Secunia Security Advisory - Multiple vulnerabilities have been discovered in the CiviCRM module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system.
373fae826c2f7d0f42147ae1061b915e93ae9e8cafd32c1cb2306cf855717424Secunia Security Advisory - A vulnerability has been reported in HP StorageWorks X9000 Network Storage Systems, which can be exploited by malicious people to bypass certain security features.
f52e44a242347bcbebfb54b672c4749eb04e5e537fbbf5610b79bedfda6b248aSecunia Security Advisory - Fedora has issued an update for PostgreSQL. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.
8189f8d8c98bf5f32ede42c3a68d1afe9a6f32921a88ade27a18f3ec7293986cSecunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Domino, which can be exploited by malicious people to compromise a vulnerable system.
f344d05e935dab4a11542b87865ac1527c4007313488ab170422fa539f65cf99Secunia Security Advisory - A vulnerability has been reported in EMC Replication Manager, which can be exploited by malicious people to compromise a vulnerable system.
1b133ab42f98cfa755e5de71c4c4a387b6751757d68cb8c1fbe9c5fb3d493ac6Technical Cyber Security Alert 2011-39A - There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities.
543ab33bd2b51d5b835328d570283ef82fd09f685bd1fbc0d3a7861a5117c995MIT krb5 Security Advisory 2011-002 - The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks from unauthenticated remote attackers. CVE-2011-0281 and CVE-2011-0282 occur only in KDCs using LDAP back ends, but CVE-2011-0283 occurs in all krb5-1.9 KDCs.
537effdd39dea6c8a3f21ad5bed3351a69acff15857c7c8386bb0ee6b9b645a5Zero Day Initiative Advisory 11-081 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction of a specific ActionScript3 object. Due to improper type checking in the implementation of the constructor, an alternative type can be provided as an argument to the constructor and stored as a property. When this object is applied to a bitmap copy, the application will corrupt memory. This can lead to code execution under the context of the application.
21b49ddb945270a53d1f6fbd5ead749c4f9bc0c69284816847adb4969b6abb6cZero Day Initiative Advisory 11-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing substructures referenced by the CSWV RIFF chunk. An offset is improperly calculated from several elements of a substructure. By crafting a director file in a particular way, an attacker can cause the process to seek out of the bounds of a heap allocation. Due to the way the process continues to manipulate memory, an attacker can force reliable corruption that can be leveraged to execute arbitrary code under the context of the user running the browser.
c5bb3f0d878a7869b3177ea3cc0679c9e77f64abd1891be819ca3fbaf9653dc1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed