The chat.support.samsung.com site suffers from a cross site scripting vulnerability.
9f0803be25349ade84268a4aab6e25c1ad1370139f3f20ec2b32bc4121d9d3c2Red Hat Security Advisory 2011-1478-01 - The IBM 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.5.0 SR13 Java release. All running instances of IBM Java must be restarted for this update to take effect.
7cbb5153f3abe274888815acc7fa18117fcca8ce03c1474aa2d2b823dd99ca87SIP Army Knife is a fuzzer that searches for cross site scripting, SQL injection, log injection, format strings, buffer overflows, and more.
4fd73eaa07d985c2b97468b07640cbf674016b6d676e720e5c0ed70b2df09c64Zabbix versions 1.8.4 and below suffer from a remote SQL injection vulnerability in popup.php.
b56256dc6e49aa84426a464efcebce6a3ac34661337e511965f33cf77a058512HP Network Node Manager i version 9.10 suffers from multiple cross site scripting vulnerabilities.
83eae4f4628bedcd448ce44aa7fc9d25cf598baae74f35123c5bec4ee8114545CgCraft LLC Design suffers from a remote SQL injection vulnerability.
db95c752930f8fbb2bb27965feaf5d9f06bfff11b71a172a9c17ed2c4410faae48 bytes small Linux/MIPS execve /bin/sh shellcode.
e05b3f3d11e44fb1f0249c1ab2224ecc1c315978a8021004d63803a15a770b0eLog1CMS version 2.0 remote code execution exploit that leverages ajax_create_folder.php.
e42cee700505621b6ad1fce6c51c6c98f6b151986a1cc0d80ea0e471e27e2e1dUbuntu Security Notice 1279-1 - Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Vasiliy Kulikov discovered that taskstats did not enforce access restrictions. A local attacker could exploit this to read certain information, leading to a loss of privacy. Various other issues were also addressed.
a57a6a4677aad213b5b06f27421d5abb8eefa70db03930de1545039b4bd62c37Ubuntu Security Notice 1278-1 - It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being used, a local attacker could exploit this to crash the system, leading to a denial of service. Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Various other issues were also addressed.
8fc659e1e77c5000547f9f535c1921bdcb9f9740bffb44f47b411d8891107fd1Ubuntu Security Notice 1269-1 - Vasily Averin discovered that the NFS Lock Manager (NLM) incorrectly handled unlock requests. A local attacker could exploit this to cause a denial of service. Robert Swiecki discovered that mapping extensions were incorrectly handled. A local attacker could exploit this to crash the system, leading to a denial of service. It was discovered that the wireless stack incorrectly verified SSID lengths. A local attacker could exploit this to cause a denial of service or gain root privileges. Various other issues were also addressed.
748fe00a71d2900d82893524fc7936b6d46ed4c251a839f7421b33b7b5d70cb7EDJE Technologies suffers from a remote SQL injection vulnerability.
86f1b29825b746b58601471a709df104c9b9d5494c02fb26eb8ec1216d7443c0164 bytes small Linux/MIPS add user (UID 0) with password shellcode.
33fe89705d37ee6fd02b2cee2201f40340d0f78902c3d725866581684affd745HP Security Bulletin HPSBUX02725 SSRT100627 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to disclose information, allow authentication bypass, allow cross-site scripting (XSS), gain unauthorized access, or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.
da0edbfa949de2b7034ad0a1fe927c5c9205a87431abdda03737962e90086071HP Security Bulletin HPSBUX02724 SSRT100650 2 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 2 of this advisory.
150c53828ac40def657ef231f9f25d5ce03f432d4f8dfeb50cd875906b300e5cLibLime Koha versions 4.2 and below suffer from a local file inclusion vulnerability.
4dbc5554bbfad191d732b5f61b07b2f5e33f63eea0e11ef62d9f69e503feb65bUbuntu Security Notice 1277-2 - USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were addressed as well.
28bd532ded831a89497654f782221fbde98b55af2975d73060350ebece644e3dUbuntu Security Notice 1277-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were also addressed.
50cacdc3fc2d46a4452a7d176ace181644b756e1e80e2655e104e50a14231030
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed