to that of the vulnerability in Msg.dll. For more information please consult the Msg.dll advisory. iDefense has confirmed the existence of this vulnerability in version 7.0.0.36 of the CClient.exe and Msg.dll files included with Novell Inc's ZENworks Asset Management 7.0 SP1. Older versions are suspected to be vulnerable as well.
28d4a5efc7015bd15fb43b1b53ad714be2b1de7923464ddd5634921634236645
PHPNews version 1.3.0 suffers from cross site scripting vulnerabilities.
b5bb4cfb074891e879d885494e7dc1832241a2d66bb3259c18361f0cf5f66d14