Core Security Technologies Advisory - Windows kernel is prone to a security vulnerability when executing the (GDI support) function 'RFONTOBJ::bTextExtent' located in 'win32k.sys'. This vulnerability could be exploited by an attacker to crash the windows kernel by calling the user mode function 'NtGdiGetTextExtent' with specially crafted arguments. Microsoft admits that this vulnerability may allow Elevation of Privilege attacks but did not provide further technical details.
4c383dc1dc20874f4383e72d2f073249cf93372d58371b51b38ef7fc56b925b6Vtiger version 5.4.0 suffers from multiple reflective cross site scripting vulnerabilities.
46e34297293eac83bae71ead7c25d12b59b59c45ffcc8e3a0a616f838ad25e3fInstantCMS version 1.10.3 suffers from a remote SQL injection vulnerability.
23828f2ece7ce5ee132cb50ec95a38c18e45a28fd502c207d11da99c50075f63Red Hat Security Advisory 2013-1823-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird rendered web content with missing character encoding information. An attacker could use this flaw to possibly bypass same-origin inheritance and perform cross site-scripting attacks.
4936eb4d9515b188a6ff8615a5c50dd5e077108e198ef10ffaf3a322a8dfbe7fUbuntu Security Notice 2053-1 - Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Tyson Smith and Jesse Schwartzentruber discovered a use-after-free in event listeners. If a user had enabled scripting, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.
5159e7e7049d07c70b2c77d71de23572e9d141a50325c9e5342c445e96450dd1Ubuntu Security Notice 2054-1 - It was discovered that Winbind incorrectly handled invalid group names with the require_membership_of parameter. If an administrator used an invalid group name by mistake, access was granted instead of having the login fail. Stefan Metzmacher and Michael Adam discovered that Samba incorrectly handled DCE-RPC fragment length fields. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code as the root user. Various other issues were also addressed.
37f80d54fa555acc23ea6eff4a37a7ea3dc8c6b393c21df3b217c7cb111faf5fUbuntu Security Notice 2052-1 - Ben Turner, Bobby Holley, Jesse Ruderman, Christian Holler and Christoph Diehl discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Myk Melez discovered that the doorhanger notification for web app installation could persist between page navigations. An attacker could potentially exploit this to conduct clickjacking attacks. Various other issues were also addressed.
f5392ed2aec4c1a38337707139196b135dfb0210fd9d2c93db8ff4b5a38a983eRed Hat Security Advisory 2013-1818-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-28, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.332.
23582c18a4a3d6c2c68b2312abb4ab87bfbd0a1da8773518ac07fb095d2fe41bRed Hat Security Advisory 2013-1826-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.
9ada300534a56461543096307814f9cbc56c59cf55e02d8c56f6a614fbaf2caeRed Hat Security Advisory 2013-1824-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.
417ab201a9fe31544fd3443d417d688d8007f8a88452432c51520c1c241351aaRed Hat Security Advisory 2013-1825-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter.
10c5b1abbb3068fc7c14aac71ed113fb542ced1d6edf372efe3a3af2f04382feeFront version 3.6.14 build 18012 suffers from multiple stored cross site scripting vulnerabilities.
0ff0d1243fbef082f5564e536031f90a1a13ceb825468e90ffd5cce8cde11021wtmpClean is a tool for Unix which clears a given user from the wtmp database.
1e123dcaf681799dd910481339b5c9c5af25e91925706c616b8b98668460f766Photo Video Album version 1.0 suffers from local file inclusion and remote shell upload vulnerabilities.
f3876755c36f7ac9243e6f8a55d654c919116bcd7078c7115015dc4c737dd532The official Vatican web site suffers from a cross site scripting vulnerability.
d803f05012af0c7d4a8ad518230fd5aa68d9934addc4f1e0ac0b93fd249f5c2c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed