Secunia Security Advisory - Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information or cause a DoS (Denial of Service).
5e5aa631a51051db3629b51a25d5ae7e32459260a62fce70a9e462734720eb55Secunia Security Advisory - Luigi Auriemma has discovered a vulnerability in Nero MediaHome, which can be exploited by malicious people to cause a DoS (Denial of Service).
ecebd859814689dd54e86587769016744b465fd819f251dabf6e5d4fa21bccbaSecunia Research has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information. It is possible to download or view arbitrary files by sending a HTTP request to the OpenView5.exe CGI application and passing strings containing directory traversal sequences to the "Action" parameter. HP OpenView Network Node Manager version 7.51 is affected.
89506b7bc5f0f04449d38ee3ec537351b31f34f87178691928c01cbfcd33ae72Secunia Research has discovered some vulnerabilities in Autonomy Keyview utilised in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system when viewing Applix documents. Lotus Notes versions 7.0.3 and 8.0 are affected.
00f2e51ed4830359243fa1bfb86acd7a0f998d30dca342fe5dc7e3a96b202d12Secunia Research has discovered some vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system when converting Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
dc190986cd4c7921c1bdcde0c31b496378adf00e04df9e9fe662f9649a723437Secunia Research has discovered some vulnerabilities Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system when scanning Applix documents. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
2f4705e77c6dd5c59205d4e86c2b9d4586a86bcd535844e69e2abd1a520215e8Secunia Research has discovered 21 vulnerabilities in activePDF DocConverter, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows.
9d8e420b7524d1db8638920060eb95490e597f347afef6f0ff593fb85a893246Secunia Research has discovered 21 vulnerabilities in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows.
e06108e1e13e72d3d8404a3a7ee2cd244552baeecb87255b7066e8f3e2abf001Secunia Research has discovered a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing data streams and can be exploited to trigger a use-after-free condition by returning a specially crafted data stream of e.g. an unexpected MIME-type for which no handler is registered. Successful exploitation allows execution of arbitrary code when a user visits a malicious website. Versions 5.01, 6, and 7 are affected.
e90f1dfc29e7cad026f2886325cd70f2b2962832b7e9ddfae7655bd4282b5014Secunia Research has discovered multiple vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Autonomy Keyview version 10.3.0.0 is affected.
3605041336d2a5de2c5c5ffb6943678b87735251af55a13e83b5b7745aca60fcSecunia Research has discovered some vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. A couple of boundary errors and an unsafe call may allow for arbitrary code execution. A logic error may cause a denial of service condition.
942cab55b7731628fbea98f0716f6090bfef43941e7c7dba8f21769a8dd2a16bSecunia Research has discovered 21 vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows. Autonomy Keyview version 10.3.0.0 is affected.
bf1531ccb3ad4a70c1f8f5fbe587f52ba23f47cdbbcf93a6b7dde0acb1c2ebeeSecunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. Various boundary errors exist in the EML reader (emlsr.dll). Lotus Notes version 8.0 is affected.
a6c1eab0c8545b52bd003d5072b97b31916402b1d1855e88f5e254bc877d35d2Secunia Research has discovered 21 vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a vulnerable system. Boundary errors within the "Folio Flat File" speed reader (foliosr.dll) when handling attribute values of a number of tags (eg. DI, FD, FT, JD, JL, LE, OB, OD, OL, PN, PS, PW, RD, QL, or TS) can be exploited to cause stack-based buffer overflows. Lotus Notes versions 7.0.3 and 8.0 are affected.
51d1e5b8843f54d687126f7bb4817b37560488c7634c0bd1abfa2c0bf6c5aa8fSecunia Research has discovered some vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system. A boundary error within the HTML speed reader (htmsr.dll) when handling links in e.g. the "background" attribute of BODY tags can be exploited to cause a stack-based buffer overflow. A boundary error within the HTML speed reader (htmsr.dll) when handling e.g. the "src" attribute of IMG tags can be exploited to cause a stack-based buffer overflow. A boundary error within the HTML speed reader (htmsr.dll) when handling large chunks of data inside an HTML document can be exploited to cause a heap-based buffer overflow. Lotus Notes version 7.0.2 and 7.0.3 are affected.
4ef2c4b7110f3d7524e338fb87a79eae6cb65d96ff1cff9753bfb48edd809bb6Secunia Research has discovered a vulnerability in Lotus Notes, which can be exploited by malicious people to compromise a user's system. A boundary error within kvdocve.dll when processing overly long paths can be exploited to cause a buffer overflow via e.g. an overly long link inside the "src" attribute of an <IMG> tag in an HTML document. Lotus Notes versions 7.0.2 and 7.0.3 are affected.
ab50855d74e97eceb35e317b095d063f7955075bc8d82e7c523e3f1deb4a3d78Secunia Research has discovered a vulnerability in Adobe Flash Player, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of "Declare Function (V7)" tags. This can be exploited to cause a heap-based buffer overflow via specially crafted argument preload flags. Successful exploitation may allow execution of arbitrary code. Adobe Flash Player 9.0.115.0 is affected.
3008b08306d671064268d28e5e47b8bf5c3136bcacf087043bbc0748d3a5fe91Secunia Research has discovered a vulnerability in ClamAV, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "cli_scanpe()" function in libclamav/pe.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Upack" executable. Successful exploitation allows execution of arbitrary code. Versions 0.92 and 0.92.1 are affected.
a81b3d3c67a63c4ca6a31561c82906b1b5e76f01097c855531283798fd419e63Applications using libpng that install unknown chunk handlers, or copy unknown chunks, may be vulnerable to a security issue which may result in incorrect output, information leaks, crashes, or arbitrary code execution. The libpng project indicates libpng-1.0.6 through 1.0.32, libpng-1.2.0 through 1.2.26, and libpng-1.4.0beta01 through libpng-1.4.0beta19 built with PNG_READ_UNKNOWN_CHUNKS_SUPPORTED or PNG_READ_USER_CHUNKS_SUPPORTED (default configuration) are affected.
d9f18b2e078424f7549cd605507ce814b470dc6ff811315a92fb7070cf843236Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
1fedc2bb4a850c962d6b0938b77b14480297bffa4cbf69ed95c4ee4f35b5db69The NTLM library contains utilities for authenticating against Microsoft servers that require NTLM authentication. The goal of this project is to make libntlm easier to build (by using autoconf, automake, and libtool) for use by other projects.
e7fabcc49530334c9c5f41fe8ec67ca69bfd6196e53d0ebdcab3fdfa5f936f65CcMail version 1.01 and below suffer from an insecure handling of cookie data.
c2263bea8594ac8f352f86436fd1f36e91d417386e15b14d2bbf1953d5a07109Secunia Security Advisory - Stack-Terrorist has reported a vulnerability in the ConcoursPhoto module for KwsPHP, which can be exploited by malicious people to conduct SQL injection attacks.
1a2dca267eaa7470047e48f6f511f093d52a46f5111b330ffadaf3b0a0ed88caSecunia Security Advisory - A vulnerability has been reported in Coppermine Photo Gallery, which can be exploited by malicious people to conduct SQL injection attacks.
016003a538791cb77c4542bd23aebed7dbff155efa17b43fbd64319093f33e33Secunia Security Advisory - parad0x has reported a vulnerability in phpkb Knowledge Base, which can be exploited by malicious people to conduct SQL injection attacks.
a00d63488d3be84bb0c74e4ac045d1a3e261b58352fed9fbeaa72c3b04575582
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed