Debian Linux Security Advisory 2273-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.
2ef146aca09d233410ab44c6e1c9973fa960736b2e7f412227bd5dcfb267e6ff
Cisco Security Advisory - A denial of service (DoS) vulnerability exists in the Cisco Content Services Gateway - Second Generation, that runs on the Cisco Service and Application Module for IP (SAMI). An unauthenticated, remote attacker could exploit this vulnerability by sending a series of crafted ICMP packets to an affected device. Exploitation could cause the device to reload. There are no workarounds available to mitigate exploitation of this vulnerability other than blocking ICMP traffic destined to the affected device.
47affad59b00044d9ad060263d5a9a48eed230f89c78af4c892b70ed3be57832
LuxCal Web Calendar versions 2.4.2 and 2.5.0 suffer from a remote SQL injection vulnerability.
c531b5544e399b0b05f621a353b38e58960f2676c6b38c34ef113df210155c31
aTube Catcher version 2.3.570 suffers from an insecure method vulnerability.
44a65c7fda84418a50d45584ee5618db08b4401eb2fe2ad6667112c3fff99959
Ubuntu Security Notice 1165-1 - Nelson Elhage discovered that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. Stefan Hajnoczi discovered that QEMU did not properly perform integer comparisons when performing virtqueue input validation. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. Various other issues were also addressed.
e3ccd0d1153d4140f17f1e1ce0c2c4ba9f29570da645f067a3ba6f3b39a4acaa
Effective File Search version 6.7 suffers from a DLL hijacking vulnerability.
a87c5df1bec63ec7c29aed5cdd7c0b95e79f47d058ceb03d7144adabcf14174b
Activart suffers from a remote SQL injection vulnerability.
3cecc1164ebd86619d73b193d9b613e76c91a42007f6c84a798207d7339230cf
Alphabit Online suffers from a remote SQL injection vulnerability.
2735b6518e0af39be6d92e6e972a95e286d73d0db78d4058a9e677c6b44ea056
iDrive Online Backup version 3.4.0 suffers from an insecure method vulnerability.
0f2708d94c32bd9303abeeb64b2876314479075db4dd0484443c170f5e29afad
HP Security Bulletin HPSBUX02688 SSRT100513 - A potential security vulnerability has been identified in HP-UX dynamic loader. The vulnerability could be exploited locally to create a privilege escalation, or a Denial of Service (DoS). Revision 1 of this advisory.
eeef1db78f13a5fa4ec2c24f3421914be2c402cb016c9299a35af1a06f3c560a
MIT krb5 Security Advisory 2011-005 - A remote client of the GSS-API FTP daemon in the krb5-appl distribution can access files using the effective group ID that the FTP daemon process had when it started.
1fe339215ceaa9f7616aea04e0760e9c50130ea0ca8add4046b96df17325d31e
The software referred to as BCAAA (Blue Coat Authentication and Authorization Agent) is installed on a domain server (not necessarily a domain controller, a member server is enough) and acts as an intermediary between a Blue Coat ProxySG and the domain. The BCAAA Windows Service is vulnerable to a stack-based buffer overflow, this can lead to remote code execution running with SYSTEM privileges. Affected are all versions of BCAAA associated with ProxySG releases 4.2.3, 4.3, 5.2, 5.3, 5.4, 5.5, and 6.1 available prior to April 21, 2011 or with a build number less than 60258. All versions of BCAAA associated with ProxyOne are also vulnerable.
54bac8253d4a2373e84fd3215e027da96d0d0887a6fbb0fdaedba7dac543322f
Business.in.com, Cricketnext.in.com, Hooked-in.com, and Connect.in.com all suffer from cross site scripting vulnerabilities.
a8cace2dd43b47c72530f423365cd7f077325f6b6ec46d04533864ff1108d503
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
972e4c150e3012ba8777f149c858e1e290aeb7ad7976e1551ac1752bc04fb0ed
ESTsoft ALPlayer version 2.0 suffers from a buffer overflow vulnerability. It is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens e.g. a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.
5a582f57cd6e6df287f9f89eb693be5d651a9317c7ec5a7a9f97332fdc138cd4
foobar2000 versions 1.1.7 and below suffer from an integer overflow vulnerability.
e1be7ed3ad055d54958fd516bb25e5f37b083fd880252d91e6465dc4109cc84c
HP OpenView Communication Broker (ovbbccb.exe versions 11.0.43.0 and below) suffer from an arbitrary file deletion vulnerability.
986bc67bf92ec6f9f779b02911e1349819b414d7082a4622ce743f01160246c4