Secunia Security Advisory - A vulnerability has been reported in Dell OpenManage Server Administrator, which can be exploited by malicious people to conduct cross-site scripting attacks.
1ff7053c932c7f89411943c94b63141c39870bb45965991c67f0833a18d51af1
Secunia Security Advisory - A vulnerability has been discovered in the Browser Rejector plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
dbd8752656e046e21f11b9317e3de44407d323c32c23e3c882ea063ba9c1bcb0
Secunia Security Advisory - Charlie Eriksen has discovered a security issue in Call of Duty Elite for iOS, which can be exploited by malicious people to conduct spoofing attacks.
7cc95ca0da88db6c28f77b669565cfafb8ae3e0cc0727f162e8065ba0f3d2eee
Secunia Security Advisory - Charlie Eriksen has discovered a vulnerability in the Zingiri Forum plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
cbc857c3ed93832c428eb15211c02b4ad653c6d623f9a7d8343d6661ec4d9cd2
Secunia Security Advisory - A vulnerability has been discovered in the Store Locator Plus plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
6b1ffd55d64d7d689de8914c2b0e19b65e485c00ffdb351192b45d8cf9b95a34
Ubuntu Security Notice 1681-2 - USN-1681-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman, and Julian Seward discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
f5f21baaa2090e5debbc39691d9b154f1862f668e44f0e1c14d83a6f6939615a
It appears that Google Wallet may share you information with EveryWhereReward.com, who in turn keeps it eternally.
5edf5546c420caa6f44f33049092f514cc7afff8025d13bb4f4f5990e6450979
Technical Cyber Security Alert 2013-8A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.
03beba47c65945e35bec063cab8462697d97bcd471a95aa5041a5f69d2c6ef72
This bulletin summary lists 7 released Microsoft security bulletins for January, 2013.
7fb4892634d68950b1c1b34d1dad4b4b64c5aefcd4e9e0908a039521c1f00bdd
Joomla Incapsula component versions 1.4.6_b and below suffer from a reflective cross site scripting vulnerability.
c5607c9cd5809d111ccf666b897697c5865f1a7009fc745dd22e6f522013f58f
Gentoo Linux Security Advisory 201301-7 - Multiple vulnerabilities were found in DokuWiki, the worst of which leading to privilege escalation. Versions less than 20121013 are affected.
9e606ab4f5f95cf13f5ab5240013341c9f613a2e9a91c233805895c86e691d5c
Gentoo Linux Security Advisory 201301-6 - Multiple vulnerabilities have been found in ISC DHCP, the worst of which may allow remote Denial of Service. Versions less than 4.2.4_p2 are affected.
52ff96ed35904c6394d9f7d674251ad0c4071daa8bc2b1b6ef5a6f6de136a80b
Gentoo Linux Security Advisory 201301-5 - An integer overflow vulnerability has been found in bzip2 and could result in execution of arbitrary code or Denial of Service. Versions less than 1.0.6 are affected.
8a05528f2228d83f188f79f0bc675cb52064b26c73f66d4731fa70b7cc5ff8fb
Gentoo Linux Security Advisory 201301-4 - A vulnerability has been found in dhcpcd, allowing remote attackers to execute arbitrary code on the DHCP client. Versions less than 5.2.12 are affected.
acda0c008db48a45e02bf73f135ff246c317aec49f5e1ad58b80b202b3396b13
Gentoo Linux Security Advisory 201301-3 - Multiple vulnerabilities have been found in Tor, allowing attackers to cause Denial of Service or obtain sensitive information. Versions less than 0.2.3.25 are affected.
1ce5e4fcdcb2acbdce162b2be890b3cc7a74c271c3e1885443f9c9b318d98138
Gentoo Linux Security Advisory 201301-2 - A buffer overflow in HAProxy may allow execution of arbitrary code. Versions less than 1.4.21 are affected.
0e698668e09470c5c10ccd013efb1b5912ebc7335d8c208b77cad093cd325cd0
Ubuntu Security Notice 1681-1 - Christoph Diehl, Christian Holler, Mats Palmgren, Chiaki Ishikawa, Bill Gianopoulos, Benoit Jacob, Gary Kwong, Robert O'Callahan, Jesse Ruderman, and Julian Seward discovered multiple memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Abhishek Arya discovered several user-after-free and buffer overflows in Firefox. An attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
2b169ae0a8e50a945bfa9a6ad63afd568bcd5a5ccd5f1e2be9c786c6f49cbde9
Red Hat Security Advisory 2013-0148-01 - The openshift-origin-node-util package provides a set of utility scripts for a node. Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. A flaw was found in the way the administrative web interface for restoring applications processed options passed to it. A remote attacker could send a specially-crafted request to restorer.php that would result in the query string being parsed as command line options and arguments. This could lead to arbitrary code execution with the privileges of an arbitrary application.
8f14291a6449b7a55d102d48cd9ee2c37de9807dcead869d10b23bf4eefc36f5
Red Hat Security Advisory 2013-0146-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
6118a8cf2e314e27f4cf69f7693d3a704d0411a71f251716e8fb966578fc0b3d
Red Hat Security Advisory 2013-0147-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
e00206a24350569b47bfb61f429fabd4085299eccfacf1826906065bd76d8bf5
Red Hat Security Advisory 2013-0144-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Firefox to execute arbitrary code via plug-ins installed in Firefox.
75285fc97f2f6b9f19802b0e29b73892bc62549092979f361f6c616e2b8fd32a
Red Hat Security Advisory 2013-0145-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Thunderbird to execute arbitrary code via plug-ins installed in Thunderbird.
e41abefb340b2ba28b8f30ea33ea4c37cb0ec31a042cb9743efdff7047c66a32
Debian Linux Security Advisory 2602-1 - Yury Dyachenko discovered that Zend Framework uses the PHP XML parser in an insecure way, allowing attackers to open files and trigger HTTP requests, potentially accessing restricted information.
84e57463f9d197797cfd15e1cdc06623b1260db220e9e82febcdce2387718060