Farsi News version 3.0 suffers from a backup disclosure vulnerability.
7bf3c5f4af9a1a5e769f9e2b90dc6c48294d156c321bec1d5e5b276815740703jNews version 7.5.1 suffers from an information disclosure vulnerability.
8214722ddd9ca008b611300d42fa16e4a05043e2f0815c3bd8e4548c85fc58bbSecunia Security Advisory - A vulnerability has been discovered in the ccNewsletter component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
be98197b175615c957bf8d244d36418865e2d8aa9e58b058ffd27b84e72c8065Red Hat Security Advisory 2012-0516-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in Sanitiser for OpenType, used by Thunderbird to help prevent potential exploits in malformed OpenType fonts. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
0bf5163662f42c2a166ea76e85e9a4cc7f993ff980df574262198b7071fcb1e2The Joomla CCNewsLetter module version 1.0.7 suffers from a remote SQL injection vulnerability.
d2c897d67407427434081f218fb0089ff1365eac5a2eba24124029029063349cNewsroom.cisco.com suffers from a cross site scripting vulnerability. The author tried to reach Cisco and did not get a response.
8cb55dcf643631a60ab31199d4e7eaff006fd074677b2736947138779877bde1Newscoop version 3.5.3 suffers from cross site scripting, remote file inclusion, and remote SQL injection vulnerabilities.
179c3d850b4f0b8c40cd0b860cffbc9bc791577cafe65803bd5036477ee78092Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the Image News slider plugin for WordPress.
448f77dcdb48b8ca1a9784ced0b2e9f3d587bf1a9ad0b02aaaf12c8b67321764Secunia Security Advisory - Some vulnerabilities have been discovered in Newscoop, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
7cb33a3d20f67fa7f76677c9e1a2dd5b0c110eb65bf63d4d2be1a43a482c30e0Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in the Image News slider plugin for WordPress.
e4f5824875ca90d87464edf874b48532ad8ea74636d49ec80cb5d9514930f0f0Secunia Security Advisory - Mutliple vulnerabilities have been reported in the ALO EasyMail Newsletter plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
ff0e9260ab28e477c71acafc87b2fb60e11cc552a1a89d503e36d7801b01fab2Debian Linux Security Advisory 2437-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.
8dcbd2a37f80834fa0912dd479a18e7cb232422b36d92902756a7af2700a51ffRed Hat Security Advisory 2012-0388-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws were found in the way Thunderbird parsed certain Scalable Vector Graphics image files. An HTML mail message containing a malicious SVG image file could cause an information leak, or cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
3dd40ab51030e9ae870a195c9b560c97904e1bb39c116285b0e7dade2276f05eVarious Drupal modules such as Content Lock, Ubercart Bulk Stock Updater, Ubercart Payflow Link, ticketyboo News Ticker, Admin tools, and Redirecting click bouncer suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
dfba66004ce172b759e13bd0d69c968ca2876ae3c5a889fa13c062cb84aef994Red Hat Security Advisory 2012-0141-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A heap-based buffer overflow flaw was found in the way SeaMonkey handled PNG images. A web page containing a malicious PNG image could cause SeaMonkey to crash or, possibly, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
f1267c41db6a862799ec7a24f82bdf3f9e615c43178f198aa66dbb317e17b034Red Hat Security Advisory 2012-0140-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A heap-based buffer overflow flaw was found in the way Thunderbird handled PNG images. An HTML mail message or remote content containing a specially-crafted PNG image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. All Thunderbird users should upgrade to this updated package, which corrects this issue. After installing the update, Thunderbird must be restarted for the changes to take effect.
a03180c6087c793165bf19fb58a59dffacdb68d9bba7fa484e10ce8e5166445fThis is an newsletter that discusses information related to Capture The Flag that will be held at DEF CON 20 this year.
ae4ac34dbc347466ae0fed2bc2c7c50f2afe22240b5f39b8991a0c36dc37c044Red Hat Security Advisory 2012-0085-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
fe4d73c0e1fcfc4fc1ff96734d69098c1227b4827555ab95f7dcc0b4b1d719bfRed Hat Security Advisory 2012-0084-01 - SeaMonkey is an open source web browser, e-mail and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. The same-origin policy in SeaMonkey treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets.
39ff68cd83efc384bf01448850de7e3a08a5b5755f99a6396e8299ecd7c70391Red Hat Security Advisory 2012-0080-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A use-after-free flaw was found in the way Thunderbird removed nsDOMAttribute child nodes. In certain circumstances, due to the premature notification of AttributeChildRemoved, a malicious script could possibly use this flaw to cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Several flaws were found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
2e6efa49da83303192c15543ced941a9718f90eeae81ce6374914405fa43bfa9The Joomla Funny News component suffers from a local file inclusion vulnerability.
74e908aafa50d33d30058118b6764f1dbb9ba0264712adca05a55644718eaf10The Joomla Sadnews component suffers from a local file inclusion vulnerability.
1dfa7ab5db2437c2d1dcab40aec7cb5429b88e888116e477410a98b423cf882bNewsAlloy.com suffers from a cross site scripting vulnerability.
84f9e1f3978d97206d6ce07cb4aa35b639e442c610071272d6913277762c1632Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
f141a41fffd31494a0f96ebbb6b999eab33ce62d5c31f81222a0acd034adbf3aRed Hat Security Advisory 2011-1508-01 - The cyrus-imapd packages contain a high-performance mail server with IMAP, POP3, NNTP, and Sieve support. An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature.
6b3205303af6886661268ac79f893acb0064e876132277e16c652b3953622d34Secunia Security Advisory - A vulnerability has been discovered in the MeeNews plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
57644dd55ecf2be450a918ad94db2972d5ab62e3f8cf479295b90599198e5858
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed