Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks.
6812fa55f098aeee713be71b7102e2f66b06617c93135fd1fbfcb5f5fab0781cSecunia Security Advisory - Parvez Anwar has discovered a vulnerability in Sony CONNECT Player (SonicStage), which can be exploited by malicious people to compromise a user's system.
633bc6cea6499368e4d45e0fccb534093a1681962f9f60e0d87148d31adef1caSecunia Security Advisory - Luigi Auriemma has reported a vulnerability in World in Conflict, which can be exploited by malicious people to cause a DoS (Denial of Service).
a49a95916949b04fa10fc0c26252d17714395c7b26f40f70886cca5bd934f9fbSecunia Security Advisory - 0x90 has discovered a security issue in Micro Login System, which can be exploited by malicious people to disclose sensitive information.
3324e104df37ae8a8439b83b93cb911085a1b64d53e8a0038e775b2e35092381Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
7dee8ca847a9c13023dc020421443330027063e2567b529ca30886c590e99eb9Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Mozilla 1.7 for Sun Solaris, which potentially can be exploited by malicious people to compromise a user's system.
8a2d69cfe9205357b4c4a32e4dcb5e08ab812882ccb76f9b28bdf849a772789eSecunia Security Advisory - Nortel has acknowledged a vulnerability in Business Communications Manager, which potentially can be exploited by malicious people to poison the DNS cache.
92de1d096683678e2872055e78c3c19ada2307b1bbe2a11b203c09412e951f67All versions of RealPlayer 10 and some builds of RealPlayer 10.5 suffer from a heap overflow in the ID3 tag parsing code.
46421bbdec94678eace2f1448aa87b7317888d18e61f1d242f583bc1db79e149Debian Security Advisory 1388-3 - The patch used to correct the DHCP server buffer overflow in DSA-1388-1 was incomplete and did not adequately resolve the problem. This update to the previous advisory makes available updated packages based on a newer version of the patch.
aa575a2ef5aed2ab88c2ec89366c596430eecb1fb84615f855448062aeb85f21TikiWiki versions 1.9.8.1 and below suffer from a remote PHP code evaluation vulnerability.
1e448247e42b5213f25a1930d3dc3f1fbd07ce7769c7aa65080d354bf82a5b72Secunia Security Advisory - A vulnerability has been reported in Django, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
239531467915702198504158e73a5888cdba35a74b67ca748f5f24b2bb72a569Secunia Security Advisory - rPath has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, manipulate certain data, and compromise a user's system.
c0102b05fd0443b258507f466521284e422cb330cfbf597967c54ad4f676e86eTeam SHATTER Security Alert - Oracle Database Server provides the SYS.DBMS_AQADM_SYS package that is used internally by the SYS.DBMS_AQADM package to provide procedures to manage Oracle Streams Advanced Queuing (AQ) configuration and administration information. This package contains the procedure DBLINK_INFO which is vulnerable to buffer overflow attacks. Affected versions include Oracle Database Server versions 9iR1, 9iR2 (9.2.0.7 and previous patchsets) and 10gR1.
58d76e3a0aef0c6352b4c4758f736521b656d25dc7b79ead00dce2d59a6de04bTeam SHATTER Security Alert - Oracle Database Server provides the MDSYS.SDO_CS package that contains subprograms for working with coordinate systems. This package contains the function TRANSFORM which is vulnerable to buffer overflow attacks. Affected versions include Oracle Database Server versions 8iR3, 9iR1, 9iR2 (9.2.0.6 and previous patchsets) and 10gR1 (10.1.0.4 and previous patchsets).
c1a8396a98fadf1347f49ba35e4dac43085a4c2e84bd788266f80b864f34c281Omnistar Live suffers from a cross site scripting vulnerability.
67292beadd7560c2dab90692f7e2f9806dcc6e9822d9df3c8059a1ba90df0c36AGTC-Membership system version 1.1a remote add administrator exploit.
0b9b008502ba04e1769466e8168120c061c7f4b6e6b26aa36cebd8b6fcf37de5GOM Player version 2.1.6.3499 remote overflow exploit that makes use of GomWeb3.dll version 1.0.0.12. Spawns calc.exe.
906d927f7281a8d6b9f463de5a38983fe8e053fcbf3c0fe5cc7a02137c97ef19Kodak Image Viewer code execution exploit that takes advantage of the MS07-055 TIFF vulnerability. Spawns calc.exe.
ac113a9757fdb12baa7a63fe821b53472c829b45ebe854614e258959e2d484e4Sony CONNECT Player M3U playlist processing stack buffer overflow local exploit.
19b107d7edc7d67b224ebaa14f6fd2ba851bdbb98711f2d2ce4880a13495b6e4Slides from the presentation Oracle Database Vault: Design Failures.
aa413dac2420e9793150ea25140ef356d8f3b5c166c5a82b88e5082a51840006Slides from a lecture discussing Next Generation Viruses.
6cfbaacb1ce17979d011060139f0ba7bfe18bf60ee51ae17acf2c0723f1c8117Slides from a lecture discussing Shadow Software Attacks.
9d3f365a840d4fe79ac57428f939eee876ade4b85c65af44212870259fb87bd6Slides from a lecture given by the Technical University of Vienna Politecnico di Milano regarding AntiPhish: An Anti-Phishing Browser Plug-in based Solution.
11fdb1fd6cf3504814e13cee83b573ad2c17c0fd9b5ca17d7c6ea7217edc9c3eSlides from a lecture discussing Writing Behind A Buffer.
67417f7ee79d3f522c2a4e3d577097a0fbf2a4fb4b71b2b080564f565d937cd5SAXON version 5.4 is susceptible to a SQL injection vulnerability.
23411f8d6a90e9b31e57ceffd7996d568c7aa8f2fdbeaa3bac734ad639ddb4e4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed