Red Hat Security Advisory 2011-1196-01 - Updated system-config-printer packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. system-config-printer is a print queue configuration tool with a graphical user interface. It was found that system-config-printer did not properly sanitize NetBIOS and workgroup names when searching for network printers. A remote attacker could use this flaw to execute arbitrary code with the privileges of the user running system-config-printer. All users of system-config-printer are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. Running instances of system-config-printer must be restarted for this update to take effect.
b09b720a95fb3cf2be45b8d6a86bb67bcd41aceb22960a30aa54b9aa88ca8f10
Red Hat Security Advisory 2011-1189-01 - Updated kernel packages that fix several security issues, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Using PCI passthrough without interrupt remapping support allowed KVM guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Flaw in the client-side NLM implementation could allow a local, unprivileged user to cause a denial of service.
d97ef6720ae8e063983b3824218d93b24db61be0bd9859deee9eb835fea7f6a9
Engadget.com suffers from a cross site scripting vulnerability.
bd96bbdf9bcc7809848a0e6764180dda61310f4a475f2804da8ec6dd7bb543fd
Nafis Group suffers from a remote SQL injection vulnerability.
296c6e9dd5936ca7ef15555fda2077b335a6a039cb15fba1d3b53a235e4f899e
Open Classifieds version 1.7.2 suffers from a cross site scripting vulnerability.
903f35942fdd6c8d7630d46eeee3ef698c11a1d6d21a11a34afc414edb509134
CYBSEC Security Advisory - AdventNet ManageEngine ServiceDesk Plus version 8 suffers from multiple cross site scripting vulnerabilities.
4cb8c838ca55ecbaeb3334195e1501afc77af2a32ee38f3ff2cd008fd111cd09
Warah Agencia suffers from a remote SQL injection vulnerability.
731e71773d0d6589892656cab5e5dbf073e2fe7afb5f4c66d51c64820e25dd66
Nativedreams suffers from a remote SQL injection vulnerability.
8c053f63ca69fecf71d9ec5903d3505b8261c520793d3c7dc141182331a1a261
Lab Graphic Design suffers from a remote SQL injection vulnerability.
1013feebbb62c100ad6f75df442017527af5041762228888aea0ad0af0ed2240
Dataminas suffers from a remote SQL injection vulnerability.
b6a68f82818d58cc8233841cb38a3f047b4cb8577f1ba230219c6710e847d46d
F-Secure Anti-Virus 2010 / 2011 and Internet Security 2010 / 2011 active-x SEH overwrite exploit.
b38eddf800c45049b97bae2be28253121ba1933544a054983303e953ef2b916f