VMware Security Advisory - VMWare has addressed a folder traversal vulnerability, an insecure named pipe vulnerability, libpng, and various other bits and pieces.
42fe37cf6697bb1a04612faac0d018560285c356a5e5480bf92552485d44e572HP Security Bulletin - Various potential security vulnerabilities have been identified in Microsoft software that is running on the Storage Management Appliance (SMA). Some of these vulnerabilities may be pertinent to the SMA, please check the table in the Resolution section of this Security Bulletin.
b2a3cc29ee59a08932ca5f4f6aa19405b12e3a30d2837a9ad4c86b521c8c3fd1Gentoo Linux Security Advisory GLSA 200803-26 - SUSE reported that the acroread wrapper script does not create temporary files in a secure manner when handling SSL certificates (CVE-2008-0883). Versions less than 8.1.2-r1 are affected.
e0ed8ed4abaf0511244a58d6a4871ae52fa7fa4b829e288474067789d463cc62Gentoo Linux Security Advisory GLSA 200803-25 - Dovecot uses the group configured via the mail_extra_groups setting, which should be used to create lockfiles in the /var/mail directory, when accessing arbitrary files (CVE-2008-1199). Dovecot does not escape TAB characters in passwords when saving them, which might allow for argument injection in blocking passdbs such as MySQL, PAM or shadow (CVE-2008-1218). Versions less than 1.0.13-r1 are affected.
fb1e2aa89b8d638ac9d92a8d9d47c0d14f9b826b630c8234297bdaa619cf3a8fHTTP File Upload ActiveX related file deletion exploit that makes use of UUploaderSvrD.dll.
ed4337680c5d53c397604d3afd9d45b3e2c0137f05e4251b2835977df8361796Registry Pro remote insecure method exploit that makes use of epRegPro.ocx.
7df90c5d8e874b8e50220298a3d3d4af0261dd70bd90d1efa150baef96a938bdeForum version 0.4 suffers from a cross site scripting vulnerability.
afa135572b9c94e85b00f680f3090f9760e6b23981278b16b9f2b5c5c2f299cdGentoo Linux Security Advisory GLSA 200803-24:02 - PCRE contains a buffer overflow vulnerability when processing a character class containing a very large number of characters with codepoints greater than 255. Versions less than 7.6-r1 are affected.
8f41033b1fd7fb0875e7505c07ea4c07077283a804e635c08b2652d0153d2739Debian Security Advisory 1523-1 - Josh Triplett discovered that ikiwiki did not block Javascript in URLs, leading to cross-site scripting vulnerabilities.
eda777f56152d630a024aa6d5fb3c597f56b904cb93b0958c8e5dfef4bc2b2e8Airscanner Mobile Security Advisory #08031201 - FlexiSPY.com's user administration web application contains a critical bug that allows anyone to inject spoofed incoming/outgoing phone records, SMS messages, and Emails into the backend database for ANY user of the software if the IMEI value is known.
e3d6ca133b5a8e633d223d504c43bfadd4699f94a25069643a1522f88efe6e72Secunia Security Advisory - Gentoo has issued an update for libpcre and glib. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
c32bec1d1359e4947372c1713fee92b4ddd38f5b49ddf0144efcfff54787c41cSecunia Security Advisory - A vulnerability has been discovered in Plone, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b6137148f4af59b27ac62f89c798f36b5d6e73d0093fc810c26d38f35f369bd3Secunia Security Advisory - Debian has issued an update for ikiwiki. This fixes two vulnerabilities, which can be exploited by malicious people to conduct script insertion attacks.
8818a441cf4dda770c981cb98ea0749f8c6a59021c1706a626e7f6978d289f49Secunia Security Advisory - Omni has discovered two vulnerabilities in eForum, which can be exploited by malicious people to conduct cross-site scripting attacks.
757b41e13ebda481c719561fcf7202ee0e0998786e4a100832a91a9785a7b9f8Secunia Security Advisory - Robert Mitchell has reported a security issue in CheckPoint VPN-1, which can lead to a DoS (Denial of Service) or disclosure of sensitive information.
4821f3eea3d1bf24886b3c4ceea73a15f0061816c60da0b6a4c062446930488aSecunia Security Advisory - Gentoo has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
61e2ef20a95d0d2f8981dbbf0170c267608146efc8bfce855fc64feb9cf5d56dSecunia Security Advisory - Two vulnerabilities have been reported in Serendipity, which can be exploited by malicious people to conduct script insertion attacks and bypass certain security restrictions.
a955608c9da00e55790ca8feb752f4c46e68008123659bc35883649ad3c64f7cSecunia Security Advisory - A vulnerability has been reported in UnZip, which potentially can be exploited by malicious people to compromise a user's system.
1608ce6ba87e0a053743a69f27e80d4e7b5cc7f3bae88a693cfa77b6c672f8ccSecunia Security Advisory - Kingcope has reported a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
c7c58d8f1c490b2cc2acacde3b73c683670eb78ca0ec53094c8db84c5483d43bSecunia Security Advisory - 0in has discovered a vulnerability in Home FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
485baa393a6788575301fbc0c66c396406f617c46eac3816189aa692520893ffSecunia Security Advisory - RoMaNcYxHaCkEr has discovered some vulnerabilities in PHPauction GPL, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
bcbc8971412e2e1be43033e0da841f7b7ed86ca6d767326c3e1b053cde781af9Secunia Security Advisory - Debian has issued an update for unzip. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
a2c763903d0283ea54079e5ea41fc6999ba3991780a8af1173cdfa003ae9b748
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed