Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.
f4c7913670d60302279ef9cbc25fdd9fd7774592fda24b75eade05cc79505853Kayako Support Suite versions 3.70.02-stable and below suffer from multiple cross site scripting vulnerabilities.
6388220ce5746c5f193fc985d52fcbfe5756c33f0e4edf0d648f11ec4782914aDebian Linux Security Advisory 2386-1 - Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.
89ffbdaf53b14fe0439e9c22227cb8009a53bf7d105aaf64978807486e3c3283Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
749b21b3ffb4706107fa23982681c9002436ae13b7acd96089e1d8988fdcb778KnowledgeTree versions 3.7.0.2 and below suffer from multiple cross site scripting vulnerabilities.
9b21d08924793bac2204804fbdd650236a47ac861a6be6886c4da1df63af2bd3Red Hat Security Advisory 2012-0018-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash.
345d81a1fa63ea7c70fd504a3e3e0e8f3843c34ad996db6b7180e9c9fe1bccdfKayako Support Suite versions 3.70.02-stable and below suffer from an information disclosure vulnerability.
20084ddbb8a2ff6cf4d0dd2b7998c8b3d15c75f515922a64130b7664c8af010eKayako Support Suite versions 3.70.02-stable and below suffer from a PHP code execution vulnerability.
e47bcffce88a53a2a7b03acfb49fe193a2593ffc314a44126c1c3664d1a16d33This bulletin summary lists two re-released Microsoft security bulletins for January, 2012.
8166c2fc14d931bf4e778e6f7616fee0030a45c7475187aa3c6a3ec5b521737eRed Hat Security Advisory 2012-0017-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
8de1cd5c934d9caf3a341c7d1360226ec9cec6a4e744aa685fb458b3ca5d0e5dSite By Electric Pulp Web Site suffers from a remote SQL injection vulnerability.
e43d15b084cbad04ae2f4b43fbb2ca84d83747ae15390f4e1b371f4b2a3f344aV3 Yazilim Web Site suffers from a remote SQL injection vulnerability.
508c3b9445d3fd9d4dff7f15d345e75df55fcb0a34450453aa920de378eaa2e4The administrative panel for WordPress Blog on WordPress.com suffers from a reflective cross site scripting vulnerability.
87662fc54e7b6298ff08f7317f1a8410dcbb4c6454b35404b18429d6ada48103Red Hat Security Advisory 2012-0016-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
71b1b4d3d81db6a48e2542cb538a368109f00aa37b462e9dc5d8f5e0f3f2b184Kayako Support Suite versions 3.70.02-stable and below suffer from a cross site scripting vulnerability.
e751861febf25fae1e2a8f5aa2948adcee16ff4744ed3ba2b9c80b55c1699005VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02fex3cms version 0.4.3 suffers from a cross site scripting vulnerability.
f80eeb545377860098d25ac7287e64c8d8c6c3ef75b691270770e21650ef3843
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed