SC version 7.16 suffers from a stack-based buffer overflow vulnerability.
40e606ae5848c8a18afcea6e187fa8b744256b579867bdeaeb23ecddd85f175dSecunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
312c2d9673be9c4269e466183c43c773e722f5516f299990ed56c53da2cd58a2Secunia Security Advisory - Two vulnerabilities have been reported in HP Fortify Software Security Center, which can be exploited by malicious users and malicious people to disclose potentially sensitive information.
dcee000b95e31ec23cf2b6b5733eca431a992612a74e67ebec0c0aa7c74e9161Secunia Security Advisory - Brendan Coles has discovered two security issues and a vulnerability in TestLink, which can be exploited by malicious people to conduct cross-site forgery attacks and disclose certain sensitive and system information.
b75356024a543a0d9fde7722cd0bfef56d5c9bb5cdff27c1f45155eefb22e5adSecunia Security Advisory - Two vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
ad6ffec457e6c1524a99a422c41160f6b60dfcc1852d2d3b8ed4c9b76d2eff58This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.
943d1370d3c4c203bec054c6328adda12b9aa04b01b7010bb71dea9ec2bef8a7Ubuntu Security Notice 1537-1 - It was discovered that OpenOffice.org incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
732af7ab4447e86da664cb28cd27c2933227231e898ccd4393d48db0e3186698Ubuntu Security Notice 1536-1 - It was discovered that LibreOffice incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program.
4d043603529ee5cc103e3b5aee7adbaaa490fe5f2e360031f1ed03e54b0f33caMandriva Linux Security Advisory 2012-131 - Just Ferguson discovered that libotr, an off-the-record messaging library, can be forced to perform zero-length allocations for heap buffers that are used in base64 decoding routines. An attacker can exploit this flaw by sending crafted messages to an application that is using libotr to perform denial of service attacks or potentially execute arbitrary code. The updated packages have been patched to correct this issue.
d2dfc5f2426fd1d0773603a84cfba004ef4a99ccaa10eaee9b7fdd6c41ecb855TCExam version 11.3.007 suffers from a cross site scripting vulnerability.
c2df81fe1434df8351dd6026e93abcd6a2dd042f7a15ef09a4566b27505d3dedTotal Shop UK eCommerce, which is based on CodeIgniter version 2.1.2, suffers from a cross site scripting vulnerability.
5152d11e96f30211a557516deffd45d1b790edd8b739f21a1dd10b248c3997c9ProQuiz version 2.0.2 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.
cd96527f58d918d01dbe7ff75611b1729daf91b7449eeb441565cef7115b0a2aShopping Tree, Inc. software suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
710c6c5f6d8a0112ff32d4cd35417f5a21917d22421ec5fcd825351690c94a00Hotel Booking Portal version 0.1 suffers from cross site scripting and remote SQL injection vulnerabilities.
256b6d0f295a339e04943601e44942aae79e9b08c4b1430be39582ee5d729968Viscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
bbed2f8bef6e98f9f906db21866f9556901fd2af1233ad2af5fa7f69e3f8af21Playboy.com suffers from a cross site scripting vulnerability.
d3c90c643472122d05f903587daaf7a21fbecbd2556a199dc7102ffaac3713b6The heasarc.gsfc.nasa.gov site suffered from a cross site scripting vulnerability.
58f35f396ed253b516d3f9af4c85beaa88e1b34ee3b6b86a72f532bebc716a74Mcdonalds.com suffers from a cross site scripting vulnerability.
9645dd64740cc659afa8e577fdac2bf3473b1a0624a9e0ff8055e95dc9d564c4The profile.callofduty.com site suffers from a cross site scripting vulnerability.
51263e977736c214f93598fe8b0a3642fb0f7d1eef0ba388f7b6cd5f02a5503bBlogspot suffers from a cross site scripting vulnerability.
3087ca1250acb62189df6b2bd039fb5fa6c93eb981f58ed40720f9da803aa3e3Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious users to cause a DoS (Denial of Service).
1d366967d1b82f4b9c5837e484d97357b744bb397a268d710d56649a30675bb5Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
809644f0f830b68f9237de0ad03ab3dd5c1b4a989c954f365fc500269850a12bInterPhoto Image Gallery version 2.5.1 suffers from a cross site scripting vulnerability.
c0eee9371e9f66cbc2a99e66b0ebc0da116ec82ae2d3ee2b16ada2292169ebdfFlynax General Classifieds version 4.0 suffers from remote SQL injection and cross site scripting vulnerabilities.
db1f2f313b482036bc130944faf4a29255e2a709435bf33a8280a2f78217792fZend Framework suffers from local file disclosure via XXE injection.
eb7c6a34464370c4bd7ce549e0dfb4ef4024f3518120db41e18e374bcccf17c4Various mynet.com sites suffer from a cross site scripting vulnerability.
313120e7301950a799a15a3cf6ad10e07d7ebc177f2a7e037a399b89b05cb1f6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed