Secunia Security Advisory - A vulnerability has been discovered in SilverStripe, which can be exploited by malicious users to conduct script insertion attacks.
a8268e92b9312c35348527a1901f408b693fc8d24bec22c1fa9ac30a41e69b41Secunia Security Advisory - A vulnerability has been reported in HostBill, which can be exploited by malicious people to compromise a vulnerable system.
6fccf7e5b285f05dce10f3f9bcd190e032697bf0784daa5975fe2d127827d0ecSecunia Security Advisory - VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, by malicious people with physical access to disclose certain system information, and by malicious people to disclose sensitive information, conduct spoofing and cross-site scripting attacks, cause a DoS, and compromise a vulnerable system.
03fbde2e7108e3c8addca33faa8e098d26cb7c4463d354eba5bfd504ec948830Secunia Security Advisory - A vulnerability has been reported in FishEye and Crucible, which can be exploited by malicious users to compromise a vulnerable system.
966795fd9012d35c0a7d2f37aba66c2b02af685e23347e8e37d2f2bef5e6afa0Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
0e61a6e226350f291abb2c1d035a02dd7b420e246ac20734c7e602223f151f77Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
854bc2e262fff88ef741e78bf82fffb4832ad1b7eb87f4f13c662b94e8d6c14eMandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.
35b11032bcc6ae21446636fb990652ffe9762c98d3d9d0030aaed125ce61a84dWin32/XP Pro SP3 (EN) 32-bit beep beep shellcode.
6e94bfb9d2b94082ecd1a9d972bdb0de79297cda77b7484f32f0b7fbafb9b244Campaign Enterprise version 11.0.421 suffers from a remote SQL injection vulnerability.
a6e7c8d4760e5b9abb987effc8b747e80986605d0bf70dbc3709453031e5931fThis Metasploit module exploits a vulnerability in the 'proc_deutf()' function defined in /includes/functions_vbseocp_abstract.php in vBSEO versions 3.6.0 and below. User input passed through 'char_repl' POST parameter is not properly sanitized before being used in a call to preg_replace() function which uses the 'e' modifier. This can be exploited to inject and execute arbitrary code leveraging the PHP's complex curly syntax.
b234422868d75376b871ce3713cf474fa00f5083853c55303eeb65ebd679721aThe Joomla CRHotels component suffers from a remote SQL injection vulnerability.
a5210a9d170a3d58dedb14ef2753a0bd0a19beb2c575d1b8fbee04bc2d2dde88Debian Linux Security Advisory 2398-1 - Several vulnerabilities have been discovered in Curl, an URL transfer library.
affc00b6775ce7bca3c3607be8f46595ea437e93d99e80f5874d29cbbc9e4d89TWiki suffers from a cross site scripting vulnerability.
20fa13f95c0cbab3ce12b40327deb0594b221c8360e43b8dd5b2b43d7b2db51dGentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.
baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515Gentoo Linux Security Advisory 201201-18 - Multiple vulnerabilities in bip might allow remote unauthenticated attackers to cause a Denial of Service or possibly execute arbitrary code. Versions less than 0.8.8-r1 are affected.
e549809610bc17b343128bb8db5c084ec972795ac311e48c37fed0d3767d72fc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed