Secunia Security Advisory - Some vulnerabilities have been reported in Cisco Wireless LAN Controllers, which can be exploited by malicious users to cause a DoS (Denial of Service) or perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions.
dec6995325204b6286e473619217c77aa2890f49b48bde4b3edbec98cf8954e8Secunia Security Advisory - Multiple vulnerabilities have been discovered in FestOS, which can be exploited by malicious people to disclose potentially sensitive information or conduct cross-site scripting and SQL injection attacks.
830a3010b17f525cf909ec126545376dcbb87849b5b43e696003e9f36d4adb35Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges.
f6fefd97b1bbbbdf558a4de4b878b5d2c38032d9da3c6fc8518214a7177d35d3Secunia Security Advisory - Ubuntu has issued an update for mountall. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
dd21ac2feebd85cb5c6b0bc276e9053bed140cb71da5f05bb65f87b3529deb40Secunia Security Advisory - Tim Brown has reported a vulnerability in Apache Traffic Server, which can be exploited by malicious people to poison the DNS cache.
6cbb148411e3be1dae222b5318fe28c47374ec7e3ad0b08916c2f36b24dcb947Secunia Security Advisory - A vulnerability has been reported in Qualcomm eXtensible Diagnostic Monitor (QXDM), which can be exploited by malicious people to compromise a user's system.
ede77e502f62dd9f75fdd3ea1ee273f48f218dd5f1e6b803e9a071b7e037f6f4Secunia Security Advisory - A vulnerability has been discovered in SmarterStats, which can be exploited by malicious people to conduct cross-site scripting attacks.
127530356bc8934c50a31cf9f9b21bed5a306051b3bc532187405cd1e2b40642Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system.
c9825e529f4975e2f4d88aa15979135a881d5c2713fa3661225cd97fd7c4618dSecunia Security Advisory - A vulnerability has been reported in ColdGen ColdBookmarks, which can be exploited by malicious users to conduct SQL injection attacks.
814ad5a8a19d0a27bdc6f14d6126e36302d25d8fd0cae7a84a5847ed692a3de1Secunia Security Advisory - Some vulnerabilities have been discovered in Beehive Forum, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
822d6c9a36bee0cd838d02a05079d015bd6da900ec05b95a05b19955dceba477Secunia Security Advisory - Multiple vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, or to compromise a user's system.
10b42d41a692e83b3f93f7dd136efa5700ca14aa3654abc3c95a49c3365d0316Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user's system.
98c58b5e5f5edad392f12277e9dcfbcd5b0633ae7fa0356f545ac6c1a2c39852Office of Inspector General report OIG-10-1111 - DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems.
f3e75b33a925268b83c2b65afa9fa59ba0014a74c9741587b2893bc1c862d1a1Ubuntu Security Notice 978-1 - Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
36273ad9e76ae6b4735d7d4be276aefa43da892c6a64bf66805e2f2a014c897bUbuntu Security Notice 975-1 - Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Matt Haggard discovered that Firefox did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Firefox processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Firefox when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.
6c34c75bcd76834d4a6c8efe936ec2cc6cf6d38460c2723c1ac2015bb161b45fUbuntu Security Notice 985-1 - Alasdair MacGregor discovered that mountall created a udev rule file with world-writable permissions. A local attacker could exploit this under certain conditions to cause udev to execute arbitrary commands as the root user.
4a642d2164bc00143a22811374dfb8639ad1feba3c70dd6b5fddfb454d62d830RSA Access Manager Agent version 4.7.1 with RSA Adaptive Authentication Integration contains a potential vulnerability that could be exploited by malicious people to bypass authentication restrictions.
f37ca923bf54bfdf37a88831d0f75bcf6a5e55a593c52f203860663002a51c18A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected.
3d240af0a8c4e5c33aa8da21b8107990c5dfa8e6ea4a6e3ee56672b3ac57a2c2RSA Access Manager Server contains a potential vulnerability that could be exploited to bypass certain security restrictions, potentially enabling unauthorized access to protected resources.
98f487b3c2005faddb5b253b4eb92d13be6de45cdc5a506602e42d94491a38e4Debian Linux Security Advisory 2106-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
d8cb8c73353562f7410766d649b87d18007e13465c82259b176eb25a57955ac6FreeBSD versions 7.0 through 7.2 suffer from a pseudofs NULL pointer dereference vulnerability. Due to a spurious call to pfs_unlock() in pfs_getattr() (as defined in sys/fs/pseudofs/pseudofs_vnops.c), a null pointer is dereferenced after calling extattr_get_attribute() on pseudofs vnode. By allocating a page at address 0x0, an attacker can overwrite an arbitrarily chosen portion of kernel memory, leading to a crash or local root escalation.
a855fffa300b7f55f74d0715f967bca60e0020b4c7e86448ff0dcbf6e9626f3cCisco Security Advisory - The Cisco Wireless LAN Controller (WLC) product family is affected by two denial of service, three privilege escalation and two access control list vulnerabilities.
77d919c56de3e9a000ae96bdbf3d94ed782f05239c4250c28f232066e43a8f6cHP Security Bulletin - A potential security vulnerability has been identified with HP ProLiant G6 Lights-Out 100 Remote Management. This vulnerability could be exploited remotely to create a Denial of Service (DoS) in the Lights-Out 100.
918ed8b1514a472e4b9ace50445b989ebc6863b39d348853651de7ad20d3914bDebian Linux Security Advisory 2105-1 - Several vulnerabilities have been discovered in the FreeType font library.
15966e81ca174dc0e0b6bd21ea79e80353ff0188c445ba38564cccb8ae19db5bETax 2010 fails to properly verify SSL certificates.
24af9a0e45a8a0b5f6edd359231de72999504a410b210088310afacbf5772dd9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed