Mandriva Linux Security Advisory 2010-241 - gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. The affected /usr/bin/gnc-test-env file has been removed to mitigate the vulnerability as gnc-test-env is only used for tests and while building gnucash. Additionally for Mandriva 2010.1 gnucash-2.2.9 was not compatible with guile. This update adapts gnucash to the new API of guile.
f6ba7fc2153de0d6d4e2127713a15491bdc57288a34cad682323920481676a39SimpLISTic version 2.0 suffers from a cross site scripting vulnerability.
b75c47d7ed7ecaf745c2136242fc7f9f452149d3b5032df21a25c9d631a46b7cMCG GuestBook version 1.0 suffers from a cross site scripting vulnerability.
0cad48f127b63720a930cc2ad7b6573c77a07fcded1351122829e689a77afb99D-Link gear suffers from a direct access authentication bypass vulnerability in bsc_wlan.php.
a5d0394b8ba43ce9a96f86532500f603c86ff00f80de365eb1af799e294fe210Mandriva Linux Security Advisory 2010-240 - Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory.
7f1d252e40f57defd531fbf90b1795ea402aacc78f6552c5d8e49a06c5af7fcdThis Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary code.
b59d9a1f23c5626c6efa73bf36caa496b08cb3ed11b9c2ff88e058916f50b1c6GetSimple CMS versions 2.01 and 2.02 suffers from an administrative credential disclosure vulnerability.
4f2cab67a00184623c4601b895f14d993c995f4f22d02cbed31a60189e9fcd95Microsoft Windows Vista / 7 privilege escalation exploit that has UAC bypass.
6b0561ab1ad6f3f39166ed1c0861b2a9752dfbc1943baa3de7be1bcb25c25bc1OTSTurnTables version 1.00.028 local buffer overflow exploit.
18e63c1c4b5ec3b934dc1f23cf0735fb903162fee6842c3e71adc85ee39b946bSecunia Security Advisory - HP has issued an update for Tomcat Servlet Engine in HP-UX. This fixes some vulnerabilities, which can be exploited by malicious users to disclose sensitive information or manipulate certain data and by malicious people to disclose certain system information and cause a DoS (Denial of Service).
cdd4e30a514958dde3aa4705e8dfadf968427b42d7338275c6164e6673e40933Secunia Security Advisory - Vegard Nossum has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
1a203ecfa322ed9ce47d6c457a7907dc231fa3e3fbc8e9db4b50ad2db6212cc0Secunia Security Advisory - Aleksandar Nikolic has discovered a vulnerability in webApp.secure, which can be exploited by malicious people to cause a DoS (Denial of Service).
3b621b9c0fcbfdbb1f95b5b28a537e92ef4575e196f153b6833103d212831e03Secunia Security Advisory - Fedora has issued an update for dhcp. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
a6c34c11aba028c2c08c570e830d590296a2b3e744cc84f89366dc0b54732411Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose sensitive information, bypass certain security restrictions, or to compromise a user's system.
294f8bf7de6acabcacf37a34522cfa734a82647318add8c29f38dfe2f29e03ddSecunia Security Advisory - A vulnerability has been reported in various Horde products, which can be exploited by malicious people to conduct script insertion attacks.
2b8eb5a0a52f736f34520505edca4363fefa930690f197fa00914374a835b26fSecunia Security Advisory - Apple has acknowledged multiple vulnerabilities in Apple TV, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable device.
a6d43e79616d6f8ccd1dd5ec089da6345e4eb30956dc664ebbe549167d557b0dSecunia Security Advisory - Fedora has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
2eb9ae169fa35ca963f48fbdfffa0e65a03abc08f320b0298d4177607cbbe505Secunia Security Advisory - Gjoko Krstic has discovered a vulnerability in Native Instruments Massive, which can be exploited by malicious people to potentially compromise a user's system.
c249bb7bc9852c778f555fb6094eb93e7316f0e10e4952e808ee2bc4ff69c053Secunia Security Advisory - Debian has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
f92bb988d13935d1e08f7c6715d92cb5304bb9cef6ac57fc917467ab44867ff8Secunia Security Advisory - Some vulnerabilities have been reported in Apache Tomcat, which can be exploited by malicious people to conduct cross-site scripting attacks.
ac4766ab5f7cebc4c43e3b4779390838c0b0320757ad289454cc5c57a81a8682Secunia Security Advisory - Red Hat has issued an update for postgresql. This fixes a security issue, which can be exploited by malicious users to perform certain actions with escalated privileges.
496ce495d0eb2b39cda4ceb08763a1a75478ea83af364c7f8a3a9b7eee3b3755Secunia Security Advisory - A vulnerability has been reported in DaDaBIK, which can be exploited by malicious users to perform script insertion attacks.
cbd2a81c3844e7238868a4d5b67bb30c3f08e884cdf2f7cda0a40ec68a8527ccSecunia Security Advisory - A vulnerability has been reported in Trend Micro Office Scan, which can be exploited by malicious, local users to gain escalated privileges.
ff0953306b4cb9589cccf45a027cc0cebc19f39c5bb416f06605aa4f596651beSecunia Security Advisory - Some vulnerabilities have been reported in Xen, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
6d33716fd6d73ad5d5181c4f8c7c93ff47c9da56a21347c56514ae64b2f1c294Secunia Security Advisory - A vulnerability has been reported in RSA Adaptive Authentication, which can be exploited by malicious people to conduct cross-site scripting attacks.
5713fbbc376635d95c81dadc0b90055003a843f80cbeb825d28afa428da1bc45
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed