A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious .ra/.ram file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined size field in the RA header. Specifying a large unsigned value data can trigger a heap corruption and further result in arbitrary code execution under the context of the logged in user. RealPlayer version 6.x is affected.
bfe5e169e16e4573b31c1d946486c9635a80c5cc7312448f5d3b05984f95cf44
Secunia Security Advisory - A vulnerability has been reported in McAfee SmartFilter Administration, which can be exploited by malicious people to compromise a vulnerable system.
a703b1a95357d6c56e78153fecfe2423f047d759e2a36648b9be443b22464153
Secunia Security Advisory - Ubuntu has issued an update for nss. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.
a22ea235370e731b0b3d70da6236fbddeeb7d1c26ee36b8ee1fb96de0c26e4b5
Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
6cefeb9d53564ddd95662c3efb212b82978bad23acf898881484202536c67aa9
This Metasploit module exploits a vulnerability found in the ActiveX component of Adobe Flash Player before 11.3.300.271. By supplying a corrupt Font file used by the SWF, it is possible to gain arbitrary remote code execution under the context of the user, as exploited in the wild.
b495613b72210817067894eb7ff5c08f46dcd44c9088ea935d0a7be729049d9a
Zero Day Initiative Advisory 12-138 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Business Objects Financial Consolidation. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CtAppReg.dll. In the Check function, there is a vulnerability in the handling of the username parameter. If an overly long string is used as the username, it can overwrite heap memory. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the process.
71f5cfb590cb170041ac772bc7eb8657757c72abff12510ade4581f83a51f776
Ubuntu Security Notice 1540-1 - Kaspar Brand discovered a vulnerability in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash.
5695af953d2ea767f7aa873eb14e3f4ba7fb5521839cbd082379adb239015888
Secunia Security Advisory - A vulnerability has been discovered in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
b721f20d6cb0edd03301b0a7b67cc066cf4228efb6aacd786bed621d160d5e47
Secunia Security Advisory - A vulnerability has been reported in RoundCube Webmail, which can be exploited by malicious people to conduct script insertion attacks.
6206f9b456f976185dfbf29eddaa5d17c527e68d821d2ca6e7f9c489dbbe2901
Secunia Security Advisory - A vulnerability has been reported in xmlsd, which can be exploited by malicious people to compromise an application using the library.
781b7305b56efeb276c43dfbfc3f6f8ce7efb151090f4365ce7bc11adf3c788c
Secunia Security Advisory - A vulnerability has been reported in Niagara Framework, which can be exploited by malicious people to hijack a user's session.
fcb1292f884a38b41998f7bc1b2ddd6c43ea28ae0b0670e6a3b67e8c68c4c9a9
Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in Jease, which can be exploited by malicious people to conduct cross-site scripting attacks.
5f4d5743028f542ee686cdc1ac604ca3c51831169ece42241f8efba41f6b1867
Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
a91d49b52fcc2ac25363dddf85fc3ac6686a669ceae00c274f37e7f0b136b46d
Secunia Security Advisory - A vulnerability has been reported in the Elegant theme for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
d2854560cddfa61cfe86ceecb80c48718450d1c7f41c5dd9b2a5bee6ad23de4b
Secunia Security Advisory - A vulnerability has been reported in the RSVPMaker plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
1308c5365a8a6322182004b702e1cffdb5aa396feec096ae18a853239f2a9478
Secunia Security Advisory - Justin C. Klein Keane has reported a vulnerability in the Custom Publishing Options module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
cc35b5266f1d0b8ceb2030857739c796b62542e3b08fdf9ae6beacedabc27687
Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
e49512d4b1183a2b7f7d1e89472e2bc893629bbfad4358cdbeb4e99198996262
Secunia Security Advisory - Debian has issued an update for rssh. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.
eebd89c421afe76c8ec364ab92b3326b1565c0fe049041b41a8d004476cd613d
Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Sametime, which can be exploited by malicious users to conduct script insertion attacks.
4a6db069761d8663aef5f77c93d75b1227ef014fa08b0e34c2a48a57816cc4fd
Secunia Security Advisory - A vulnerability has been reported in IBM Hardware Management Console (HMC) and IBM Systems Director Management Console (SDMC), which can be exploited by malicious, local users to gain escalated privileges.
ad291daf2f590e8e133fc0ae3133eb5a7bee2aea4dfa2c0a92ce907b62295500
Secunia Security Advisory - A vulnerability has been reported in HP Integrity Servers, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
84bf61ca645f53d5be9d45db51df85e0589ef0d7fb3770fb50567fc68d129fe1
Secunia Security Advisory - Reaction Information Security has discovered a vulnerability in Total Shop UK eCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
54a1c2c18a8dfaba92348a1f51fd327b03d8d1ed64c4d66c3807bb7eca1e7163
Secunia Security Advisory - A vulnerability has been reported in Fetchmail, which can be exploited by malicious people to cause a DoS (Denial of Service).
a84121019ed8bda7f2cc912fcc160a16ea3c76d6ccb01759434e23c4614a812b
Secunia Security Advisory - Red Hat has issued an update for condor. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
7f94df5af33031c820e1ac9cbacdf9e28b56823cb1618380c1ca3a1411691b69
Cisco Security Advisory - Cisco IOS XR Software contains a vulnerability when handling crafted packets that may result in a denial of service condition. The vulnerability only exists on Cisco 9000 Series Aggregation Services Routers (ASR) Route Switch Processor (RSP-4G and RSP-8G), Route Switch Processor 440 (RSP440), and Cisco Carrier Routing System (CRS) Performance Route Processor (PRP). The vulnerability is a result of improper handling of crafted packets and could cause the route processor, which processes the packets, to be unable to transmit packets to the fabric. Cisco has released free software updates that address this vulnerability.
bc07f2e416a80379a131e30d960f750f093f1907368c5841670468346b98ce8e
Secunia Security Advisory - A vulnerability has been reported in Cisco NX-OS, which can be exploited by malicious people to cause a DoS (Denial of Service).
5c5a1b4f1ce0aa8b64f4536e08eadfb68c330f841e9c01c46cd3c741294e6ff0