The Iframe-Cash/Iframe-Dollars Adware company does not only rootkit your machine, it also keystroke logs your banking details. Lovely.
b1813e4a381860177beb2d4841d451719bde3e5627d9a8789ebccc36b67d6ec0Debian Security Advisory 1265-1 - Several security related problems have been discovered in Mozilla and derived products. Several vulnerabilities in the layout engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. Several vulnerabilities in the JavaScript engine allow remote attackers to cause a denial of service and possibly permit them to execute arbitrary code. A bug in the js_dtoa function allows remote attackers to cause a denial of service. "shutdown" discovered a vulnerability that allows remote attackers to gain privileges and install malicious code via the watch JavaScript function. Steven Michaud discovered a programming bug that allows remote attackers to cause a denial of service. "moz_bug_r_a4" reported that the src attribute of an IMG element could be used to inject JavaScript code. Georgi Guninski discovered several heap-based buffer overflows that allow remote attackers to execute arbitrary code.
30c49707966199037decb53c0e4941c6faae1ea6a5cdc8e8e657d83ce41e3144Gentoo Linux Security Advisory GLSA 200703-10 - The KHTML code allows for the execution of JavaScript code located inside the Title HTML element, a related issue to the Safari error found by Jose Avila. Versions less than 3.5.5-r8 are affected.
bcced2e9620602f6184ded8df9419abb96205767c97f5c62bad6a71665af370aphpMySport CMS suffers from a remote file inclusion vulnerability in menu.php.
b6f8cde9f621ac52ba954b1f1c75e49d30c597e47e9d446a9ffebaf71c61ad1aarpalert uses ARP address monitoring to help prevent unauthorized connections on the local network. If an illegal connection is detected, a program or script is launched, which could be used to send an alert message, for example.
2c25fa7a934d2c234a3b9e18f674d9c90386f8b4a51e18867b52a909a2d080f9Seccheck is a feature rich, modular, host-level security checker for Solaris 10. Easily expandable with customized modules, Seccheck produces highly detailed reports based around known and published security best-practices and guidelines. It also produces recommendations on how to fix flagged security issues.
49bd82e46dc8c74f9f065a49e3d0c9a44f47e519c355a3bae7cb7b92903d018fFSlint is a toolkit to find various forms of lint on a filesystem. At the moment it reports duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables, temporary files, duplicate/conflicting (binary) names, and unused ext2 directory blocks.
51be9a10ba885cebc39b24673c96d594944e7b7d3a0f2d1f7ed632b67e1a7d44NukeSentinel versions 2.5.06 and below SQL injection exploit for use with mysql versions 4.0.24 and above.
e3cc24343fd420723a8e26cf924ee898a7a68f6a9c355fcab4fc34d0fe741846PMB Services versions 3.0.13 and below suffer from multiple remote file inclusion vulnerabilities. Full details provided.
560dfa19b6b3d8cbf442115fc20031612e63a1f3839c3539368832c53d468be1Grayscale Blog version 0.8.0 suffers from SQL injection, security bypass, and cross site scripting vulnerabilities.
645903ad556da0bc3a0748ca86238ce02c8e413ec53b4ddbd76691e38a5cdfceDuyuru Scripti remote blind SQL injection exploit.
70cfd9d85a621f64d1832165848bc6bbb369922b87ecba6be653e62d67ef3ebaA remote file inclusion vulnerability exists in SoftNews Media Group.
d8dcf06027c79ca34af18de454fd37480a62f59b2cb981bed97a787dcfc7185aA remote file inclusion vulnerability exists in Script Premod SubDog 2.
2af460772dfd357814dc91de4aee6b002e9594d3fcba1f6a3dde47a99ba8a551PHP Nuke versions 8.0 and below suffer from a cookie manipulation flaw that allows for SQL injection and local file inclusion attacks.
748af9b7537384380eb74b9c56382ba8700522a7ca6b519d851246e3c2e4e1e4Whitepaper that demonstrates an extremely simple technique to quickly audit a software product in order to infer how trustable and secure it is. Oracle is used as a test case. Proof of concept exploit is included.
904c6850febb646527b3645a17ff83d6aba25216e7fbcf87791119aa245eb915Gentoo Linux Security Advisory GLSA 200703-09 - Kees Cook of the Ubuntu Security Team has identified multiple vulnerabilities in Smb4K. Versions less than 0.6.10a are affected.
ad8219aa0975deb02ceb57584cdc4d147ca7e9f12aa836b8a5e2b034d2e20afeGentoo Linux Security Advisory GLSA 200703-08 - Tom Ferris reported a heap-based buffer overflow involving wide SVG stroke widths that affects SeaMonkey. Various researchers reported some errors in the JavaScript engine potentially leading to memory corruption. SeaMonkey also contains minor vulnerabilities involving cache collision and unsafe pop-up restrictions, filtering or CSS rendering under certain conditions. All those vulnerabilities are the same as in GLSA 200703-04 affecting Mozilla Firefox. Versions less than 1.1.1 are affected.
ecaa1e726a2e8cdce8273041013ccaa3441879102769280f1c9c9ff93d0ec1d9The WordPress 2.0.x and 2.1.x releases suffer from a cross site scripting vulnerability in wp_title().
e6eea503e42de5b1bf7d615840d958c79982cffeaae090fc1bc65934cc958f9b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed