PEEL E-Commerce suffers from a remote SQL injection vulnerability.
1288f4009067b50767bf899e0b1240d4a53027df3c002b1d22505e46c06a720aPHP version 5.2.10 has an invalid fix for the safe_mode bypass with exec/system/passthru. Proof of concept included.
f45b4faa55d58fe0a522660c4854e7295102f832ffe6f1fac13af3b95ec1d1f2Mandriva Linux Security Advisory 2009-137 - Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK. This update provides fixes for these issues. java-1.6.0-openjdk requires rhino packages and these has been further updated.
f4b765dd3a8d255bd547e542daffc7433c55b00e65db844ce078a2a85ed532c1Secunia Security Advisory - Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to compromise a user's system.
1e5bcd8264525d2b56044596a4d2a05162bb7eeaafa921a8e25be6bf68df7d76Secunia Security Advisory - Yogesh Kulkarni has discovered a vulnerability in WebNMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
3253d2708c6ac15d2b56a61568ab0b9a08aa3a9c28af7420fa9b6f9dfd544455Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or to compromise a vulnerable system.
fd7bab80fa04363e7e552feab90bbd8ee38b2e61dbfbf7c1d52cb18670e64bbaSecunia Security Advisory - A vulnerability has been reported in PHP, which can potentially be exploited by malicious people to cause a DoS (Denial of Service).
4be16b54ef577022b930709e2ca373fb43164091f02bb34fa11aa9c3300ccc89Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service).
4d5d58c9e2dbb85e00ce5f69361c1ec0c03759d62c3c7dde30f8a11870eb7597Secunia Security Advisory - Debian has issued an update for gforge. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
4f1134c4b8051771417e62df66829103e5d034c02a27075a438764beebb75086Secunia Security Advisory - Two vulnerabilities have been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
a8d8c0da568510de9339bf2f81fd7a5e5cbb7b6574da068cd119c758eedbf827Secunia Security Advisory - Fedora has issued an update for pcsc-lite. This fixes a security issue, which can potentially be exploited by malicious, local users to cause a DoS (Denial of Service).
9e445c8b977d97a45ecb9d85c3585d5e47296e56059f4f0a38f80a7f567d1ed3Secunia Security Advisory - A vulnerability has been reported in PukiWikiMod, which can be exploited by malicious people to conduct cross-site scripting attacks.
0fc93d31f46aa33a4f96dda178898dd5e2d9bb33c1710fbc22ef045c525bbf4fSecunia Security Advisory - A vulnerability has been reported in xcftools, which can be exploited by malicious people to potentially compromise a user's system.
f2ba89d7ed494bbbebf3892c2371d7df8981aa669ae8bcf5234df79f8fba57aeSecunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
616d0d2ce71f763e512542f5c382be75fcdd4a2ee971474b1f5bedc19abbe874Secunia Security Advisory - A security issue has been reported in PCSC-Lite, which can potentially be exploited by malicious, local users to cause a DoS (Denial of Service).
f2f1a88de1d67bd4aee2e634ed1dc8a113ee8df2451673bbc4184a69b408ea0eSecunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users and potentially malicious people to cause a DoS (Denial of Service).
79d89cac07c950fcdbdb8deb401d797b8c64b243f1ffa43be372ce6f16bf6516Secunia Security Advisory - Red Hat has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
74da7754387da4a2192d5bbf7dc3e4015d5bfc18b601f735a6b1aea4fae61651Debian Security Advisory 1820-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.
7b5d3b0a439f9bf630e0430301b87524237426c51c21e9ac498ad7d2f0f32c39Debian Security Advisory 1819-1 - Several vulnerabilities have been discovered in vlc, a multimedia player and streamer.
7827ca0570fa45743fb8336eab394c44bf38311c688135f7bd9b204c89d50949Debian Security Advisory 1818-1 - Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to conduct cross-site scripting attacks.
ef3ab886c53dfa59ff5ebaf2e13c7fc33993ce4e386d80d7b4077eb59b1d7f05Debian Security Advisory 1817-1 - Michael Brooks discovered that ctorrent, a text-mode bittorrent client, does not verify the length of file paths in torrent files. An attacker can exploit this via a crafted torrent that contains a long file path to execute arbitrary code with the rights of the user opening the file.
04a3025ed0f99514632bf98b2b6b03c9b67be83812ffe576041b45ae447a9ea3The parsing engine in ClamAV versions below 0.96 can be bypassed by manipulating CAB (Filesize) archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.
5b71b0644c8e2c68a39b65b1d09e406706b0f0049ebfe813efb8f19923797186The F-prot parsing engine can be bypassed by a specially crafted and formatted RAR archive.
0c190472862f04e28464f2f343fd6dc64e9cdc0911fa339c1390d3d426c7c594The Nokia 6212 Classic suffers from denial of service and URL spoofing vulnerabilities.
f924130f46c774dfe95a5814310493331cfaa964f415837fbb22a8db6ce22bd6Safari on the Apple iPhone suffers from a vulnerability that allows an attacker to auto-dial a number.
750d96b2e5b025f4f460cec5ea7897e6f417588a419c661fea5d7b95be167b5c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed