Joomla Jooproperty component version 1.13.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
ecb0bb0f7042b4fec4ad2c830d6701de883a1b4f5539f0e112f83b938f85f6b0Ubuntu Security Notice 1659-1 - It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
0bef680340e4621767a09c5ee0c98bd23e8f0258f9c0c5bfda1860ce8e2d01dbUbuntu Security Notice 1658-1 - It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.
d0c372423b678f929cd1dbb1f7270c32c54eadc7f415908d7402cac86511b46cRed Hat Security Advisory 2012-1558-01 - The openstack-glance packages allows virtual machine images to be discovered, registered and retrieved. It also includes a RESTful API to provide these services to other applications. The openstack-glance packages have been upgraded to upstream version 2012.1.2, which provide a number of bug fixes and enhancements over the previous version. A flaw in Keystone allowed an attacker with access to the web and network interfaces to delete arbitrary, non-protected images from Glance servers.
ab35d9476afeff9aff0481b2bf8dd16637682e6afdbe90c9ffe38d320070f561Red Hat Security Advisory 2012-1555-01 - The OpenShift Management Console provides a web interface for managing OpenShift Enterprise. It was found that the OpenShift Management Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the OpenShift Management Console, into visiting an attacker controlled web page, the attacker could make changes to applications hosted within OpenShift Enterprise with the privileges of the victim which may lead to arbitrary code execution in the OpenShift Enterprise hosted applications.
5bbed4ae9ce098b96f49a97249361a3831f853106f6363c74707accb15234638Red Hat Security Advisory 2012-1557-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. The openstack-keystone packages have been upgraded to upstream version 2012.2.1, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following security issues: A flaw in Keystone allowed an attacker with access to the web and network interfaces to continue using chained tokens linked to tokens that had expired. This would allow the attacker to continue using the tokens despite the parent token being expired, giving them continued access to OpenStack services.
049422a68c95f666521fc11188f18b634060976a525e6b3591406c740aafbde2Red Hat Security Advisory 2012-1556-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. The openstack-keystone packages have been upgraded to upstream version 2012.1.3, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following security issues: It was found that Keystone did not correctly handle users being removed from tenants when Amazon Elastic Compute Cloud style credentials were in use. When a user was removed from a tenant, they retained the privileges provided by that tenant, allowing them to access resources they should no longer have access to.
c03a7ac3f00a8f63456f921f8cd1f743a8d990c673054c23a88f4c3f9099534a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed