XnView versions 1.99 and 1.99.1 suffers from a heap-based buffer overflow vulnerability. Proof of concept JLS file included.
12f75e008d1e820f5810b663abe9e6f03819746e68bc912e53351dc21ea9a32fTemplate CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
f8abf37639cf0553f4391d208e25723d53d985a4a7b9cc5ee591c7708a514809phpMyBitTorrent version 2.04 suffers from insecure cache handling, remote file disclosure, local file inclusion, and remote SQL injection vulnerabilities.
25fb87d1faed33e02e6892952db60e041cb9171205e8aec0e9f52fbac8d97fb7Drupal Commerce Extra Panes third party module version 7.x suffers from a cross site request forgery vulnerability.
fd2903a2298b35ea3497f37b01559541f2b8389f7ef887058647d9d74da1f919Drupal Twitter Pull third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
9e9cd9906b5e890d35a9064006733f041599cc4a541d99716450375ff80a7258Mandriva Linux Security Advisory 2012-157 - A heap-based buffer overflow was found in the way OpenJPEG, an open-source JPEG 2000 codec written in C language, performed parsing of JPEG2000 image files. A remote attacker could provide a specially crafted JPEG 2000 file, which when opened in an application linked against openjpeg would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application. The updated packages have been patched to correct this issue.
98b971182788c5e8b4e095f6cb612c4623eefe0b9568441f95a2df93944ca40fPHPTax versions 0.8 and below remote code execution exploit. Written in Python.
86294030fd719aa799ec672577b9d00f4cb5ff09a5e758f0b04271418448dd6aNovell Sentinel Log Manager versions 1.2.0.2 and below allow unauthenticated users the ability to configure data retention policies.
f9550b9bb56838e4a763fd7aac655f16ba5fc20d46d5612b4d11feb17b24ba9dNCMedia Sound Editor Pro version 7.5.1 buffer overflow exploit with SEH and DEP.
4195ae37fdb252cffc6ea369a4e3f28b378fc74c86697f3ab2e437a9b9fbd9c1Omnistar Mailer version 7.2 suffers from remote SQL injection and cross site scripting vulnerabilities.
4acd4c095dc0486626e4864ec1e8379733c7558ab90f31e3149a86a143a9be4fWordPress Spider plugin version 1.0.1 suffers from cross site scripting, HTTP parameter pollution, and remote SQL injection vulnerabilities.
7a9a670b6a5688030b9e4d703e1b8649dda210e799378af153a651c0cc7ef47e23rdweb Studio suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
faa8ba15053d2a2fe7520b5a0f4fdb4ebc54b98f48ecbf3a5c48f7dc56fb72b3Secunia Security Advisory - catatonicprime has discovered a vulnerability in PowerTCP WebServer for ActiveX, which can be exploited by malicious people to cause a DoS (Denial of Service).
21cec5831a02344cc117529dc497d403b3f23c89e2488d9df0dd053f38e3bea9Secunia Security Advisory - Some vulnerabilities have been reported in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
f5e29ce5a3554c7de1679a1896b99ce3a89a9be87b149b0e24ce9c776dfe5fc6Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
840362b1c3f9be0d3ce111fecbb01336e75695974a55cb10af853733af1cada4Secunia Security Advisory - Ubuntu has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and cause a DoS (Denial of Service).
28d290814ce84f3292208cb364b3f95d7eb4b380f413a083e32512ece8eca168Secunia Security Advisory - Oracle has acknowledged a vulnerability in Perl included in Solaris, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library.
2bdc292369ad9f4161ed611531974d706929099e0603932ec86a3cd43b842917Secunia Security Advisory - Ubuntu has issued an update for xdiagnose. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
afec8d15d66a4de2d1061296b6480660b3b626e1caa93696db4fd61204a64901Secunia Security Advisory - Ubuntu has issued an update for devscripts. This fixes some weaknesses, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
db3df64ef7016c9453c29682c776b9e7c1cc15480981592129ee6d0a0e08762fSecunia Security Advisory - Ubuntu has issued an update for qemu. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.
ba3a966d4db78e994e08c66b884fc0e29c0f8731a002e498a8a2263268ce04d5Secunia Security Advisory - Red Hat has issued an update for freeradius2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
4a2a6e5737cff4c8fec86ce0f23cf0767a9546331caeb4c7b458523c73b1b225Secunia Security Advisory - A vulnerability has been discovered in ProjectPier, which can be exploited by malicious people to compromise a vulnerable system.
dd3255e5d499c529138c90cae05214a2dde3d6e929474c632a0d3bf05d3471b5Secunia Security Advisory - Zhao Liang has discovered a vulnerability in TurboFTP Server, which can be exploited by malicious users to compromise a vulnerable system.
345936ff19dcd63ce324cd66bce9797072693b5dae7b43a04be0bce25a5b8391Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to potentially gain escalated privileges.
2a3ffcf9faf78a51e7fed91f5988f1acb96b9863e525dbf41f386ac1e0e4b476Secunia Security Advisory - Francis Provencher has discovered a vulnerability in CYME, which can be exploited by malicious people to compromise a user's system.
e8dfce210b53e829cae35745d3d9399d96d9c43db5bec16cd456f1314a0a70c1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed