Secunia Research has discovered a vulnerability in NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by missing input validation in the handling of the "StopModule()" method and can be exploited via a specially crafted "lModule" parameter to reference an expected module structure at an arbitrary memory address. This can be exploited to dereference an arbitrary value in memory as a function pointer. Successful exploitation allows execution of arbitrary code. NTR ActiveX Control version 1.1.8 is affected.
f4c7913670d60302279ef9cbc25fdd9fd7774592fda24b75eade05cc79505853
Kayako Support Suite versions 3.70.02-stable and below suffer from multiple cross site scripting vulnerabilities.
6388220ce5746c5f193fc985d52fcbfe5756c33f0e4edf0d648f11ec4782914a
Debian Linux Security Advisory 2386-1 - Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.
89ffbdaf53b14fe0439e9c22227cb8009a53bf7d105aaf64978807486e3c3283
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
749b21b3ffb4706107fa23982681c9002436ae13b7acd96089e1d8988fdcb778
KnowledgeTree versions 3.7.0.2 and below suffer from multiple cross site scripting vulnerabilities.
9b21d08924793bac2204804fbdd650236a47ac861a6be6886c4da1df63af2bd3
Red Hat Security Advisory 2012-0018-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash.
345d81a1fa63ea7c70fd504a3e3e0e8f3843c34ad996db6b7180e9c9fe1bccdf
Kayako Support Suite versions 3.70.02-stable and below suffer from an information disclosure vulnerability.
20084ddbb8a2ff6cf4d0dd2b7998c8b3d15c75f515922a64130b7664c8af010e
Kayako Support Suite versions 3.70.02-stable and below suffer from a PHP code execution vulnerability.
e47bcffce88a53a2a7b03acfb49fe193a2593ffc314a44126c1c3664d1a16d33
This bulletin summary lists two re-released Microsoft security bulletins for January, 2012.
8166c2fc14d931bf4e778e6f7616fee0030a45c7475187aa3c6a3ec5b521737e
Red Hat Security Advisory 2012-0017-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
8de1cd5c934d9caf3a341c7d1360226ec9cec6a4e744aa685fb458b3ca5d0e5d
Site By Electric Pulp Web Site suffers from a remote SQL injection vulnerability.
e43d15b084cbad04ae2f4b43fbb2ca84d83747ae15390f4e1b371f4b2a3f344a
V3 Yazilim Web Site suffers from a remote SQL injection vulnerability.
508c3b9445d3fd9d4dff7f15d345e75df55fcb0a34450453aa920de378eaa2e4
The administrative panel for WordPress Blog on WordPress.com suffers from a reflective cross site scripting vulnerability.
87662fc54e7b6298ff08f7317f1a8410dcbb4c6454b35404b18429d6ada48103
Red Hat Security Advisory 2012-0016-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. One of those standards is the XML Path Language, which is a language for addressing parts of an XML document. A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.
71b1b4d3d81db6a48e2542cb538a368109f00aa37b462e9dc5d8f5e0f3f2b184
Kayako Support Suite versions 3.70.02-stable and below suffer from a cross site scripting vulnerability.
e751861febf25fae1e2a8f5aa2948adcee16ff4744ed3ba2b9c80b55c1699005
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02fe
x3cms version 0.4.3 suffers from a cross site scripting vulnerability.
f80eeb545377860098d25ac7287e64c8d8c6c3ef75b691270770e21650ef3843