Multiple vulnerabilities were found in Magic Winmail's Webmail, IMAP, and FTP services. Arbitrary file upload/download, cross site scripting, and directory traversal flaws all exist, along with the ability to access other user's mail. It really IS magic.
6cdd0f75b8a65fb62d8a4639fd3d414b32de01bbd3ab23bb7757fb4fa79da5d6Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system.
d020c513596d0ba89d8483ab21957f60a887308cc990e153ab278cfd7d9603e5Secunia Security Advisory - Vulnerability Lab has reported multiple vulnerabilities in Inout Webmail, which can be exploited by malicious people to conduct script insertion attacks.
758f94ecb90c9ba246456f2dc018afe833005413480d232321b3edfed53a9faeSecunia Security Advisory - High-Tech Bridge has discovered multiple vulnerabilities in PBBoard, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks and bypass certain security restrictions.
3e5245cff4373e675591f071b3ec2cb3e224dbf16678337292e0c91237905f0aWespaJuris versions 3.0 and below exploit that leverages multiple vulnerabilities in order to upload a shell.
c88b207a07a921881c04bb51f5e72349969de8ea379080cc49da4fee5d1b3689Secunia Security Advisory - Multiple vulnerabilities have been discovered in Sticky Notes, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.
7f74401f57dab9727efa6c32aebcb74c420423d91205c3cf44f869d1560d5915Secunia Security Advisory - Multiple vulnerabilities have been discovered in the WP Lead Management plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
621e4d11e8f52beb3c8001b1ec8daf4dad03ba1d03e991be2502975091df60c9Secunia Security Advisory - Multiple vulnerabilities have been reported in DataWatch Monarch BI Server, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, and manipulate certain data.
a2dc09ec5285e070f93484cccd231c91ea4aa86d081852e9bf2fa8140bdcbd2aSecunia Security Advisory - Debian has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
3e23076ea797a8d6aafedb22dbc607794c8f7cacc01260c9477e0fdaef685928Secunia Security Advisory - Multiple vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, gain knowledge of potentially sensitive information, and compromise a user's system.
4358c8241e6bd5b544810371e1ff4688a3d168a3472b6bbfa715df033dd2e189Mandriva Linux Security Advisory 2012-122 - Multiple vulnerabilities has been discovered and corrected in icedtea-web. An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used, it may cause the browser to crash or possibly execute arbitrary code. It was discovered that the IcedTea-Web web browser plugin incorrectly assumed that all strings provided by browser are NUL terminated, which is not guaranteed by the NPAPI (Netscape Plugin Application Programming Interface. When used in a browser that does not NUL terminate NPVariant NPStrings, this could lead to buffer over-read or over-write, resulting in possible information leak, crash, or code execution. The updated packages have been upgraded to the 1.1.6 version which is not affected by these issues.
e54255ca79425edaf6f80ec86b150446915000646da9fc75bb873211676e0a94Secunia Security Advisory - Brendan Coles has discovered a weakness and multiple vulnerabilities in Zenoss, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system and by malicious people to conduct spoofing and cross-site request forgery attacks.
32865cbc497e94949624f8a11a0d71c603e824cdfbc8da350c2f4ddb960a6881Secunia Security Advisory - Multiple vulnerabilities have been reported in ACD Systems Canvas, which can be exploited by malicious people to compromise a user's system.
72657bb6a27bf2ea830a46464869b79ad1d15bd9f3de381883d1f311bc5d2612Secunia Security Advisory - Multiple vulnerabilities have been reported in AccessData Forensic Toolkit, which can be exploited by malicious people to compromise a user's system.
272128a4233772a0d1648c1439d81885353066d9061220ff48722a6d6a18bcb6Secunia Security Advisory - Multiple vulnerabilities have been reported in EnCase Forensic, which can be exploited by malicious people to compromise a user's system.
ab4e17c0e60db1636bc063974761f34c64ef0d876c9a3955aee453b651527f2aSecunia Security Advisory - Multiple vulnerabilities have been reported in Citrix Access Gateway, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and conduct spoofing attacks.
518fd01196641e9b64d8d87ee29b8736e5906153637e24b20906dadba00b056bSecunia Security Advisory - Multiple vulnerabilities have been reported in LibreOffice, which can be exploited by malicious people to compromise a user's system.
05449c7d71b7d1249fe4762e8186366b29cca874f4593324104ca36d0d6aa7e0Secunia Security Advisory - Multiple vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
866ede66dd568befb3799593bf11ead20afb8b6edd320746793617375de8eb89Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
0177b3d6ae4f0b7a4c285cd615eb5f4144fc6bf9439c7e05cacd50257eb04853Secunia Security Advisory - Red Hat has issued an update for libreoffice. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
4ae12fd82c626ad683dc527ebb00234f648b6a4853164637ffdbddf50a666db2Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in OpenSSL included in AIX and Virtual I/O Server, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library.
ed0c5a57d21cfc17398bb32ca7e61dc56a6d01271d6711802a78307b440b56eaSecunia Security Advisory - Red Hat has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
50db47b73dcfa5c7b79741571daae38bb67a7e808b3ce1c9e9ddc2dce8d320c4Debian Linux Security Advisory 2518-1 - Emmanuel Bouillon from NCI Agency discovered multiple vulnerabilities in MIT Kerberos, a daemon implementing the network authentication protocol.
c345c3a09eb83c7948689c2f863b0f6c17f32c2ddaaa2bf52d96090953f5df04Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
8adae9f5fd18c590cb0789a875db24555e185bcf15abe3005135bf346b3241e4Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise SOA Platform. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, and cause a DoS (Denial of Service).
0b8185dd9007da0da65f2831d65d1f08f5e146db7dccb14083cf8198240ddf3bSecunia Security Advisory - SUSE has issued an update for xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
e98c080a38b886135728ae0d267f316a3e83e46d10581cf165ef148e90b9d970
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed