Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by malicious, local users to gain unauthorised access to certain functionality.
a8a6d0bcdd8799e8fe38576f6c2ef29a3af5a10ee0480b9a4594c92f7071e2bbUbuntu Security Notice USN-782-1 - Several flaws were discovered in the JavaScript engine of Thunderbird. Several flaws were discovered in the way Thunderbird processed malformed URI schemes. Cefn Hoile discovered Thunderbird did not adequately protect against embedded third-party stylesheets. Shuo Chen, Ziqing Mao, Yi-Min Wang, and Ming Zhang discovered that Thunderbird did not properly handle error responses when connecting to a proxy server. It was discovered that Thunderbird could be made to run scripts with elevated privileges.
e296006439bf4e6a1ca59b0e0c05e05c53359c92accaef6c57eec9cb193bf4adiDefense Security Advisory 06.25.09 - Remote exploitation of a stack-based buffer overflow vulnerability in Motorola Inc.'s Timbuktu Pro could allow attackers to execute arbitrary code with SYSTEM privileges. Timbuktu fails to properly handle user-supplied data passed through a named pipe session. When the PlughNTCommand named pipe receives an overly large character string, a buffer overflow will occur resulting in arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Timbuktu Pro version 8.6.5. Previous versions may also be affected.
ab79faf675800d7b7b3746fd9f41707ec4fd077918d41f3c4a45aebd457ac0a3iDefense Security Advisory 06.25.09 - Remote exploitation of a stack based buffer overflow vulnerability in Unisys's Business Information Server could allow an attacker to execute arbitrary code with the privileges of the affected service. If attackers send a packet to the Unisys Business Information Server over a TCP port, the attacker can corrupt stack memory and gain arbitrary code execution. iDefense has confirmed the existence of this vulnerability in Business Information Server version 10. Previous versions may also be affected.
0f6b851e37ef707c28dc12e307cce811d639b591995017d0726189ad5d30b210MD-Pro version 1.083.x suffers from a remote blind SQL injection vulnerability in the Survey module.
83488953209c150c771732c24c70a68a035e491e58f64d3820006cf9cfe1456eDebian Security Advisory 1823-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server.
b1dd505f4ed9dfea23e529ccd125a387967f454cd3fb8e82cf20c7cf12975af8Ubuntu Security Notice USN-792-1 - It was discovered that OpenSSL did not limit the number of DTLS records it would buffer when they arrived with a future epoch. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly free memory when processing DTLS fragments. A remote attacker could cause a denial of service via memory resource consumption by sending a large number of crafted requests. It was discovered that OpenSSL did not properly handle certain server certificates when processing DTLS packets. A remote DTLS server could cause a denial of service by sending a message containing a specially crafted server certificate. It was discovered that OpenSSL did not properly handle a DTLS ChangeCipherSpec packet when it occurred before ClientHello. A remote attacker could cause a denial of service by sending a specially crafted request. It was discovered that OpenSSL did not properly handle out of sequence DTLS handshake messages. A remote attacker could cause a denial of service by sending a specially crafted request.
717ab4b4246a89d48753c7a3ecde9c208b28fa3e393959d2b5b602da3f8f1d62Blind SQL injection exploit for AlumniServer version 1.0.1.
6275fc217c48cd114c5c36658e0a79ce58ae5b991c8ac55bd89aa1d9c692f629AlumniServer version 1.0.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
25c2680e264add522911bba0576dd68490feca754da8f414c517cb60881ef1f4Mandriva Linux Security Advisory 2009-140 - Multiple security vulnerabilities have been identified and fixed in gaim. These include integer and buffer overflows.
bde1a0669082b16d847d1bff535b714ea5b0668ec0d900ac0047e00a3076c148MyFusion version 6b suffers from a local file inclusion vulnerability.
048aee87a20ff49cc1c24d2cc4ec8258a6b24c71cec68bceb6511691d3f94769Zero Day Initiative Advisory 09-044 - This vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.
f837117c97d1a24404c5b9e1e9e7d39a21d1b93e249e693b17106674fade55e9Remote SQL injection exploit for the Joomla Pinboard component.
4d856a535f5d0ece457770da950a62470f07ea6a95dbab6bbf547ada8fd0c935Secunia Security Advisory - Ubuntu has issued an update for cyrus-sasl2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
a195a39df8d9df05d1f504207987ee01aa3f4af0c5a5385831a09760bf6db908Secunia Security Advisory - A vulnerability has been reported in Cisco Physical Access Gateway, which can be exploited by malicious people to cause a DoS (Denial of Service).
c00fdeb9b9fec380ccc8b65bc901f2f7fb223419e3d265412fc9ed8cb88908adSecunia Security Advisory - Ubuntu has issued an update for moodle. This fixes a security issue, which can be exploited by malicious users to disclose sensitive information.
f7edb6ee7ec4645a51ccfa1191d80dc20ad5d709406224516f758a9f44775372Secunia Security Advisory - Ubuntu has issued an update for moodle. This fixes a security issue and some vulnerabilities, which can potentially be exploited by malicious, local users to perform certain actions with escalated privileges, by malicious users to disclose potentially sensitive information, conduct cross-site scripting and script insertion attacks, or compromise a vulnerable system, and by malicious people to conduct cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, and compromise a vulnerable system.
8c44060639c8a5c7c8b715493036e5363cf96996f93c7663c01414e5db43ecd8Secunia Security Advisory - Ubuntu has issued an update for smarty. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
3dea68cec0df02f54ba4584ac714e3ae6eb3fe3346c779b492aa3430567f083aSecunia Security Advisory - Fedora has issued an update for rt3. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.
2ce6dcdfddc53215f1eacbb460c036cc6f1d566b59ea6c9cd8edd0e536e29595Secunia Security Advisory - Two vulnerabilities have been reported in Openswan, which can be exploited by malicious people to cause a DoS (Denial of Service).
de379d47c267ac7e9bbc7dad11837200f85c4a3738e00a7eaa862a02eaaf9f95Secunia Security Advisory - Fedora has issued an update for git. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
d23f41c6adac5ab4b188003a98d64dda822853cea99c7609f5f722471cfed796Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
634bf1a79532c6a358600f2dda44f8878a8cbbe8511cfbd44c469f6720b5561bSecunia Security Advisory - Fedora has issued an update for apr-util. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
2235d5c7b07d608c645869c1f8a2aecc03a0b2506a25640608b9825cc9711420Secunia Security Advisory - A vulnerability has been reported in Tree BBS, which can be exploited by malicious people to conduct cross-site scripting attacks.
c566db3c34b28bc58a4df0c369c66ec87bc7d9bcecd94d07273ce528d0de0340Secunia Security Advisory - Two vulnerabilities have been reported in Php-I-Board, which can be exploited by malicious people to conduct cross-site scripting attacks or disclose sensitive information.
5386a7e44314259c3fea389a23165025693b11dac2ec8981cc8623430d532ecd
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed