Secunia Security Advisory - Multiple vulnerabilities have been reported in Hitachi Groupmax, which can be exploited by malicious people to manipulate certain data or cause a DoS (Denial of Service).
e50ee42314731105cd487cc96352a93bcd8c7424df8446f752db96ca2b340187Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and bypass certain security restrictions, by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system, and by malicious people to bypass certain security restrictions, manipulate certain data, disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
c2a983151e4616dd426024311fd36e148c2ad1dbe5e8427114eeddbc9d5c9169Secunia Security Advisory - A vulnerability has been discovered in Qt, which can be exploited by malicious people to compromise a user's system.
c15becd7ca77e0a82695529c0f24d1f407f7830086dee4f957f9305d8b517cf2Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
618e5414178d60f5b3f18d23918259949b933785d4f2e549521ba178f5615913Secunia Security Advisory - A vulnerability has been discovered in Digital Workroom, which can be exploited by malicious people to conduct cross-site scripting attacks.
09e1512c5cef649a590250c1c213ea6f8d3423ec19eb636cd40cf8b53ffcc4feTechnical Cyber Security Alert 2010-263A - According to Adobe Security Bulletin APSB10-22 there are vulnerabilities in Adobe Flash. These vulnerabilities affect Flash Player, Reader, and possibly other products that support Flash. A remote attacker could exploit these vulnerabilities to execute arbitrary code.
b34faf923bf9ea6db2f455ecf92f2dbd3b5c40882ce8a4c9b3868686a46e0ea2Mandriva Linux Security Advisory 2010-185 - An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack. Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolve this issue.
9ad342dd4d695ddad458b7a2cc4f336d10b370149f577db868f677cc76eed3e5Ubuntu Security Notice 989-1 - Auke van Slooten discovered that PHP incorrectly handled certain xmlrpc requests. It was discovered that the pseudorandom number generator in PHP did not provide the expected entropy. It was discovered that PHP did not properly handle directory pathnames that lacked a trailing slash character. Grzegorz Stachowiak discovered that the PHP session extension did not properly handle semicolon characters. Stefan Esser discovered that PHP incorrectly decoded remote HTTP chunked encoding streams. Various other issues were also addressed.
39223359acd2eea854bfefcc60f483e06e1a0cd1e0a9f2252a3448603f64be5cUbuntu Security Notice 986-3 - USN-986-1 fixed vulnerabilities in bzip2. dpkg statically links against libbz2 and needed to be rebuilt to use the updated libbz2. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
c868b777cefbeba465a6705ca695c799632111d84efe15571f31b09656bf8e76The Blizzard Entertainment Battle.net mobile authenticator application that is used as part of an optional two factor authentication scheme to safeguard accounts is vulnerable to a passive eavesdropper during the initialization process which occurs once per the lifetime of a given device.
ff52a124839a7f603a896555e76fb5b7fa360afc8d52e23722e9d6822df419cfPart of the Alcatel Omnivista 4760 administration software of the Alcatel 4400 PBX is an HTTP proxy. It is used to tunnel ssh-connections to the ssh-ports of the PBX within the internal network. This proxy is vulnerable to a remote buffer overflow.
5cd45b1c09ebec546267dae931c9ff29744617b38e2df6f7e0ab905d89d90e04The Alcatel CTI Solution is completely broken by design and performs authentication validation client-side.
7e2e7e0578b17ca41d5ca1c3b86de59225fa2219cbd660340684ccbe44384690IB Promotion Advanced Business Web Suite suffers from a cross site scripting vulnerability.
c927a9219535e082bca5e4c5a41033fb4fc4ee71b14b0c90c7efba52b0f43935FreeBSD Security Advisory - The bzip2/bunzip2 utilities and the libbz2 library compress and decompress files using an algorithm based on the Burrows-Wheeler transform. They are generally slower than Lempel-Ziv compressors such as gzip, but usually provide a greater compression ratio. When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow.
59a1711bf6d2510506a512b7a40dbb7b7d40b51b3a4d4e1f1d1ab65852dec64eDebian Linux Security Advisory 2113-1 - Several vulnerabilities have been discovered in drupal6 a fully-featured content management framework.
5db748de714e469dadc2869ecc44a0406ff01a60ef572385059e9b43f4710623TrendMicro versions prior to 2010-09-07 have vulnerable third party DLLs.
714c4a4a9b34ce3bd5f0c43e363fb65b8f51c199756fe9c5e1dd50ec1d1d49e7BifrosT DLL hijacking exploit.
607cc6bc82b870a5ed60b2b91f2f96ec7ae3a8e64fa720c5accb0a0e82d9c837Ubuntu Security Notice 986-2 - USN-986-1 fixed a vulnerability in bzip2. This update provides the corresponding update for ClamAV. An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
469cb32cd15547aa3ce4d3d5ff9cc514314d8e826a8cd0be6e1890e4826d2835Ubuntu Security Notice 986-1 - An integer overflow was discovered in bzip2. If a user or automated system were tricked into decompressing a crafted bz2 file, an attacker could cause bzip2 or any application linked against libbz2 to crash or possibly execute code as the user running the program.
76303896b97cb2b9efd591512a1804d52d2c3df08a31055a4824cab1f39e5033Debian Linux Security Advisory 2112-1 - Mikolaj Izdebski has discovered an integer overflow flaw in the BZ2_decompress function in bzip2/libbz2. An attacker could use a crafted bz2 file to cause a denial of service (application crash) or potentially to execute arbitrary code.
a2d893684f3238f877e8037d50bc8f645067431b0a451bb7eaf502f28d6e7acbLocal proof of concept exploit that demonstrates a vulnerability with mountall where a udev rule is created with world-writable permissions.
95f63d2111ca90c6da50b7e49d184cf2899ee68f2456828ad69df093da8a181dThe Joomla Spain component suffers from a remote SQL injection vulnerability.
79f0a2567545814aed4309cb69d1f2eeb9f174e1b64b6bbf00d2f4180af673abe107 version 0.7.23 suffers from multiple remote SQL injection vulnerabilities.
2153a7a292547e7be2a5e14f91d61548b9533cfc29cbe79a79406a848d0ce368SWiSHmax DLL hijacking exploit that leverages swishmaxres.dll.
8ddad476588571c382b5b9cd81370195bbf2cf9cfd945faa48d869eceb8e82f3Basic Web Server version 1.0 suffers from a directory traversal vulnerability.
264ceb0ab7930d455a52d8d4c378129c0cd0a7bbb3537eba8178169c8d3e4bfb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed