Joomla Jooproperty component version 1.13.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
ecb0bb0f7042b4fec4ad2c830d6701de883a1b4f5539f0e112f83b938f85f6b0
Ubuntu Security Notice 1659-1 - It was discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.
0bef680340e4621767a09c5ee0c98bd23e8f0258f9c0c5bfda1860ce8e2d01db
Ubuntu Security Notice 1658-1 - It was discovered that MySQL incorrectly handled certain long arguments. A remote authenticated attacker could use this issue to possibly execute arbitrary code.
d0c372423b678f929cd1dbb1f7270c32c54eadc7f415908d7402cac86511b46c
Red Hat Security Advisory 2012-1558-01 - The openstack-glance packages allows virtual machine images to be discovered, registered and retrieved. It also includes a RESTful API to provide these services to other applications. The openstack-glance packages have been upgraded to upstream version 2012.1.2, which provide a number of bug fixes and enhancements over the previous version. A flaw in Keystone allowed an attacker with access to the web and network interfaces to delete arbitrary, non-protected images from Glance servers.
ab35d9476afeff9aff0481b2bf8dd16637682e6afdbe90c9ffe38d320070f561
Red Hat Security Advisory 2012-1555-01 - The OpenShift Management Console provides a web interface for managing OpenShift Enterprise. It was found that the OpenShift Management Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the OpenShift Management Console, into visiting an attacker controlled web page, the attacker could make changes to applications hosted within OpenShift Enterprise with the privileges of the victim which may lead to arbitrary code execution in the OpenShift Enterprise hosted applications.
5bbed4ae9ce098b96f49a97249361a3831f853106f6363c74707accb15234638
Red Hat Security Advisory 2012-1557-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. The openstack-keystone packages have been upgraded to upstream version 2012.2.1, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following security issues: A flaw in Keystone allowed an attacker with access to the web and network interfaces to continue using chained tokens linked to tokens that had expired. This would allow the attacker to continue using the tokens despite the parent token being expired, giving them continued access to OpenStack services.
049422a68c95f666521fc11188f18b634060976a525e6b3591406c740aafbde2
Red Hat Security Advisory 2012-1556-01 - The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token, Catalog, and Policy services. The openstack-keystone packages have been upgraded to upstream version 2012.1.3, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following security issues: It was found that Keystone did not correctly handle users being removed from tenants when Amazon Elastic Compute Cloud style credentials were in use. When a user was removed from a tenant, they retained the privileges provided by that tenant, allowing them to access resources they should no longer have access to.
c03a7ac3f00a8f63456f921f8cd1f743a8d990c673054c23a88f4c3f9099534a