XOOPS versions 2.3.3 and below suffer from a remote arbitrary file disclosure vulnerability.
90a26a198c42f778f73dd4c48b0c816e5e9e025665d5a8c962b4932890af1bb5This Metasploit module exploits a stack-based buffer overflow in Green Dam Youth Escort version 3.17 in the way it handles overly long URLs. By setting an overly long URL, an attacker can overrun a buffer and execute arbitrary code. This module uses the .NET DLL memory technique by Alexander Sotirov and Mark Dowd and should bypass DEP, NX and ASLR.
d0b4aaedaa43dfb14fc35f1443b4c0e80d58b6bd44a192f96fef4cee92df1ad8McAfee version 3.6.0.608 Policy Manager arbitrary data write vulnerability that leverages naPolicyManager.dll.
efbbdf27dd56a748cf84d7d869af0e2803311babc76bae3b22befaee5a7e1fd8The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
d15f2fb73c3fab775a18be2af364e62f3cefdb7bd558bc7310ee6217c9f7159cThe release of Tomcat as included with CA Service Desk r11.2 is potentially susceptible to a cross-site scripting vulnerability. CA has issued a technical document that describes remediation procedures.
d707e5a41acfb37cf9412d440b94a1a0a483c37fdfd80518eae28728bf326b60CA ARCserve Backup contains multiple vulnerabilities in the message engine that can allow a remote attacker to cause a denial of service. CA has issued an update to address the vulnerabilities. The vulnerabilities occur due to insufficient verification of data sent to the message engine. An attacker can make requests that can cause the message engine to crash.
7fc7703516c70a91ea9a307108dc90e534db45f1157a750a6798f2880f833fd9TrueCrypt is on-the-fly disk encryption software that can create a virtual encrypted disk within a file and mount it as a real disk. It can also encrypt an entire hard disk partition, or a storage device such as USB memory stick. It supports plausible deniability.
a6281d4ebda00c2384a460f67015b8899716e140c30d441694acad31ece4e5a8The parsing engine in ClamAV versions below 0.95.2 can be bypassed by manipulating RAR and ZIP archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.
cd01713e1fa44a2538cd9d9db21917cfb29f9249b3fbe9364d85a76bebad8d77phpMyTourney suffers from a remote file inclusion vulnerability in adminfunctions.php. This is using the same variable as was discovered in September of 2007.
446aac5f3e1e18167941aa036e885fe18210382a3f375f6924e42328fb95288dSecunia Security Advisory - Ubuntu has issued an update for tomcat6. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information or manipulate certain data and by malicious people to cause a DoS (Denial of Service) or disclose sensitive information.
52be5a7d8d4f8ec133fe224385581615512468fa08d0523f3f84f612c22d612bCA ARCserver Backup r12 SP1 suffers from a denial of service vulnerability when a crafted RPC packet is sent to the Message engine service listening on the 6503/TCP port.
d100df20dbf699b0a22cc11a36a303cf4de361999e6be3a5f64269392317896cSecunia Security Advisory - A vulnerability has been reported in Free Joke Script, which can be exploited by malicious people to bypass certain security restrictions.
4d891a693aaa0ac816c76da3a08eed6bfb2780955746f50158c7857a09fce07bSecunia Security Advisory - Fedora has issued an update for mingw32-libpng. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information.
8d77677a7e6c9a90a5cbceb36a06bd69e184c9a373bbcd3744e8ad8a7a66034fSecunia Security Advisory - Fedora has issued an update for coccinelle. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
08f7a5e546f9b819dfbcd8107f45fcf27180c368a5762ddc52a91b0722b04515Secunia Security Advisory - Fedora has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or to compromise a vulnerable system.
eb5300675ae0be34daf8970a858d5c7d6c6120cb3dba917c9921cfdcdd833117Secunia Security Advisory - Some vulnerabilities have been discovered in Webmedia Explorer, which can be exploited by malicious people to conduct cross-site scripting attacks.
4c4c404cd7b2ccd873271dd55f0af650e95ef8f4135459b6d9b56613674b79e5Secunia Security Advisory - Fedora has issued an update for gupng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
63b85459281d3bf0b06f75f8c6ea04141b245bc79102e68b6577f728034c89f4Secunia Security Advisory - A vulnerability has been reported in GUPnP, which can be exploited by malicious people to cause a DoS (Denial of Service).
cd9a0870ec2b681b2095468d18f18a9a842d4a6ff4d329ebeeca56b8c3fb3ed5Secunia Security Advisory - Fedora has issued an update for drupal-views. This fixes some vulnerabilities and security issues, which can be exploited by malicious users to conduct script insertion attacks, and by malicious users and malicious people to bypass certain security restrictions.
807fcffd000f1be148b3d041737458220f379b6dd6b81287c240475f6ce3c119Secunia Security Advisory - A vulnerability has been reported in the FrontEnd MP3 Player (fe_mp3player) extension for TYPO3, which can be exploited by malicious people to conduct SQL injection attacks.
d3a76abbf36182009aeef37e1356bd52bdd5ea2689745c532ee6d93525c9f582Secunia Security Advisory - David Sopas has reported a vulnerability in Zoki Catalog, which can be exploited by malicious people to conduct SQL injection attacks.
85be4f835485cec5dd7cef486b838aa6ca78ddceedc533b41081bdf84200ac15Secunia Security Advisory - SirGod has discovered some vulnerabilities in DB Top Sites, which can be exploited by malicious people to disclose sensitive information or compromise a vulnerable system.
881d221a494c0c0b40c73f9f5c3aa65f4c266d8f82b04be85de1f78d6600cd67Secunia Security Advisory - Fedora has issued an update for php-ZendFramework. This fixes a vulnerability, which can potentially be exploited by malicious people to disclose sensitive information.
895f31e77faca44d3942d642cb06c99f6b23aef5cada0dffc72a75c4734277e6Secunia Security Advisory - xoron has reported a vulnerability in the iJoomla RSS Feeder component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
f1d6e174aacd874fe90589df030bc7f32d299e8821c476ad79e6287033a6246cSecunia Security Advisory - A vulnerability has been reported in the Modern Guestbook / Commenting System (ve_guestbook) extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.
fba4d1f8b3b362b02e65d4d4e94f75339aa173ec838725ec5196ee3419659eeb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed