Farsi News version 3.0 suffers from a backup disclosure vulnerability.
7bf3c5f4af9a1a5e769f9e2b90dc6c48294d156c321bec1d5e5b276815740703WordPress Meenews plugin version 5.1 suffers from a cross site scripting vulnerability.
41b3810dee49681a7af5b5d43b3fb63e90fab9847e98dffff50885e5a8f91d9aRed Hat Security Advisory 2011-1440-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A cross-site scripting flaw was found in the way SeaMonkey handled certain multibyte character sets. A web page containing malicious content could cause SeaMonkey to run JavaScript code with the permissions of a different website. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
be943c91e86570f5afdd3ff9f206a5e3daeeed4880fe0df663aa87a0cc2bf88cRed Hat Security Advisory 2011-1439-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled certain add-ons. Malicious, remote content could cause an add-on to elevate its privileges, which could lead to arbitrary code execution with the privileges of the user running Thunderbird. A cross-site scripting flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious, remote content could cause Thunderbird to run JavaScript code with the permissions of different remote content.
6725630111957b4cce773bf3191856fea647483be273c966fc6ba69b7cb37d3cRed Hat Security Advisory 2011-1438-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A cross-site scripting flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious, remote content could cause Thunderbird to run JavaScript code with the permissions of different remote content. Note: This issue cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.
4935d112f7e8f6b78913afa49bf394d199e635564960c3a3b5a3abb52565bb18Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
a027a535b35e5f9ca7091e4c83a06b4be48f0f95d6906bdd467ccc0659e7e798Secunia Security Advisory - kurdish hackers team has discovered multiple vulnerabilities in Magtrb MyNews, which can be exploited by malicious people to compromise a vulnerable system.
b58ed0325a818f59f2f23db48e6a5aafc20c844546a98a217edc7c18c8db80e0Hack This Zine Issue 13 - This issue's topics include Solidarity, Hacker Profiles, Bitcoin, various news and more.
b1d413cc63c950285dd48246104d152c5c190ac84db4bd63908f55f26f6c5822Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.
69c119dd10637e93745b7d47028577720527e2e790477da1e00cfc3d5ceebc42Red Hat Security Advisory 2011-1344-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way SeaMonkey handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.
9da687a381ca20d046b5c50589b968fee6f0f6760fa5b50b72ae19d0c9de5863Red Hat Security Advisory 2011-1343-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way Thunderbird handled large JavaScript regular expressions. An HTML mail message containing malicious JavaScript could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
3687f8be51c9a85fd3c79f10c8bab76b7b4dafaaac4db14db59c0c0b77e3d708Red Hat Security Advisory 2011-1342-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird processed the "Enter" keypress event. A malicious HTML mail message could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the mail client to open malicious web content.
a8625a9160b247b90199ce4274aa8f6096c8d45553eb33684ffa4642f14866c3MyNews version 1.2 suffers from a remote file inclusion vulnerability.
98473dea15460cad189a1cb641d82abda2afcb65692491f9e52168e5282a1d7bTor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
5af42b1cc07704fcbde8bb44380e5a02ebedc75470a132c70022ecb5f8476bcfBulletlink Newspaper Template Software suffers from a remote blind SQL injection vulnerability.
527bb82149fa2030ec271de2c72a2f14ca5303161e6ee49e8b2c97cf661c157aRed Hat Security Advisory 2011-1267-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. The RHSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All Thunderbird users should upgrade to this updated package, which resolves this issue. All running instances of Thunderbird must be restarted for the update to take effect.
69aa7adc07bc289eb1af3b0ebabb93ca6e1a697884694c17a9a228c650adf59fRed Hat Security Advisory 2011-1266-01.xt - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. The RHSA-2011:1244 SeaMonkey update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
65b993d94bc041a184d5a50dd74cec68450ace5a9cfd84a960c475ca090bd969Webmodo News System suffers from a remote blind SQL injection vulnerability.
dfd2b8fe24c902fe03d6d52e8be66911737b7d5609b88e5a05d62e8d7e9fb59eKolifa News System suffers from cross site scripting and remote SQL injection vulnerabilities.
eea985084b2d605a5abc20cbc8acb3ba1036e58d088871e141b5c22d3339eb9aThe Hacker News Magazine issue 04, released September, 2011. This magazine sums up recent news events in the hacker community.
4e1119d2b4ecb717c9fe59628951d163a13bb6a8c74bd477c694639f22b14965Red Hat Security Advisory 2011-1244-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in SeaMonkey; however, affected certificates issued after this date cannot be re-enabled or used. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.
7df61e89a4c25927a5226cf3ad45c80b05824cabd528719ed04b620fdc009f76Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
8744328c10b54950e08ee404a75a0e76865be0615cad6f7ffc8c75af7151ef4dRed Hat Security Advisory 2011-1243-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in Thunderbird; however, affected certificates issued after this date cannot be re-enabled or used. All Thunderbird users should upgrade to this updated package, which resolves this issue. All running instances of Thunderbird must be restarted for the update to take effect.
a84407a2016081e8bda7c4f9f45b00c24167470f9687e5c422f4821fa7e4a5fbDebian Linux Security Advisory 2297-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.
bf80bb2acbfee25ec2d61f3cea47b4dcc44dfe0a8b8e4b570d6578844a6e66eeWordPress OdiHost Newsletter plugin versions 1.0 and below suffer from a remote SQL injection vulnerability.
6a3636ad38e027bd98ada6deba08feef6d1a9f10610364218783cf6e8e50f410Secunia Security Advisory - Miroslav Stampar has discovered a vulnerability in the Odihost Newsletter plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
3ab4e6eed74e17f95e5604f966c9cabcac1672efcb659d08891a1470544f89e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed