Secunia Research has discovered a vulnerability in Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. The vulnerability is confirmed in versions 4.15.0-r7 and 4.15.0. Other versions may also be affected.
f0fc9c0b15f4d208f5ddbd8f5c527f7918efef3e0855ee3238bb91aeec7edb50Secunia Security Advisory - Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control, which can be exploited by malicious people to compromise a user's system.
23f1efc9d6e496431a8e8c869d66a0c3e776bd5c6c160ef5a33da2d141374643Secunia Research has discovered a vulnerability in DVR Remote ActiveX Control version 2.1.0.39, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by the ActiveX control during instantiation automatically downloading and loading DVRobot.dll from the "manifest" folder of the web server invoking the ActiveX control. Successful exploitation allows execution of arbitrary code via a specially crafted web page and hosted DVRobot.dll file.
e641c5041e65c7dcb486319e4f9f229021c6007e19079a2a67952f9abfd2a4b8Secunia Security Advisory - Secunia Research has discovered a weakness and multiple vulnerabilities in Support Incident Tracker, which can be exploited by malicious users to disclose sensitive information, conduct SQL injection attacks, and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.
10fe08a5f4a38cafa63bf94902bdc8390b2b4f4dcdf6fa7a5abc940ed6f6ba40Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in phpList, which can be exploited by malicious users to conduct script insertion and SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.
019706c9effcbbe18fc31710c9f8c7fe1c7a0f82d41a115a25c70a30d23a5d72Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in KaiBB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
effe2c37af5211978eae9cac67ae06e9b6968c0111d83e5e04ff31957d70aab3Secunia Security Advisory - Secunia Research has discovered three vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system.
754391f1068eba24371539d6d1d2ae3d5631e06756a2b55ac1a7d439697e519bSecunia Security Advisory - Secunia Research has discovered some vulnerabilities in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system.
c161dfe974ee45217dd4e8f9783b0d46b1669f2df5d53e3c90ead167432a4371Mandriva Linux Security Advisory 2011-149 - Multiple vulnerabilities has been discovered and corrected in cyrus-imapd. Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command. Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command.
1191292753cdb7c648b6f3c0d5659116f9b45499232eebda2c0efc795d775ec9Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a logic error in the Ichitaro speed reader (jtdsr.dll) when attempting to reconstruct higher-level objects and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d5e75933e09e845ef137f1e214acd3daba62b091b867d3f86c99c49c4fb8a1bdSecunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Ichitaro speed reader (jtdsr.dll) when parsing "Text" chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d4c58b78a917a3975cccd3fd186aa9b3e2b0fa0d8eb7ac3c3fa3f6db6467cd41Secunia Research has discovered a vulnerability in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer overflow error in the Ichitaro speed reader (jtdsr.dll) when parsing QLST chunks and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. Version 10.3 is affected.
d24cd05a6e4d709be1e57e4e15c52c15b5a2ed2e2c1e3e61fc50b6f372182659Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused by an error in the authentication mechanism of the NNTP server. This can be exploited to bypass the authentication process and execute commands intended for authenticated users only by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. Versions 2.4.10 and 2.4.11 are affected.
a527d453cfb32475e8deb8f919bc978fc3f901cd5b277252506bccdd46d12b1fSecunia Security Advisory - Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions.
f1bf59f6bfac2bff8ddeb1cbb8067795d824879f121f0fdf5150d1287184079eSecunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by a boundary error in GroupWise Internet Agent (gwia.exe) within the HTTP interface (port 9850/tcp) when handling requests for certain .css resources. This can be exploited to cause a limited stack-based buffer overflow via a specially crafted, overly long request.
0a0e3b9755408f3ac4d24cfc5ddaa02db84cde579ed5eb0e2b98699b9e5ace5fSecunia Research has discovered a vulnerability in Novell GroupWise, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by an integer truncation error in NgwiCalVTimeZoneBody::ParseSelf() within gwwww1.dll when GroupWise Internet Agent parses "TZNAME" variables in VCALENDAR data. This can be exploited to cause a heap-based buffer overflow via a specially crafted e-mail containing an overly long "TZNAME" property value. Successful exploitation may allow execution of arbitrary code.
098e587acb10c0083b88ba844ed01cfbf1ec6d61bdeb69e7e6a4f2b9e4413126Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in GEAR CD DVD Filter Driver, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
1bc12ebac4e76f872d6c977c5988e7010049f4cb1a70e58ef47e61d7d22ebd51Secunia Research has discovered multiple buffer overflow vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
aacb553a1f2dad3eeea2c320ebae5a1a08f238fd12635b3a53e42a3b137a366eSecunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in InduSoft ISSymbol ActiveX control, which can be exploited by malicious people to compromise a user's system.
e7edd58244049d72a0d14dc8b0beec9ebdc8aebc891aada17bfd7dde837e3a25Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Provideo ActiveX controls, which can be exploited by malicious people to compromise a user's system.
d1d337f48306b4153d47c0622b9db13c7d3e718f1c1a5a28dbfd25646f6e76bfSecunia Security Advisory - Secunia Research has discovered two vulnerabilities in UUSee, which can be exploited by malicious people to compromise a user's system.
8d8efe40ea351346b65c426d88ff1217e0eed8fd5d03cdb4e0e7e46a4befa485Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Enano CMS, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks.
2bd5b4213851820fe923838c7ed1a75ea94a33a14ff5d72a017c5803e840179bSecunia Security Advisory - Secunia Research has discovered a weakness in Enano CMS, which can be exploited by malicious people to disclose sensitive information.
b6f5300f48830836a25e26acae25c2f28f0151265be6819d35aab21318cc274eSecunia Security Advisory - Secunia Research has discovered a vulnerability in RSLinx, which can be exploited by malicious people to compromise a user's system.
bafa3952dd8e9a61adf5307770f48954a672e98135f1a439f3d2956dfd5fc3efSecunia Security Advisory - Secunia Research has discovered a security issue in NNT Change Tracker and Remote Angel, which can be exploited by malicious, local users to gain escalated privileges.
015a7fb682705d0816da847b19abc46ac8a6233e948b42e2d1dbcb6642f06c86Secunia Security Advisory - Secunia Research has discovered a vulnerability in Avaya IP Office Manager, which can be exploited by malicious people to disclose sensitive information.
1d514a7c1d4e0ea70a58779d62020d93598460c3fdc1d6ef94b341e57602037e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed