VDA Labs Advisory - Ipswitch FTP suffers from a cross site scripting vulnerability.
4724183e38c8f8f92c9d8d5ac9fcf53321d3f20875d52eda218d572ac90f2525Technical Cyber Security Alert TA07-235A - Multiple buffer overflow vulnerabilities and an integer overflow vulnerability have been discovered in the RPC interfaces used by various components in Trend Micro's ServerProtect software package. These vulnerabilities could be exploited by a remote attacker with the ability to supply a specially crafted RPC request to the system running the affected software.
97a4f35b86996204d4335c89074fa98cf98f0fdb80c5b8d72adcda5a09ef2579Mandriva Linux Security Advisory - Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
f5cd3a839b74573668b70ec1a548f2844302a4ef684ad1f8b724abe85ed23526Gentoo Linux Security Advisory GLSA 200708-17 - An error known as a virtual function call on an invalid pointer has been discovered in the JavaScript engine. Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified circumstances in the BitTorrent support. At last, minor other errors have been discovered, relative to memory read protection (Opera Advisory 861) and URI displays. Versions less than 9.23 are affected.
a631ac4552c2f3bb4f44d2668ca99c69711d7c9a6895a750859b5aa7937d32e0Gentoo Linux Security Advisory GLSA 200708-16 - Tim Brown of Portcullis Computer Security Ltd and Dirk Mueller of KDE reported multiple format string errors in qWarning() calls in files qtextedit.cpp, qdatatable.cpp, qsqldatabase.cpp, qsqlindex.cpp, qsqlrecord.cpp, qglobal.cpp, and qsvgdevice.cpp. Versions less than 3.3.8-r3 are affected.
80a0f7dba946f1db00ba3c0d7e46e7509d5e70a1ae25e2200e1a0ad559695e67Proof of concept buffer overflow exploit for the Asura engine included with Rogue Trooper versions 1.0 and below and Prism: Guard Shield versions 1.1.1.0 and below which suffers from a buffer overflow vulnerability.
7618b4bbc8c5df0185b1b622c41fdfb807190b4aeb24b3f171fd8e33d014a9b6The Asura engine included with Rogue Trooper versions 1.0 and below and Prism: Guard Shield versions 1.1.1.0 and below suffers from a buffer overflow vulnerability.
b2da20b37df5ce4d44f52dde0e4992d9bbd948fe01888fca9909218c4aa7dce6Whitepaper entitled "Las nuevas backdoors", discussing new techniques in backdoors and sniffing. Written in Spanish.
ad3835828509aa5430280f10dce98cbff07e56d28bf314f1479c5d2519d64339Amsterdammail (www.amsterdammail.nl) is susceptible to cross site scripting and SQL injection vulnerabilities.
bf1eb1c6fca2254cc752c98536e303b4fbdb12e044040fdc4d8b6f7747344744HISPASEC Security Advisory - X-Diesel Unreal Commander version 0.92 suffers from name spoofing and directory traversal vulnerabilities.
4b6405903518d8cc539aa225d0ae78b40266ba8b21b84f35ab602aeb57c85e05The Thomson ST2030 SIP phone is susceptible to a denial of service vulnerability. Exploit included.
fcc85d3d9b95f6bd30e103330b1aa858315aa973f24e7a77ced2548d94dbb610www.search.org suffers from cross site scripting vulnerabilities.
a361ba12d0d38a0dc5da2d19a078692691f3f766d218663860067edffa2ab989Mercury/32 version 4.51 SMTPD CRAM-MD5 pre-auth universal remote stack overflow exploit.
aa372807d8f3416528598fa33aea32d6d542c358719e925a5c8c3e63b6059260PHP FFI extension version 5.0.5 local safe mode bypass exploit.
fafd0498802d5483eb48ea5a6830b9140d11592ed65bcef8808d6077e6e67588PHP versions 5.2.3 and below win_browse_file local buffer overflow exploit.
3a75a22cfd4a2161f1f86673799e91c18321b25a862d091c59040553327452fcPHP versions 5.2.3 and below win_browse_file local buffer overflow exploit.
eed40468d521dbe25dc18d44f115c6ea69433c0c26f75d387a8c86a96659bccaBibTeX Joomla component versions 1.3 and below remote blind SQL injection exploit.
1c22c4bc295e0d7f78966f02e037d618badf6a77b5a987209a94bfedaee7595eThe EventList Joomla component versions 0.8 and below suffer from a SQL injection vulnerability.
9ba1bbb5d396863c7be159435f99c4aceb68799301c55082ea029f501ed159c1The Nice Talk Joomla component versions 0.9.3 and below suffer from a SQL injection vulnerability.
5e12d5334fad86e6094390675f8eed715a29a78eb454ca6b8fd0d6cd691185b8The RSfiles Joomla component versions 1.0.2 and below suffer from a local file download vulnerability.
3719054eece148909ce57b903973845eeb78f194cb5adf06c202318064e3dd93The RemoSitory Mambo component suffers from a SQL injection vulnerability.
8f96cfae99fea19e3bad40df24b42b2bca4ca479108ab048dd2850572aff30dcThe NeoRecruit Joomla component versions 1.4 and below suffer from a SQL injection vulnerability.
8850f28a326f1fc7ab2bdd7e96f991affb1ae8bb717c1988744ab02efc7ffb28PHP version 5.2.3 php_ntuser ntuser_getuserlist() local buffer overflow proof of concept exploit.
250dc104b4edbe5da195bf85ca78c5ddff4913d4ba7e7c83a7566c8fd85b27d6SPIP version 1.7 suffers from a remote file inclusion vulnerability.
04f73ad6f29fb12727e3185360feafb337b9510e90aefe7f66758e66bbf34456phpress version 0.2.0 suffers from a remote file inclusion vulnerability in adisplay.php.
af002fcd8460bc218a7044bf3c0f7d1f8f6596338a22a0f79eb2a5f09eb54847
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed