HP Security Bulletin - A potential security vulnerability has been identified with HP Select Access running on HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited remotely to allow cross site scripting (XSS).
66210de36a27f4b8171aac99c74cad04ede10914a017cf7eb43ecfaf20027a05Personal Site Manager versions 0.3 and below remote command execution exploit.
372f8d1b42decdc5082a30a955afc5dc085044cd9257dd8eda866dd06344a8aeCoppermine Photo Gallery version 1.4.19 suffers from a remote PHP file upload vulnerability.
b34c883c7280e4986196f02cc4c43ed2172a37b9cf67b47279be752c4a0556d3The Oracle Application Server Portal 10g suffers from multiple cross site scripting vulnerabilities.
a2058580468d54d3295d3c90c7ede45a38a5eef3a30cfc9c97d7592c7faa7c26Internet Explorer 7 clickjacking exploit code.
1e7ddcd6158a18b1a09957183f6b06152f49104e57d017d77e478253b454d6dcWOW - Web On Windows Active-X control version 2 remote code execution exploit.
8a62e6e8ee1b220696af9d8e99fad8c546353389727e07afaec40abe37633df7Debian Security Advisory 1715 - It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks (CVE-2009-0260). Another cross-site scripting vulnerability was discovered in the antispam feature (CVE-2009-0312).
6c6e3123163f34ab54bb206a191c80426831bbce34684883ea9df7ee7843b706Amaya Web Editor versions 11.0 and below remote buffer overflow proof of concept exploit.
3b33c73eda4691c1ee2f13d78db8f910acfc116cfd3dbca78e2ae3296dbd8dd6Thomson mp3PRO player/encoder denial of service crash exploit that creates a malicious .m3u file.
85516b60f7f668cadd6f353c364e053293a2abb0dbf27a4483fc826d19df8386Ubuntu Security Notice USN-714-1 - A large amount of Linux 2.6 kernel related vulnerabilities have been addressed on Ubuntu.
56507138453c994fba1b52bdf86cf04f97679de73f738d0893e2f9d69cbcff46Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
b2ef5393184af31230d6e794d28c8389b934bee1b0dc928852b586c40e6fcfe5Secunia Security Advisory - Avaya has acknowledged some vulnerabilities in Amaya CMS, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
e3c53c71439ba2e176818f10d81ef6330dfdf6a4d4228df25a4cfc968f1dd010Secunia Security Advisory - Some vulnerabilities have been reported in htmLawed, which can be exploited by malicious people to conduct cross-site scripting attacks.
07e2bd86e30471e14bebcc7434d5fdf57be42837280ed2814a0d62d1b0a39f5aSecunia Security Advisory - Debian has issued an update for moin. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
e2ef9b004443add50b555ac4b9fe24703315d9ff291e9c2d490a25720edabac3Secunia Security Advisory - Sun has acknowledged a security issue in Sun Java System Application Server, which can be exploited by malicious people to disclose sensitive information.
4e17996a35c1617a2924561359bbfb0fdd7ace295bec07576c74de6cbe304919Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
4901d1dd71d6282649f00498c9ee6c695443283f6d73eb22c02d62603d8a360fCode that demonstrates the Google Chrome version 1.0.154.43 clickjacking vulnerability.
03574def8d9d7f4c377488d4c1a5b9243ec0d8f75e5d2d7f597a272799ae8201FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a (remote) attacker to execute arbitrary code in the context of FFmpeg or an application using the FFmpeg library.
fdcf90835a6517d5d2a479f58cb2df9924557def551619884e79cb3f547d6180Debian Security Advisory 1714-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
05a5adea0d8ec28c0010e75b95a578fbe74e1759d8175b86d33a04c0cea7878dDebian Security Advisory 1713-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
68f93e87aeb3723d64ef0ed09181b91f5c6221b04ebdc9900b50af215e4bf67eDebian Security Advisory 1712-1 - It was discovered that an integer overflow in the "Probe Request" packet parser of the Ralinktech wireless drivers might lead to remote denial of service or the execution of arbitrary code.
806d1b0b94508c455675218ab282784460171f46e59d0aa75263b9520e2dfd97Core Security Technologies Advisory - Multiple stack buffer overflow vulnerabilities have been discovered in Amaya, which can be exploited by unauthorized people using crafted web pages to compromise a user's system. Versions 11.0 and below are affected.
4f5fe11c68b25a031c852b7dc492461acfaa7a12adbc0ba45ed0651a87ee791aSmartSiteCMS version 1.0 remote blind SQL injection exploit that uses articles.php.
8dc4d65963b9a2e3ec5485d75b7c08e6c1985ae66c0fe9a9e27eff286bdfcbb5The Google Chrome browser versions 1.0.154.43 and below suffer from a clickjacking vulnerability.
27dcfcdabbcecce3e8e4b66b1588af2538f343cb247465ef7a0c037215785377Social Engine suffers from a remote SQL injection vulnerability in blog.php.
250d58cd724dbf96f25515b1811cc40a57dd614cb233d80da00e837194214d87
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed