iDefense Security Advisory 06.10.08 - Remote exploitation of a memory corruption vulnerability in the FreeType2 library, as included in various vendors' operating systems, could allow an attacker to execute arbitrary code with the privileges of the affected application. iDefense has confirmed the existence of this vulnerability in FreeType2 version 2.3.5. Previous versions may also be affected.
f2c22e428f5c55adfcda2877e8130ea56ec91d743b89e502b2f96e1f422a73e6iDefense Security Advisory 06.10.08 - Remote exploitation of an integer overflow vulnerability in the FreeType2 library, as included in various vendors' operating systems, could allow an attacker to execute arbitrary code with the privileges of the affected application. iDefense has confirmed the existence of this vulnerability in FreeType2 version 2.3.5. Previous versions may also be affected.
18935846eb0ff2f48ca7a704216e84691e9e214cb67b355c026afedfc4490df0Todd Woolums ASP News Management version 2.2 suffers from a SQL injection vulnerability.
ee7f7bba4aa48c30d98c228f878fa8b03addfa49d33915cbec2ec569c35bc422Noticia Portal suffers from a remote SQL injection vulnerability.
aeae70ab00fd8568843e82520e702e880bfab5737b4d6ba9eace2cf088806d7dThe Glassfish web administrative interface suffers from a cross site scripting vulnerability.
896bafc4e299de640f07517123fa43ab8ea5a0c057eca4760853b7449f84c0f0Cisco Security Advisory - Multiple Cisco products contain either of two authentication vulnerabilities in the Simple Network Management Protocol version 3 (SNMPv3) feature. These vulnerabilities can be exploited when processing a malformed SNMPv3 message. These vulnerabilities could allow the disclosure of network information or may enable an attacker to perform configuration changes to vulnerable devices. The SNMP server is an optional service that is disabled by default in Cisco products. Only SNMPv3 is impacted by these vulnerabilities. Workarounds are available for mitigating the impact of the vulnerabilities described in this document.
2bf5fae72a18d3fef99f69e4751a6ba0f8f6e59a2409a2de83e53853792406e5The second edition of the Metro Olografix Camp will take place August 21st to 24th 2008, at the "ex Caserma Di Cocco" Park. MOCA is a hacker camp in north-European style, free admittance, open to all, to meet and have fun sharing information and knowledge. The call for papers is now open.
6f68babfbf5a02f8d5ce16f70302286d46827ca69081fcdefcab84aa81661067Yuhhu 2008 SuperStar remote SQL injection exploit.
01632285769fddf81a960f65bcfab1ec488b242f8fc743b7b291405d05c93772ASPDownload version 1.03 remote administrative bypass exploit.
79670344ca2ee563a5ef3696927f17880c06d0188ff8d2a82cc4f09bf8e2c33aASPPortal Free Version suffers from a remote SQL injection vulnerability in reply.asp.
1f993c25dab4c3808226f043fd80ed84d3c747ba4eaff2bda502d691ecda1578Black Ice Software Inc. Annotation plugin remote buffer overflow exploit that makes use of BiAnno.ocx version 10.9.5.0. Version 2 of this exploit.
b94a83cdb2af310a87af8e17eb9179792009925ee84e54bb9f761966fe03dc61Black Ice Software Inc. Annotation plugin remote buffer overflow exploit that makes use of BiAnno.ocx version 10.9.5.0.
327f4916669886c1a3482183209c8e3fd0e06fa7ef03944caaf4f77fe3508147HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely execute arbitrary code or to create a Denial of Service (DoS).
7c315fc123d720414597c8ccf7307ff2c660dbdc9abe474941160ae76ad65885Secunia Research has discovered a vulnerability in Apple Quicktime which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error when parsing packed scanlines from a PixData structure in a PICT file and can be exploited to cause a heap-based buffer overflow via e.g. viewing a specially crafted image file. Apple QuickTime version 7.4.5 is affected.
b202366ac93c27b2e504e35e8d15cb784536258252d3d38696ee339174cc6c1fSecunia Security Advisory - Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
89967708a79ca6630a5cadc1d3da9e2d045268ebbe74e0b23c9a618382302951Secunia Security Advisory - Russ McRee has reported a vulnerability in PHP Image Gallery, which can be exploited by malicious people to conduct cross-site scripting attacks.
3aa2b326f9459e9bf711605cb60791501eaaf43e8c50c3a15f3d7f6385efb14eSecunia Security Advisory - Cr@zy_King has discovered a vulnerability in Powie pNews, which can be exploited by malicious people to conduct SQL injection attacks.
29aed96da3f2220672f2c365063bdd9211caf3421c5fa49a2d6d6017562ff891Secunia Security Advisory - A vulnerability has been reported in various Fujitsu products, which can be exploited by malicious people to bypass certain security restrictions.
824cd1120d64f6d435afc9bd3f90c02cdd8641628ec641bd6ee2dc925e1ceeddSecunia Security Advisory - Some vulnerabilities have been reported in Iconfidant SSH, which can be exploited by malicious people to cause a DoS (Denial of Service).
b8aac7991f59b2d830314f40237cd10ab1b9399dbac0864ef668b23afc7de542Secunia Security Advisory - A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks.
6b6d68d17164b5eee9fe87c92b1268ac75ce5f5411fbb604841d4952a4d0d800Insanely Simple Blog version 0.5 suffers from remote SQL injection vulnerabilities.
c496d50d2a69d624cb119fc41ce56243effb23c7424a8eb22f55dd603c2667c6yBlog version 0.2.2.2 suffers from SQL injection and cross site scripting vulnerabilities.
f83ec61605ce98ae76f90d7db937339003b5448713255fbab93b7037f682f8eaDCFM Blog version 0.9.4 suffers from a remote SQL injection vulnerability.
95d65c6e5c9cad140391cb849a1b0d7884106a422bb3c9e4aca327e1e970a6eeErfurtWiki versions R1.02b and below suffer form a local file inclusion vulnerability.
1cda498919553810997312880f44b52587e77609e2306b48ff4aec436fa827edTornado Knowledge Retrieval System versions 4.2 and below suffer from a cross site scripting vulnerability.
229037684e217e88b242392f13241ce5377a450282cbd8c420d56764e711a9ca
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed