Secunia Security Advisory - A vulnerability has been reported in C++ Sockets Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
89af9bcc1854b59139c1f98a6db697a1ccfda783cef243fbd5c2227d574d6228Secunia Security Advisory - A vulnerability has been discovered in snif, which can be exploited by malicious people to disclose potentially sensitive information.
af368a6fc60b34188e85242022b3033667b201a48af793a341fd253e4e77e449Core Security Technologies Advisory - Corel Paint Shop Pro Photo X2 is prone to a heap-based buffer overflow when processing malformed FPX files, because it trusts user-controlled data located inside a FPX file and uses it as a loop counter when copying data from a FPX file into a fixed-size buffer located in the heap. This vulnerability can be exploited to overwrite adjacent heap chunks metadata, and possibly to gain arbitrary code execution.
a6f2c88aa2e79b669f40a3e754b153097c2a704191671ee32dc54d20f872330aiDefense Security Advisory 02.01.10 - Remote exploitation of an integer overflow vulnerability in Real Networks Inc.'s RealPlayer version 11 could allow an attacker to execute arbitrary code. iDefense Labs has confirmed the existence of an integer overflow issue within RealPlayer when handling compressed GIF files. The vulnerability occurs in the CGIFCodec::InitDecompress() function, which does not properly validate a field in the GIF file before using it in an arithmetic operation that calculates the size of a heap buffer. This issue leads to heap corruption, which can result in the execution of arbitrary code. iDefense confirmed RealPlayer version 11 is vulnerable to this issue.
3f0c3242b0afbee7c3c7828a48aa049b6a72341359deef2d7363e819bcf7480fiDefense Security Advisory 02.01.10 - Remote exploitation of an integer overflow vulnerability in RealNetworks Inc.'s Real Player could allow an attacker to execute arbitrary code with the privileges of the current user. This problem specifically exists in the CMediumBlockAllocator::Alloc method. When calculating the size of a memory allocation, an integer overflow occurs. This leads to heap corruption, which can result in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Real Player versions 10.5 (build 6.0.12.883) and 11 (build 6.0.14.738) on Windows. Other versions may also be affected.
1df83847e5c312d16805b0467196f103f05a9e417ac7ca5b56ff18c5fc13833eiDefense Security Advisory 02.01.10 - Remote exploitation of an integer overflow vulnerability in RealNetworks Inc.'s RealPlayer 11 could allow an attacker to execute arbitrary code with the privileges of the affected service. The vulnerability specifically exists in the handling of the 'chunked' Transfer-Encoding method. This method breaks the file the server is sending into 'chunks'. For each chunk, the server first sends the length of the chunk in hexadecimal, followed by the chunk data. This is repeated until there are no more chunks. The server then sends a chunk length of zero (0) indicating the end of the transfer. When processing these chunks, an integer overflow occurs, which results in a heap overflow. This leads to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in RealPlayer version 11 on Windows. A nightly build of RealPlayer 10.1.0.3830 for Linux was also confirmed to be vulnerable. Previous versions do not appear be affected.
3a83f3b4b0b0d8cec0aad45aed72e71c09910a4ab59fde61b44afcb586e10dd8The Joomla Gambling component suffers from a remote SQL injection vulnerability.
4fa3bb8992768d637aa537d79fe9d5abadbff75dd693615a89f941eb87ea8e3fThe kernel of Oracle Solaris contains a vulnerability in the code that handles UCODE_GET_VERSION IOCTL requests. The vulnerability allows a local unprivileged user the ability to panic a Solaris x86 Intel-based system (32-bit/64-bit mode) due to a NULL pointer dereference. The ability to panic a system is a type of Denial of Service (DoS). The issue can be triggered by sending a specially crafted IOCTL request to the kernel.
a524a1ba9d5742e9a071414fff6dae55d1497bb58dc841e1c7577a689c3d653cDrupal's MP3 Player module version 6.x-1.0-beta1 suffers from a cross site scripting vulnerability.
bea709af4e24c40c41d70a3135a1196e412d132182f2fa56f7e35583b5bfc365AlegroCart version 1.1 suffers from a cross site request forgery vulnerability. This example changes the administrator's password.
90f1b2c5624c9fb52ebecaac27a01702433a161bb638ebabf08324fada548d07Bugzilla versions before 3.0.11, 3.2.6, 3.4.5, and 3.5.3 allow for content browsing of various directories that may have sensitive information in them if customized. Bugzilla versions 3.3.1 to 3.4.4, 3.5.1, and 3.5.2 suffer from a bug moving vulnerability.
4080b4649189b96d44e9f146ffc4dd75e28aa00ddbc98f128ecb4ee6cc0579efjBCrypt versions prior to 0.3 suffered from a bug related to character encoding that substantially reduced the entropy of hashed passwords containing non US-ASCII characters.
dd72d7dabb106e0710c14a2f1935188fc712a50d8d1d76a5ac6d2777e8f3c708Rediff.com suffers from a cross site scripting vulnerability due to a lack of sanitizing the subject field of incoming email.
3cebcc5aa2a4f07c25bb3e97a82db04ed412f4e4aeb065ca6aed22ba6e02d0d9Squipy is a proxy server that allows you to capture and modify HTTP traffic.
a9b89ba7b14dd63268ecdafb6173cf172d87074e953088ec884dac7dae401937EmiratesHost suffers from an insecure cookie handling vulnerability.
ddeb6326f49ae789f8d3ab3d8aa8042162bc2a0022268420986500c74c7ac28dCore Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.
f8c48a5475b2b0502d92201a787561418f197b00968eea66badd89e44af41aabThe Joomla Yelp component suffers from a remote SQL injection vulnerability.
e375a48065840c20e57600a6ffcd8532b7b14824c7a895b7b4869c23f4ff6261The Joomla Job component suffers from a remote SQL injection vulnerability.
3a336a7c3209ba872630da0a9da0cc6a1142fa1d64656f205d6485beeee40fc3Mandriva Linux Security Advisory 2010-030 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request. The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read. An issue was discovered in 2.6.32.x kernels, which sets unsecure permission for devtmpfs file system by default. Additionally, it was added support for Atheros AR2427 Wireless Network Adapter.
8b6d1e6d71088d7123baf7cdf602337bb9e7c8f9acce4061459fbdec59f50236Marka Grup suffers from a cross site request forgery vulnerability.
5232b0b1e83d55d55d4a1c07fae91b3eb50deba34b932f8cf812b97d23e0cee7Marka Grup script suffers from a remote SQL injection vulnerability.
0ce7c4f2c36ff3e23c80814ce8c35614a3aebcb1458a852701705b9199095edeShout! CMS suffers from a remote SQL blind injection vulnerability.
b6f14d6e384b217731effc312c97d703ceae063cadb336c387b2711729b19208Evernew Free Joke Script suffers from a remote SQL injection vulnerability.
0440363c025a4a7034c9f444129e66ce10ec3b19e97b1889295c94d55944ce78VMware Security Advisory - JRE update to version 1.5.0_22, which addresses multiple security issues that existed in earlier releases of JRE.
9fdca7e08dfc8d5434a4f2c697c71bb80affbf3145121242ba0ffd398e591d00
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed