Secunia Security Advisory - Fedora has issued an update for xorg-x11-xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
14dc51c45326ff001607ff1296c526e94ba331166f56a8e989a937eb50b291a1Secunia Security Advisory - Gentoo has issued an update for emul-linux-x86-qtlibs. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
07fef954b8acba12e0af2603f808d42b5fb959dbac647448689ad68b122ecb4fMandriva Linux Security Advisory - A vulnerability in MySQL prior to 5.0.45 did not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, allowing remote authenticated users to obtain sensitive information such as the table structure. A vulnerability in the InnoDB engine in MySQL allowed remote authenticated users to cause a denial of service (database crash) via certain CONTAINS operations on an indexed column, which triggered an assertion error. Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options could be used to overwrite system table information by replacing the file to which a symlink pointed to.
4786ea98c0b6ab4c13f9ed6e23041aa58e952b5a5219846b12a6b0c4d8df2b83Mandriva Linux Security Advisory - Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These flaws could result in heap-based overflows potentially allowing for the execution of arbitrary code.
071701c0fabaad2f7c1bfdd0ccd4270b11700f8a922c419067def121bde606d8Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in Tomcat 5. These issues include directory traversal, cross site scripting, and information disclosure flaws.
fc928971bbba5d3ec38a4c957bde2d5e37d0286c0cd61065975c4ce864e7e40aSQL-Me is a Firefox Add-on tool that was designed to help test for SQL injection vulnerabilities in a given system.
6ce4a02bbb85a9c6c406b35e8f83efda006409c70e3a0585b9b57e72bfa25027XSS-Me is a Firefox Add-on tool that was designed to help test for cross site scripting vulnerabilities in a given system.
6b9eae1b5cc54430f5eba46d847367a742d51ef3f9b20e6c935d8f20998d0138Vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of Novell NetMail. User interaction is not required to exploit this vulnerability. The specific flaws exist in the AntiVirus agent which listens on a random high TCP port. The avirus.exe service protocol reads a user-supplied ASCII integer value as an argument to a memory allocation routine. The specified size is added to without any integer overflow checks and can therefore result in an under allocation. A subsequent memory copy operation can then corrupt the heap and eventually result in arbitrary code execution. Novell NetMail version 3.5.2 is affected.
2ef213b576dde799161a7dca2bb9007bbc157e7e6026f89a655e0f020974aebdDebian Security Advisory 1427-1 - Alin Rad Pop discovered that Samba, a LanManager-like file and printer server for Unix, is vulnerable to a buffer overflow in the nmbd code which handles GETDC mailslot requests, which might lead to the execution of arbitrary code.
953a04fd4afaff880fa1a8ea3d7dc8b2e3cc948048a5080d9f4b34b623ba3d84Ubuntu Security Notice 550-2 - USN-550-1 fixed vulnerabilities in Cairo. The upstream fixes were incomplete, and under certain situations, applications using Cairo would crash with a floating point error. Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with user privileges.
d3e15e2b999793dd56e13bb5b2655354c2fc038a94d214dd96c7555025923f88Proof of concept exploit for DOSBox versions 0.72 and below which suffer from a full filesystem access vulnerability.
d9edebfca5ab154d9c2e0ce95c5431f309ccd15e0cfc99f665028537b6b3cf40DOSBox versions 0.72 and below suffer from a full filesystem access vulnerability.
a54f8377e2d964a7c9f3a20e81a61bda6e6d776b3dd9f8bef8360db1087a7390BadBlue versions 2.72b and below suffer from buffer overflow and directory traversal vulnerabilities.
a826d721f42fb9155643828a9a50fa13fd53f5c584bae47ea9eaad4175b438f2The BarracudaDrive Web Server versions 3.7.2 and below suffer from directory traversal, arbitrary file deletion, and multiple other vulnerabilities.
5626496a320fd4246ac45a177c0c9fc59dd1caf3a99a693f1a96ad7f61f17809Secunia Security Advisory - Fedora has issued an update for drupal. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
95b1fd891052d574ed10423856ab6a4783e14c3a4557a016cfa86e13b78feab2Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially to compromise a user's system.
5a1b832fac6fef486532d9f69ba1ae7d59a650c60112f0f4bba122851404fe6fSecunia Security Advisory - Debian has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
2a7882c8ce7c6762b77376005580023829496cd733b6dd05f1bbe383c6147067Secunia Security Advisory - Debian has issued an update for qt-x11-free. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
fe6bd456486bc0676bdb8b0399ac8afc28e16942a521de4033624f6344a5a9ffSecunia Security Advisory - Ubuntu has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
2fcf6d113c05a2d8f963347946823bf5273df98de80c9449800fc04721462595Secunia Security Advisory - Jesus Olmos Gonzalez has reported a vulnerability in wwwstats, which can be exploited by malicious people to conduct script insertion attacks.
38d966941436b011b677139dabd92b92f8e9bf4125fe81b2183c952f7de4c211Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in Easy File Sharing Web Server, which can be exploited by malicious people to disclose sensitive information and by malicious users to compromise a vulnerable system.
46bb25c3805ef37c60d63a370c58df23cd37c730c7ae3a95044eda15d2eec721Secunia Security Advisory - GoLd_M has discovered a vulnerability in PolDoc Document Management System (PDDMS), which can be exploited by malicious people to disclose sensitive information.
79593b468f86678777635466b8d1a0ef07be31c6f900db777babb2dd3edabaabSecunia Security Advisory - Gentoo has issued an update for ruby-gtk2. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
bd86d32dce4c7b1222000e320b90b25a73300e52c6dae072729f61f935082c69Secunia Security Advisory - Gentoo has issued an update for lookup. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
5281588465d5ada160508dea2bd284e553ded6a55e18e1dbbbafef0dd94460b6Websense Enterprise and Websense Web Security Suite contain a Version 6.3 is affected. vulnerability in the login page that is susceptible to a cross site scripting attack.
e0d22435cb52096d5fa4175db829b5b0428c1c74299c9e999db8f17e4b0fdb73
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed