E-Topbiz Slide Popups version 1.0 suffers from a SQL injection vulnerability that allows for authentication bypass.
3e48da804475e01a981be5dee6342aa23950d0465da5f38464a519dc0454e307
Ubuntu Security Notice USN-666-1 - It was discovered that certain email headers were not correctly handled by Dovecot. If a remote attacker sent a specially crafted email to a user with a mailbox managed by Dovecot, that user's mailbox would become inaccessible through Dovecot, leading to a denial of service.
cb9adf49af566bb890cb7ccccbddd9f251d03dfc07b02d00c784ebf84e81b01c
Ubuntu Security Notice USN-662-2 - Anders Kaseorg discovered that ndiswrapper did not correctly handle long ESSIDs. For a system using ndiswrapper, a physically near-by attacker could generate specially crafted wireless network traffic and execute arbitrary code with root privileges. USN-662-1 fixed vulnerabilities in ndiswrapper in Ubuntu 8.10. This update provides the corresponding updates for Ubuntu 8.04 and 7.10.
940bd6c7328297f81b0093791afe47903f029b15c5c7651485e01695cf8cc8f7
Ubuntu Security Notice USN-665-1 - It was discovered that Netpbm could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.
9de42ea2239878ba4794554c3445c8885c96292f92a2383c54e988f376a1513e
Ubuntu Security Notice USN-664-1 - It was discovered that Tk could be made to overrun a buffer when loading certain images. If a user were tricked into opening a specially crafted GIF image, remote attackers could cause a denial of service or execute arbitrary code with user privileges.
5aeecb2ae52fcfe84fc6e94dbbad6b5856d6f269b655667c3146f80cedb27d38
Mole Group Pizza Script suffers from a remote SQL injection vulnerability.
2a0e6631d31cba3b5eafc3cd8dfa34ccf868f9dc930709924e4bb210119b321a
Orb Networks' Orb media server is vulnerable to directory traversal attacks. Users can leverage specially crafted GET requests to read arbitrary files.
d6e335278f3dfcaf019649c8b81cbbd93ede890e2ead477438fb0b7644ef8c1f
HP Security Bulletin - A potential security vulnerability has been identified in the AdvFS "showfile" command running on HP Tru64 UNIX. The vulnerability could be exploited by a local user to gain extended privileges.
69bd23f52d637f86c7bea305734765686bd50361b540faa0fca111e5feef8791
Radcom CMS suffers from a cross site scripting vulnerability.
3bfdc21eb7f16475585a8d3320ac089c213d377131903de6007d4d99b041e1ee
Aftab CMS suffers from a cross site scripting vulnerability.
fe050d8b654343d232bb3db64f9184993b616d48339dbc4a073c2086c66ab10f
The VLC media player contains a stack overflow vulnerability while parsing malformed cue files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected.
bacacae2218bff994d1f4690cf40e8cb5c6f0b1cbb4bd868b2cb024828b76d85
The VLC media player contains a stack overflow vulnerability while parsing malformed RealText (rt) subtitle files. The vulnerability can be trivially exploited by a (remote) attacker to execute arbitrary code in the context of VLC media player. Versions below 0.9.6 are affected.
61e27c6eddbf9e4287833b974a6c98a8cbff9ad64f0e65b56725d5eebcbb162b
turnkeyforms Local Classifieds suffers from cross site scripting and remote SQL injection vulnerabilities.
72b63f5ebbf13f1ecfe79bb09f26a262db2083745a6b73ae59d0d207f301b04d
SoftComplex PHP Image Gallery suffers from a remote SQL injection vulnerability.
eb714c423158f10395b7f94e512aebe23d3543341ea8ce837617349b493adea7
DeltaScripts PHP Shop version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
2915f302ccf2992b77464021631df12a5c503d9aac14cbadd17465de5e8ad5db
DeltaScripts PHP Links version 1.3 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.
4e62c0d60947b9dc4bf31a1487753ff5fed1f4519848469fecaed2e9c8e5eccd
DeltaScripts PHP Classifieds versions 7.5 and below suffer from a SQL injection vulnerability that allows for authentication bypass.
18b9140b8d831d6d1797a3463d7d642992dd44b0bc96e9131c9abec20447bfb9
LoveCMS version 1.6.2 Final suffers from an arbitrary file deletion vulnerability.
018df8e00025c36c6a664e51f7e009fe1769be73fdc916c25dc854d0509b85de
Pars CMS suffers from a cross site scripting vulnerability.
36456a3b75306fe13b8d212e79ed4deb7c53fbbeb3c7bbf9984584bdb61b5388
Armaghan CMS suffers from a cross site scripting vulnerability.
e1c2e64307a27f17cb5a38a4a7bc7637771d9da2a967da11703acf5de07b73bd
SoftComplex PHP Image Gallery version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
aedc98173f1da09aa034763f3cd7f41e0a68d8fdb09baf0277805187fc84252e
MySQL Quick Admin version 1.5.5 suffers from a local file inclusion vulnerability.
634617d7adea7453287a9ccd2c0ea33899100d0b0389c13bc8bdff9f194fd174
Big Dump version 0.29b suffers from a remote shell upload vulnerability.
fce761bc7bdc2cf466340486b383e0a410229f8944db08e8e1825ea365364562
Whitepaper discussing various infection gateways.
5a8c33cea1bf26eee1042ba0601ed180094d88fa5b872221fa7b9230af9c356e
Arab Portal version 2.1 suffers from a remote file disclosure. Applicable to Win32 only.
71eae9876e2ea7f2f3807435b3501a98951165a374068194d36418b8695f8e6f