Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in BosMarket, which can be exploited by malicious users to conduct script insertion attacks.
646ce109cd02f8ceba9af817b2b294864ca45bf9f272f1327f38cfdb9202380fSecunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users and malicious users to cause a DoS (Denial of Service).
0fbfcbf967cd330d11580a51cbe588578373ec1c18702b30dbf82c892256dc49Secunia Security Advisory - morin.josh has reported a vulnerability in SWAMP, which can be exploited by malicious people to conduct cross-site scripting attacks.
31d21fc9a12ddb04572490f16afbb15f6091b26787b6ad7cae860fa60dfbd38cSecunia Security Advisory - Hiroshi Ukai has reported some vulnerabilities in Ichitaro, which can be exploited by malicious people to compromise a user's system.
8aacb9c9bb834214d4a925b50c7b3a2bf916cbdb0e9f83a109bd57d43823d360Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in Aleris Web Publishing Server, which can be exploited by malicious people to conduct SQL injection attacks.
38ed5f7d93143eb874c9eb62f545ffd5563c1673b5d0ab7c834a260225c3cf1fSecunia Security Advisory - Gentoo has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
0f3b106fa412f330b790f7fe50045733fb73867408f78e65ae987679921eb666Secunia Security Advisory - eliteb0y has reported a vulnerability in Apache Tomcat, which can be exploited by malicious users to disclose potentially sensitive information.
cc7d95b8ff5908c01a4e14bf7116e1a91631b1e3dec4473ff067e2896fa5365cSecunia Security Advisory - Fedora has issued an update for blam. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
d3beef3dc5fb16af43760a1add01266a9ff1e880919906c4c1ee2bbdbfd3fc16TikiWiki versions 1.9.8.1 and below suffer from cross site scripting and local file inclusion vulnerabilities.
68726f8d13e39d891bbfd7200d0bf47bc2dafef0620f7b3b69d127005a1a3b33shttp versions 0.0.4 and below suffer from a directory traversal vulnerability.
96dcb3185fdd805ccc84a3053fe448614dd1377269b4cbb46a38fe1835580bb2iDefense Security Advisory 10.25.07 - Local exploitation of a buffer overflow vulnerability within Tmxpflt.sys, as included with Trend Micro Inc.'s AntiVirus engine, could allow an attacker to execute arbitrary code in kernel context. iDefense Labs has confirmed the existence of this vulnerability in following Trend Micro Products: Trend Micro's PC-Cillin Internet Security 2007, Tmxpflt.sys version 8.320.1004 and 8.500.0.1002. All products using Trend Micro's scan engine such as Trend Micro ServerProtect, Trend Micro OfficeScan are also suspected to be vulnerable.
b314be90bd52c861475b0bc304415f6bb6eefe9113b790ec7a615f586d84fc43i-Gallery version 3.4 suffers from a direct database download vulnerability.
9f1e4859ed61dc7769548528789c55e3249f326bf19913d77a2c6ea8dffac8caThe helpdesk utility called usd250 suffers from a cross site scripting vulnerability.
68208b8694df5e6a681f5078da14221c75ded411ff2a9c44084035c3577c90c5Secunia Security Advisory - Fedora has issued an update for epiphany-extensions. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
6a88c1659be6ab6610825ca1d009e8a4a536c1defdbaeea2766f28fd638b7ba4Secunia Security Advisory - A vulnerability has been reported in HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM), which can be exploited by malicious people to disclose potentially sensitive information.
410f3555675831091012476e6488932b8b919bbf048056bad16b298905466321Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
b548449f5350373e73e84b13c632e114818a933a220e4ef993f9ec6ff9ae151cSecunia Security Advisory - rPath has issued an update for php, php-mysql and php-pgsql. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
930338ddee1b8873509e8126305a88a7a10f6eb1f1e459091ab18579ca0a082aSecunia Security Advisory - Aria-Security Team have reported some vulnerabilities in CodeWidgets.com Online Event Registration Template, which can be exploited by malicious people to conduct SQL injection attacks.
2decc31480700d4b5a29998937a2d34fa12c004e4a26f2fe2177554bc241f1c1Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
83afc8ed5ef376653f86a0e2ee0defd06826a3f6d42ea4c540af4e0ffafe6b4aGentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.
eab1acd588148e6adf677900e62f05bdaf7074c1aa70850b6845ac89dbdd0b41Gentoo Linux Security Advisory GLSA 200710-26 - Kees Cook from the Ubuntu Security team discovered that the hpssd daemon does not correctly validate user supplied data before passing it to a popen3() call. Versions less than 2.7.9-r1 are affected.
012b7d4d52e8e4e09de2bdfd2094c95d865d951d644213ac90d25fd0f76d71b8Gentoo Linux Security Advisory GLSA 200710-25 - The Gentoo MLDonkey ebuild adds a user to the system named p2p so that the MLDonkey service can run under a user with low privileges. This user is created with a valid login shell and no password. Versions less than 2.9.0-r3 are affected.
a9cc2c13b2f25aae4cc6e67d85ce50710789974a348bb9ba2658c94d72f28fafDebian Security Advisory 1389-2 - It was discovered that zoph, a web based photo management system, performs insufficient input sanitizing, which allows SQL injection. This is an updated advisory to make the update for oldstable (sarge) available, which had been uploaded to the wrong suite.
f8ca2fb7175e3642e21336e27e8c6c2a603a8d477089fb70cb2b30e87dddd8ebTechnical Cyber Security Alert TA07-297B - Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
cc3fbb5692b6ba90a94d59bd1b329f210cbcbfa34f116d9a4982522bd7c7cbe7Technical Cyber Security Alert TA07-297A - RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist parameter passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
59aff07fbc7cb248a79460c34338a09f4c05f561284997fab82a6468a04eb42b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed