Ubuntu Security Notice 576-1 - Code execution, cross site scripting, arbitrary upload, and a large amount of other vulnerabilities have been patched in Firefox.
6e23fc127e8464927d11756844b98df4706dfdbbb98e8fae12e67bec66a1da4d
A design error vulnerability exists in Adobe Reader and Adobe Acrobat Professional. A remote attacker who successfully exploit this vulnerability can control the printer without user's permission. Affected software versions include Adobe Reader 8.1.1 and below and Adobe Acrobat Professional 8.1.1 and below.
2e19644bffa577bd8701a1948a0501cf5426c7953565f785203c1835fdf9c479
iDefense Security Advisory 02.07.08 - Remote exploitation of a memory corruption vulnerability within version 9.1 of IBM Corp.'s DB2 Universal Database Administration Server (DAS) allows attackers to crash the service or potentially execute arbitrary code in the context of the affected service. iDefense has confirmed the existence of this vulnerability in the DAS (db2dassrm) as included with DB2 9.1 with Fix Pack 2 for both Linux and Windows platforms. Previous versions, as well as builds for other platforms, are suspected to be vulnerable.
05cdded353cd4797405eeb5933263493101277c8236530276f0fecda19bf5ec0
iDefense Security Advisory 02.07.08 - Local exploitation of a library loading vulnerability in IBM Corp.'s DB2 Universal Database could allow attackers to gain root privileges. When the DB2INSTANCE environment variable is set, the libdb2 library will use the corresponding user's directory in place of the DB2 instance directory. This allows an unprivileged local user to control the directory structure on which several set-uid root binaries operate. iDefense has confirmed the existence of this vulnerability in IBM Corp.'s DB2 Universal Database 9.1 with FixPack 2 installed on a Linux system. Other versions, including those for other UNIX systems, are also suspected to be vulnerable.
001fbc3f1ab8c8f9aca0ac41697d2e04d1ad568a1539fce5f3ce4ed6e5d256f5
TinTin++ / WinTin++ versions 1.97.9 and below exploit that demonstrates buffer overflow and file creation vulnerabilities.
693115c054b0c412eb8390d8f27d3d159800f45e8199968de3bee6ea46969993
TinTin++ / WinTin++ versions 1.97.9 and below suffer from buffer overflow and file creation vulnerabilities.
457ec53a00e25a13c4b27ddaca3b39ba40b22f5d0e054226a7f99c05bc952a27
Proof of concept exploit for Ipswitch Instant Messaging versions 2.0.8.1 and below which suffer from format string, NULL pointer, and file creation vulnerabilities.
7174ed248d7cb08d20269162c186c165e5380d243eed1610bb07eb743ac302bd
Ipswitch Instant Messaging versions 2.0.8.1 and below suffer from format string, NULL pointer, and file creation vulnerabilities.
0293b0690033eb44098fdcf57059877ac0df7b1c86523344cbbcbcd616c8f80d
bcoos versions 1.0.11 and below suffer from a SQL injection vulnerability in ratefile.php.
38bdb1c93d65f5d868b72f8a95e3185a35d71b228320eb5188cdca4fd3a3bb51
Mandriva Linux Security Advisory - The ReadImage() function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact.
f398b921a0bfa7f65e225844058f729e3d3192a847ac229846308e781bfb5577
Mandriva Linux Security Advisory - The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code.
a328f3e6cb1a2eb64d3d33a02451f11d7793fa5034d168ae7fbf4adf8843165d
Mandriva Linux Security Advisory - A buffer overflow in the giftopnm utility in netpbm prior to version 10.27 could allow attackers to have an unknown impact via a specially crafted GIF file.
aefbd16a2a6b6ba80d1aa2d4b1550c6064e700048028378b5cd0a8adb2454d31
Mandriva Linux Security Advisory - Buffer overflow in the LWZReadByte() function in gd_gif_in.c in GD prior to 2.0.34 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow when initializing the table array. This was originally fixed in PHP's embedded GD with MDKSA-2006:162; patches had not been applied to the system libgd at that time.
75a743379f48b6ad6a3bc634014ed7d730aae593d12cd133a70e5ea462fbefd2
Mandriva Linux Security Advisory - A stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image file that contains a long joliet file name. In addition, a fix for failed UTF-8 conversions that would cause a segfault on certain ISOs was also fixed.
fe300ce6a848ba735287c86ae67cf808b28b2815e1bcb3b14c563d7ecc112b29
Backup Exec System Recovery Manager versions 7.0.1 and below file upload proof of concept exploit.
ee1e884145bd69e458fc0939f1a4ccdf7815e2de211d2ce86ec7cc531ae21e68
SapLPD version 6.28 remote buffer overflow exploit for win32 that binds a shell to port 515.
37e3b45b3309b550f9869d20af68f0056d76a34e939c11d46b2d98983436f323
Total Video Player version 1.20 M3U file local buffer overflow exploit that can bind a shell or spawn calc.exe.
fd85f017df72ab2ea29022df809d712f6806a9665f23acea21418f9fb1fc2abd
The Joomla component Commonwealth Business Council suffers from a SQL injection vulnerability.
3e3c377fda0dfa70c13354936f7d6200f0bbf845c97745d32f23f46835f909b4
Checkpoint SecuRemote/Secure Client NGX R60 for Windows VPN-1 suffers from an insecure credential storage vulnerability.
f1b4f746f7f2046948fb59914e8e10b59a612b89d8f9545c996c0641313f08da
MODx CMS versions 0.9.6.1 and 0.9.6.1p1 suffer from cross site scripting and cross site request forgery vulnerabilities.
81bb0829b1520253b4f76af5c77c69518d95da6d64726c5e3ab9489ee88a74a7
Secunia Security Advisory - Trend Micro has reported a vulnerability in ACDSee Photo Manager, which can be exploited by malicious people to compromise a user's system.
a627ff8f1b29aeae6f59ef36a0d6160a00ffb61312b5529ec04b5b55968182f7
Secunia Security Advisory - rPath has issued an update for icu. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
8809555e89d6d9a56a2ff5af8948b913f9f2d5244f69ac49ab084a260ab223c7
Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Edge Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
f407abeb28d72c7c15de0352fc763fa4f94f76aeb242643d776f49eeeba0bd7b
Secunia Security Advisory - Moubik has discovered a vulnerability in Mihalism Multi Host, which can be exploited by malicious people to conduct SQL injection attacks.
2af5eade220b0b2c2575fa24d2814bdf8be2e77b5d6d55c5a208094a85c754c5
Secunia Security Advisory - Some vulnerabilities have been reported in SAPSprint, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
530b9527629a4ac0e3cfe081da81d71c358b292a0674754085a157fb16920f4a