IPS Community Suite versions 4.1.12.3 and below suffer from a remote PHP code injection vulnerability.
07d34c8cc41959e3fc58495e9c36c8046479cb6ce919a0514491dabfe2561b46Debian Linux Security Advisory 2462-2 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service. The initial update introduced a regression, which could lead to errors when processing some JPEG files.
28fcbb1e90ae72c09e69a3ee5e5b21c7f4e25a9ac41f8c2362ab810ece6c687cDebian Linux Security Advisory 2462-1 - Several integer overflows and missing input validations were discovered in the ImageMagick image manipulation suite, resulting in the execution of arbitrary code or denial of service.
132c0a8aab05698e43ed93ac17041bec1f40bc314bb4d4da66317818ef77adc3Nokia CP Suite Video Manager versions 7.1.180.64 and below denial of service exploit that creates a malicious .mp4 file.
daf7b2e22b9a005980356be684ac1ed2fd5a006e4717b6e3dd0743dbd43d78a3Debian Linux Security Advisory 2458-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.
63ce617ad4207fc9f6f56c8d68d84d9f42707e256fcf4c53016b892111eca303Red Hat Security Advisory 2012-0519-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. This release of JBoss Enterprise Portal Platform 5.2.1 serves as a replacement for JBoss Enterprise Portal Platform 5.2.0, and includes bug fixes.
4c2d7e867f2236c82154ad3fdca5b623e021c311c49562d7e1ef097fb83249f5Secunia Security Advisory - A vulnerability with an unknown impact has been reported in vBulletin Suite, vBulletin Forum, and the MAPI plugin for vBulletin.
d501af79e3593f263d1945d58eefc63a0c1479de9fb76057186be1b13b2c6919Secunia Security Advisory - A vulnerability has been reported in Oracle E-Business Suite, which can be exploited by malicious people to manipulate certain data.
ca58a2aaa1522231013d97b18eed6e0f5f185acb02bddd45f6c53a8afce7118dSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data.
39c4e95e498d4fbc3ccfbb4c18a8c6b9d0424c845e1faf5b01a4bf2b4b896ee4ClubHACK Magazine Issue 27 - Topics covered include Sysinternals Suite, The Burning issue in Web Application, and more.
b1c13729bc8393992e2f2cfcc38228182f6593cc5ba472cb1b4dbcaa90fa8ff2Red Hat Security Advisory 2012-0478-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
18abb32cf9211542fd5a4c9fa789e88cd4d5530dd19accafd5056d840cd3a798Crystal Office Suite version 1.43 suffers from a buffer overflow vulnerability.
00e9187291df1055fbc476956aad1c96f69a0d2299d6723bf0c988d16d578cdfDHTMLX Suite version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
368268eb4af1dc32228e81f52b2a59ea1e8e6861fad8de12bceb27019a86dc12Red Hat Security Advisory 2012-0466-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
ac3d0a5cf4ad166161f6d299cf8b70631e442e80e31a75c43f97926eb4e060f3Red Hat Security Advisory 2012-0465-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A flaw in the Samba suite's Perl-based DCE/RPC IDL compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon to crash or, possibly, execute arbitrary code with the privileges of the root user.
5a04569b6919bd0a20fe7431a7493f6484a21e57dfa7115a5e0ef655365f0b8dThis Metasploit module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the command '-PutUpdateFileCore' as the argument. After execution, the ASP script with the payload is deleted by sending another specially crafted SOAP request to "WSVulnerabilityCore/VulCore.asmx" via a "SetTaskLogByFile" operation.
0f339f9c1af48dbfe9bfacaefebfc2b71162b36ed475e3bea07c0a38fda09f1bThe Drupal Chaos Tool Suite module version 7.x suffers from a cross site scripting vulnerability.
80d66e0a5170005cb66e1988ba20428a8cdff88a472053008c696562e43d5e13Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
49e701723581bf59d80e6e2bc2301b8889e2441bdfaea8466813adf1eee68f9cMandriva Linux Security Advisory 2012-040 - gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. The updated packages have been patched to correct this issue. The GnuTLS packages for Mandriva Linux 2011 has been upgraded to the 2.12.8 version due to problems with the test suite while building it, additionally a new dependency was added on p11-kit for the PKCS #11 support.
8c82c1513bd666093f762efb98cbc93ba20dbed872d8c6c946cbde14ef5e7aa3Red Hat Security Advisory 2012-0411-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. OpenOffice.org embeds a copy of Raptor, which provides parsers for Resource Description Framework files. An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If OpenOffice.org were to open a specially-crafted file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running OpenOffice.org had access to. A bug in the way Raptor handled external entities could cause OpenOffice.org to crash or, possibly, execute arbitrary code with the privileges of the user running OpenOffice.org.
9a0a4f543457fc7348795ef6b90c507f9cb100611358fcad986b6f701a4bd297LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote arbitrary file deletion vulnerability.
0c80de7eb7401e75b9edafdab61c3336a8c7bbaca85898f61b94f2f26254ccd3LANDesk Lenovo ThinkManagement Suite version 9.0.3 suffers from a core server remote code execution vulnerability.
fe7e3841d8266a0bdf777c01b95935543a5458d8b05813ac7e4e79d579cbd473HP Security Bulletin HPSBUX02741 SSRT100728 2 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform an access restriction bypass. The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 2 of this advisory.
55cdfcc13a7fe14d92fa9c28027368bdaa391209c80e57fec15c56acf2bdeff9Debian Linux Security Advisory 2427-1 - Two security vulnerabilities related to EXIF processing were discovered in ImageMagick, a suite of programs to manipulate images.
c305684477a383d74fa7e715692634c1bb41c63a394c41c6f920e4364c62f41dRed Hat Security Advisory 2012-0345-02 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. It was found that JBoss Web did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make JBoss Web use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties in "jboss-as/server/[PROFILE]/deploy/properties-service.xml".
5f8ed354af7f93aae635f0011391c698a68ac7e5da46495e45b1d1b424d2b453Red Hat Security Advisory 2012-0349-01 - On March 01, 2012, all Red Hat Enterprise Linux 4-based products listed transition from the Production Phase to the Extended Life Phase: Red Hat Enterprise Linux AS 4, Red Hat Enterprise Linux ES 4, Red Hat Enterprise Linux WS 4, Red Hat Desktop 4, Red Hat Global File System 4, Red Hat Cluster Suite 4.
e326550afcdeea4064006170ceef17b1544525cfcecf9f031e3dac47bae27ec1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed