Mandriva Linux Security Advisory 2012-144 - Multiple vulnerabilities has been found and corrected in tetex. The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. Various other issues have also been addressed. The updated packages have been patched to correct these issues.
5c8b23cd2ecf83077e06d18f8f80cd038b4b0c331dd6a9baa869678d5a8dcadf
IMF 2013 Call For Papers - The International Conference on IT-Incident Management and IT-Forensics invites submissions for IMF 2013 being held from March 12th through the 14th in Nuremberg, Germany.
3f1a5a8af64e46622c5319345fb88724f70e4fc883c274b14b9cfe566f4f58d6
Plogger version 1.0 RC1 suffers from multiple cross site scripting vulnerabilities.
b08982a7f4aad0a11297e5e0c3ee78eaa61fcc4a4f0ce5989b79efb7476686ef
Technical Cyber Security Alert 2012-240A - A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system.
a18e5c8d7e2b18824197224cbd232de96e1cff9aaf7438a07a6214ebff4c15da
RV Shopping Cart suffers from a cross site request forgery vulnerability.
ab31b6821553d20ce09762d09990530537d2efbdc776a58973ce3b6e2051bfdb
RV Article Publisher suffers from a cross site request forgery vulnerability.
02a459cfd58a5abb7e58a15a6e14c09b22eaccd57bd2a75287901667e70ad6f3
Simple Web Server version 2.2-rc2 remote code execution exploit with egghunting and ASLR bypass.
d1a0e8222f1406b84f1faec89add1e2b2f68a199e3ffad7936a87cb2222ae326
HP Security Bulletin HPSBUX02805 SSRT100919 3 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 3 of this advisory.
bb8883ca5152edd3963ac91485a78dc0ea7160add1badcaa980ff233f9ff15cf
WordPress Cloudsafe365 third party plugin suffers from a local file inclusion vulnerability.
bd5a56f7a933bc5955131ed5397be43665b68251d1ad3b374a4d6b79d858d3f5
When OpenOffice reads an ODF document, it first loads and processes an XML stream within the file called the manifest. Apache OpenOffice 3.4.0 has logic errors that allows a carefully crafted manifest to cause reads and writes beyond allocated buffers.
493c97b0d9779ff425aec7f71289318f69ad4df12dd5f0dbdc14075fa27d8e32
Ubuntu Security Notice 1547-1 - Vreixo Formoso discovered that the libGData library, as used by Evolution and other applications, did not properly verify SSL certificates. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter data transmitted via the GData protocol.
a4ab1606db51fda6b3872f4eb812e94c816f2b0d3a0230277fcb0126b714fb2a
Ubuntu Security Notice 1546-1 - It was discovered that multiple integer overflows existed in the malloc and calloc implementations in the Boehm-Demers-Weiser garbage collecting memory allocator (libgc). These could allow an attacker to cause a denial of service or possibly execute arbitrary code.
58991ae1377d34f2cb65a2637dac82551f96bcf8a96f7a256a0430749a93efad
Arihant Infotech CMS suffers from a cross site scripting vulnerability.
e943e1e25984a03df8bf7e03c6a9dd90872d10256c23e6fbcd489ae15cdc9ee6
MTV.com suffers from a cross site scripting vulnerability.
a92d3f773cdd8d8a76b2589b80e5361799f19b825300a3476f09b03c016fa039