Secunia Security Advisory - Tan Chew Keong has reported a vulnerability in WISE-FTP, which can be exploited by malicious people to compromise a user's system.
2cc26a7077f94be3c15b76658daa4b7f55f02138e0567b52d2d03a7c7feb3893Diigo Toolbar suffers from a global cross site scripting vulnerability.
21a323d1581282c52404d2bfe4aed45ed5fa7390089119deb2828f1987f77587Secunia Security Advisory - Tan Chew Keong has reported a vulnerability in Classic FTP, which can be exploited by malicious people to compromise a user's system.
5b253b2babbb41c090b19072cc7133efef194c976e8ec3cb68bc78a83d66ac5bSecunia Research has discovered a vulnerability in XnView, NConvert, and GFL SDK, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "format" keyword of Sun TAAC files. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into viewing a specially crafted Sun TAAC file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.70 of XnView for Linux and FreeBSD, XnView 1.93.6 for Windows, GFL SDK 2.82, and NConvert 4.92. Other versions may also be affected.
6d513fbba9ac630cb473e7094e4a5581a9466f3b53e85402becb12abda7c023eMandriva Linux Security Advisory - A flaw in fetchmail was discovered that allowed remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed message with long headers. The crash only occurred when fetchmail was called in '-v -v' mode.
05c7b5e24c351d39bc41c007234a43dc6f5e1acd503ab7b1e453c1579e3d222bA vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise the system. The vulnerability is caused due to an unspecified error when opening and parsing the document. This can be exploited to corrupt memory via a specially crafted function in a Word document. Successful exploitation allows execution of arbitrary code. Demonstration .DOC file included.
109329fdd6960ef2a999f04bf81f09954bc6ce089c304bd5aaa5838d4ec249a8The Facebook fb:silverlight FBML tag suffers from a persistent cross site scripting vulnerability.
12ce66213e05ec6e311c300a52ea6a73436286c058c21c6733c9f54c32e0d897IPTBB version 0.5.6 suffers from a local file inclusion vulnerability in index.php.
cd585ae94bbb4db38defc09246ab850e88b1ae559e0fbb6b9f5b7e65b3da9a67Lightweight News Portal version 1.0-BETA suffers from cross site scripting, insecure administration, code injection, and file upload vulnerabilities.
b4c5e165378d3873d840ce64bc5980119b2a6ea3898b4a30cdbedb8631b45070AJ Auction OOPD version 1.0 suffers from a SQL injection vulnerability.
4049a38bebb5e7a541dd93fd4bc108431f08f1199311972019d1be6b6e389db2AJ Auction Web version 2.0 suffers from a SQL injection vulnerability.
5abf0027e62c843f2e69b120947b6ad5f356292fe5370bf2784cfcd6b08e76b3FubarForum version 1.5 suffers from a local file inclusion vulnerability in index.php.
697bfce36204e5895f32c1f3907d7f29dcb89a0fccdc2a93c19e92f489d8eae1FireAnt version 1.3 suffers from a local file inclusion vulnerability in index.php.
33b7e5d41d5643758b44cd89aac2f84bcd9a885464bc8c3adbb3ce7ef0d460d0Ubuntu Security Notice 618-1 - Memory access issues, buffer overflows, denial of service, race conditions.. all sorts of fun and mayhem has been addressed in the Linux 2.6 kernel branch on Ubuntu.
0acf6967795b6e572efa6fa96bc8daa4c48aa9762c583cd6ee70d852449a6d06Debian Security Advisory 1598-1 - It was discovered that a buffer overflow in the GIF image parsing code of Tk, a cross-platform graphical toolkit, could lead to denial of service and potentially the execution of arbitrary code.
8d4fa0e660fb2391a1e879325519f70d5386c9e51e4687e81785bf17382b497cRFDump is a tool to detect RFID-Tags and show their meta information: Tag ID, Tag Type, manufacturer etc. The user data memory of a tag can be displayed and modified using either a Hex or an ASCII editor. Tag contents can be stored and loaded using a specific XML format. This effectively allows the copy of data from one tag to another. In addition, the integrated cookie feature demonstrates how easy it is for a company to abuse RFID technology to spy on their customers. RFDump works with the ACG Multi-Tag Reader or similar card reader hardware. The tags that are supported for reading, writing, and editing are ISO 15693, ISO 14443 A, ISO 14443 B, SR176(1,2), Tag-it®, and I-Code®.
5b1ec066d28905df8526862c77629c8cecb6f3ea2462021a0b30d8c44d7b30dcGL-SH Deaf Forum versions 6.5.5 and below suffer from local file inclusion, cross site scripting, and upload vulnerabilities.
ebe09075b7348be97113052f9b0888b053a0f94d156ccf5ebcfa6fbe9855baa2Virtual Support Office-XP versions 3.0.29 and below suffer from session management, SQL injection, cross site scripting, and authentication vulnerabilities.
93b343caab0ecc35adc6352a1ada251d3995ee13022c16042bdbd378944667d2Lotus Core CMS version 1.0.1 suffers from a remote file inclusion vulnerability.
f5766ad64fa9af40cecb8eeb19db245574b08b3af340807c192f06118041e4e4Secunia Security Advisory - AmnPardaz Security Research Team has reported a vulnerability in doITLive CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
bd067f418ab1fe2f18d47b3679b353cedcbbbeaf71f467d09ba1928f563d9d7aSecunia Security Advisory - Luigi Auriemma has reported a vulnerability in S.T.A.L.K.E.R.: Shadow of Chernobyl, which can be exploited by malicious people to cause a DoS (Denial of Service).
b4440fde5306fa24ac8d92fb5e71224f9af62e6037501f6dd5f6bf0bb20a610bSecunia Security Advisory - Red Hat has issued an update for freetype. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
5fe29967a5c6a2d4b51d7703b20f238cb9560d346bc12986b6751f127a41aea7Secunia Security Advisory - HaCker_Egy has reported a vulnerability in MyBizz-Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
d79f4428bc0509a2e76e358daa8f84405dbcc81e9aaad6aa0897b0b567a49e9cSecunia Security Advisory - Mr.SQL has reported a vulnerability in Easy Webstore, which can be exploited by malicious people to conduct SQL injection attacks.
25e2e79243bccea1e9c75e4aef9fcfcb16ebb6ae8762e9d4da83a8a60f25e555Secunia Security Advisory - A vulnerability has been reported in SurgeMail, which can be exploited by malicious users to cause a DoS (Denial of Service).
2790867350d0d89f57dbcdabded81f654f9584458a130a991f4a5534143b47da
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed