Zero Day Initiative Advisory 11-096 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how WebKit processes a range object as defined with the DOM level 2 specification. When processing the contents of a range, WebKit will fail to accommodate for manipulation of the DOM due to an event listener. This can lead to code execution under the context of the application.
6d81278d8dc822d4b5f4f3a1ca6167daec5557f25ee4b6b490e3e532a66a3193Zero Day Initiative Advisory 11-095 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the methodology the application takes to inform a user about an error while parsing a malformed document. When displaying the error message, the application will append the message to the current instance of the DOM tree causing another element to be removed which will lead to the styles being recalculated. When the styles are recalculated the application will access the initially freed element which can lead to code execution under the context of the application.
f4d675fefa8b388da3a6c801355db064314176f29dca4294b1ad766cc944f160PHPIDS versions 0.6.5 and below suffer from a path disclosure and information leakage vulnerabilities.
105181eaabd510c35b398092f75ce7c5c4adad9528c00927a0a643042d53a233PrestaShop 1.3.6 suffers from a path disclosure vulnerability.
935f2d2c55d6326cfa3aa15e16cda9247c5f6997b508fd305be6aea5e5200644Tribiq CMS version 5.2.7b suffers from a path disclosure vulnerability.
fcf506963d2ec60597ba54b627c56f07b978435391722a0e258c894476262b2fd0rk3r is a python script that uses search engines to find sites vulnerable to SQL injection and local file inclusion issues.
f57d035264ef571beaf4499a7f608b1da3c340b088e95de3032fb8be26a279e9Secunia Security Advisory - A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information.
0a11a81f368d83fa325f8df87a1080a0df9aebb8f292ecbfe3444d423aa3756cSecunia Security Advisory - A vulnerability has been reported in IBM FileNet Content Manager, which can be exploited by malicious people to bypass certain security restrictions.
bbac1a05e114b815b9d34506d6f1caa71a742cb12bac0f93fdbbd749cec9a99dSecunia Security Advisory - Some vulnerabilities have been discovered in naughter.com AutoPlay, which can be exploited by malicious people to compromise a user's system.
b222357b1a3eaab67da0503e56c5f16ae4fb17918fc78cfec3e7c78f4e649892Secunia Security Advisory - Fedora has issued an update for nbd. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.
f8f668339aed690db1458db2445c5242f492b8f304e58db22d1691895e722f62Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service).
e4a8067ad23964dd2e1dc646c3d41f451f2e8c91dad804888e431a14cb9b600eSecunia Security Advisory - High-Tech Bridge SA has discovered some vulnerabilities in Photopad, which can be exploited by malicious people to conduct cross-site scripting attacks.
116796d8343c9bfd471108cdd5d565dfebbcb5ebb76b6103d26eed0aa74cff37Secunia Security Advisory - Red Hat has issued an update for subversion. This fixes a security issue and two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
3d6af10bc559fbdd24f985c527ec57a4360637d70c45a5ed037679ebccae2e21Secunia Security Advisory - A vulnerability has been reported in I.C.E. CMS, which can be exploited by malicious people to conduct SQL injection attacks.
c34ec94c3d8c45f24c4da8e3c871b83f0faf42bea7de718898bdc54ca64ed02cSecunia Security Advisory - A vulnerability has been reported in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks.
c5e7db4b14a9b4f12f5f52fe3cf5f019181ffed6e4d38c70f2ef884e40f7cb72Secunia Security Advisory - A vulnerability has been reported in Avahi, which can be exploited by malicious people to cause a DoS (Denial of Service).
1bfaf5a481603e302497ad464a66cb9f65d4a0bfb4aefee43ad04665eb2c4645Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya Call Management System, which can be exploited by malicious, local users to gain escalated privileges.
c1a492e800cc05d5ea9245df6dc0eb288bc31caf6e42b6b829a39b826342ae7bSecunia Security Advisory - MustLive has reported a vulnerability in Firebook, which can be exploited by malicious people to conduct cross-site scripting attacks.
bc26f5552960a29d838117811db1013dc26548aac231927fe7b5cb7af5eb8d64Secunia Security Advisory - Some vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to compromise a vulnerable system.
c8b93dcbe278036db4537232073e911a1adbfdfd46b19eaef78124d99cc8a13aSecunia Security Advisory - A security issue has been reported in Ruby, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
889c5850c6726527e78a5e47003f5deb85c74a8ac3b99a8e79487ec20701fd6dSecunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya Call Management System, which can be exploited by malicious people to cause a DoS (Denial of Service).
b668634a9f97538f532a214d7e1f3f15c47959b4cbd6209b0bcee3d6c497fb41Secunia Security Advisory - Multiple vulnerabilities have been reported in Newscoop, which can be exploited by malicious people to conduct cross-site scripting attacks.
c2160e9b26c5f378583ce001a8e9e45221e53d0f70f630a29ee998e945f6a6c5Secunia Security Advisory - Some vulnerabilities have been reported in the phpMyAdmin module for Moodle, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose system information and conduct cross-site scripting and spoofing attacks.
06a76e2d189e2af37f1760d6a3657f665664acdd672b17cb3f51975de1e41d2dSecunia Security Advisory - A vulnerability has been reported in PivotX, which can be exploited by malicious people to bypass certain security restrictions.
7f492c9cff9ec97d91ff3490996847b334b358a953b3426ce6a183bfff0c807bSecunia Security Advisory - Some vulnerabilities have been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks.
3ac6ac6372091b581e3d8f65120ffc5d80385da527b203bc16e4caf3593f4026
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed