Secunia Security Advisory - Slackware has issued an update for vim. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
0dec27fade7ff2da82ab97fdc18da3e711a2b4269c481acf0153bb5e85a21e0fCisco IOS FTP server remote exploit that escalates privileges to level 15. Specific hard-coded addresses are for IOS 12.3(18) on a 2621XM router. Slightly crippled forcing this to only work when the router is connected to a debugger.
d54246014babb4c769cae5fee17eb1d8d2663d37a25a025002299897d93a764aPhpJobScheduler version 3.1 may suffer from a remote file inclusion vulnerability.
23650d2a3b6bac4f777ac0bee74e153115cdad9ed0fd7eccf20cd70a825230f2The MiniBB RSS plugin may suffer from a remote file inclusion vulnerability.
a4a00121c7140e131ff54e32f56f27cbea490733c014074c2b3b943d37ce7af8Gregarius versions 0.5.4 and below suffer from a SQL injection vulnerability.
9f0d406bb813801ed517b503b413b21dea72accd194c918674d832f0b4460643SiOL Komunikator version 1.3 suffers from an ActiveX related stack overflow vulnerability. Denial of service code included.
4f9759e1fa0a6ff7fda007d2c409ac7efd1dd35826c8d9e8c6795061efeee00de107 BLOG Engine plugin version 2.2 blind SQL injection exploit.
17caad50c0af00e6c1718be5241daaa8003a82713de2e3f7db99d5676c8c56b0CoolPlayer m3u file local buffer overflow exploit that spawns calc.exe.
4e5e0fffaca69df7c0e3301d688a82e2c0ecc6ee247124a2022be19fac9d41daIt appears that humo.be is susceptible to a remote SQL injection vulnerability.
46628abf17586b862d890f9172de06a36ad6b8c6e818df49045eda7f70f6dc80Secunia Security Advisory - Dyshoo has reported a vulnerability in ibase, which can be exploited by malicious people to disclose sensitive information.
9b377161f56f101941d3fec601dca0a0d472c4c4bed184e069bed5a8ec6d8164Secunia Security Advisory - James Bercegay has discovered a vulnerability in Gregarius, which can be exploited by malicious people to conduct SQL injection attacks.
dd4a97946ae53568599c172af14fe9a2d54cdfb46fc0f673de0b472da7422601Secunia Security Advisory - Aung Khant has reported two vulnerabilities in phpMyAdmin, which can be exploited by malicious local users to conduct cross-site scripting attacks, and by malicious people to conduct spoofing attacks.
11ebb8ea214cf9f4ed3b68de38533702f9d61274107d073561a39b9d9e5efa8eSecunia Security Advisory - Sergio
0153f2d3588b42b10863e690106a06d2d677645a2e1691fdeb693cf981a2972fOfficeScan versions 7.3 build 1343 Patch 4 and below from Trend Micro suffer from an ActiveX related buffer overflow vulnerability.
0c2b50cf8236ae8bf547a71005cc9d2fd221cd85aa987b33776ee4ecb0137c00A remotely exploitable vulnerability has been found in the files parsing engine of AVG Anti-Virus that allows for a denial of service condition.
f8e2a7eb9a49fe4f8b79d61199b96c1b7b9d40bb66a745ea0e808ffb49f17b4bMinishowcase Image Gallery version 09b136 suffers from a local file inclusion vulnerability.
12b716582a9d712e7b0fba19e2b78105451225184214e0320152c8035a60de3aVMware Security Advisory - Updated ESX service console packages for Samba and vmnix have been released to address several security issues.
904341d65768747a7481991de55dc59d733b5d767c3855c8baedad9846f2ec4bSecunia Security Advisory - Fabian Fingerle has discovered a vulnerability in Owl Intranet Engine, which can be exploited by malicious people to conduct cross-site scripting attacks.
442b4073413fabd8298c24c245472af90c65689f49d5633fdc4b7d24e7c64faeOwl versions 0.95 and below suffer from a cross site scripting vulnerability.
8b07aa92f2d568035fe89e06ee016bf59945b36fc617bdde35d89e10e009a0d1Mandriva Linux Security Advisory - Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions. The updated packages have been patched to correct this issue.
55937dffca006aefbaafb8896ea5b33e483cd7f7446168d419624a00215adb9diDefense Security Advisory 07.28.08 - Remote exploitation of a denial of service vulnerability in Hewlett-Packard's Internet Services Probe Builder product allows an unauthenticated attacker the ability to terminate any process. The Probe Builder Service, PBOVISServer.exe, listens by default on TCP port 32968. This process has a specific opcode that allows a remote unauthenticated user to terminate any process on the system by supplying a process ID number. iDefense has confirmed this vulnerability in HP's Internet Services Probe Builder 2.2 for Windows with all updates applied.
008faaa9a88b4025fae380301022c90d03ae8550c79cf5851d7a897c791bd88fUbuntu Security Notice 626-1 - Multiple vulnerabilities in Firefox and xulrunner were addressed related to denial of service and splitting issues.
9d634e80f76191cdd15b2b4e0a11ca3c4cb89114f8cae5e64178d060845cffcfUbuntu Security Notice 631-1 - Felipe Andres Manzano discovered that poppler did not correctly initialize certain page widgets. If a user were tricked into viewing a malicious PDF file, a remote attacker could exploit this to crash applications linked against poppler, leading to a denial of service.
0ec6910ad5d0a13b21e10a3f4952dc7ea960a60f14e0dac4f134e1fc3d94e805Ubuntu Security Notice 630-1 - It was discovered that ffmpeg did not correctly handle STR file demuxing. If a user were tricked into processing a malicious STR file, a remote attacker could execute arbitrary code with user privileges via applications linked against ffmpeg.
fc6463f2a1e3761177ff6d9eb5e4e70b1b0cc161e73124c11a89e9dde41c38a4HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Internet Services running Probe Builder. The vulnerability could be exploited remotely to create a Denial of Service (DoS). A successful exploit could cause the system running HP OpenView Internet Services to crash.
b1c674d17ec78a6c95cadfd644d7e346d33d51cb290f53775e21949acbf79691
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed