Nabopoll suffers from a blind SQL injection vulnerability.
6b96a7e362a3d63ef3463228bc2c623dbfe83a1d947a93623af1cc4bcfcb172f
Mandriva Security Advisory - Gnucash versions 2.0.4 and earlier allow local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files.
a58312ea11bca49f80632cb080975f3666c49fff60f447bae1c065dca11d66b2
Mandriva Security Advisory - A format string flaw was discovered in how GnomeMeeting processes certain messages, which could permit a remote attacker that can connect to GnomeMeeting to potentially execute arbitrary code with the privileges of the user running GnomeMeeting.
52d6605509a1caaef0f6e031f119d47bda0ea217efee8fee93ffb4a0a12a01ea
Mandriva Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga.
26d6aaa78c29000b479ee56a732674724a936148245f9bba06b92706812a7728
Whitepaper discussing a serious vulnerability in Google Desktop. The attack is composed of web-application security flaws found in Google Desktop along with exploitation of Google Desktop's tight integration with the Google.com website.
0d0fe93a2dd71d7872267488cb64152eb357a94750078e6b22fbba7faac2a033
FlashGameScript version 1.5.4 suffers from a remote file inclusion vulnerability.
064ccba98cd0a32c7338a6e70b3ca2aa2fe96c839e528b455427da783357d108
SendStudio versions 2004.14 and below suffer from a remote file inclusion vulnerability.
8111e92a394b4b0a345bdb53fc3dc6459a98e7cde4417b3a0ea688fe8252e137
It appears that /bin/ls has slipped into the linux-ftpd distribution for Debian as setgid 0. This could possibly be used to leverage root group access.
9a2c4c72d6921d08161dd1e56bc5e49f3512f537413ccb2c789a4aa74343f336