Secunia Security Advisory - A vulnerability has been reported in TortoiseCVS, which potentially can be exploited by malicious people to compromise a user's system.
ba15dbd95a63096553fabcec0b1640e3Secunia Security Advisory - Colin Phipps has reported a vulnerability in catdoc, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges.
c02cb5d057e2f7972c76403e3000b251Gentoo Linux Security Advisory GLSA 200410-31 - Email virus scanning software relying on Archive::Zip can be fooled into thinking a ZIP attachment is empty while it contains a virus, allowing detection evasion.
80806bd7d7fe6adee7f55b977afbf6e6Secunia Security Advisory - Ziv Kamir has discovered a vulnerability in Cyber Web Filter, which can be exploited by malicious people to bypass certain security restrictions.
8477225687e85738e935a31b52f578e4It appears that the new Apache release 1.3.33 still is susceptible to a local buffer overflow discovered in htpasswd under release 1.3.31.
0dffea6c50d00010978b25dafae6acccMicrosoft Internet Explorer 6.0.2800.1106 and possibly earlier versions fail to properly handle links embedded within links, allowing for spoofing of target addresses.
078b1a079d263c5f03c2b409266baf46Secunia Security Advisory - Andrew Nakhla has discovered a vulnerability in Apple Remote Desktop, which can be exploited by malicious users to gain root access on a vulnerable system.
f40c517a2ac34a181a884183ee4ec256PHP4 cURL functions bypass open_basedir protection allowing users to navigate through the filesystem.
426f895856b6e38fa2c921ed2bfb7aafGentoo Linux Security Advisory GLSA 200410-30 - GPdf, KPDF and KOffice all include vulnerable xpdf code to handle PDF files, making them vulnerable to execution of arbitrary code upon viewing a malicious PDF file.
ec0d0e12afdc3319a81cb647d77daebdDebian Security Advisory 574-1 - The upstream developers discovered a problem in cabextract, a tool to extract cabinet files. The program was able to overwrite files in upper directories. This could lead an attacker to overwrite arbitrary files.
faf7cc0d58aa4be289b79b9fa7f2fc66A high risk vulnerability exists in Quicktime for Windows versions 6.5.2 and earlier.
d978934420addf9429ed881546cfc168eEye Security Advisory - eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the player is running.
7e9a80453c6a97a5b320f84fd618fc7fMaster of Orion III versions 1.2.5 and below suffer from buffer overflow and allocation errors.
7ebde94aeb3c1a277833c9955d2dfa31Secunia Security Advisory - A vulnerability has been reported in ImageMagick, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the EXIF parsing routine. This can be exploited to cause a buffer overflow via a malicious image file containing specially crafted EXIF information.
db6a7ca97913bc4817397b1dc241f713iDEFENSE Security Advisory 10.27.04 - Remote exploitation of a buffer overflow vulnerability in Simon Tatham's PuTTY can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on SSH2_MSG_DEBUG packets.
c0e6bc13918e769d8f7382ba7193a2f0KDE Konqueror 3.2.2-1 is susceptible to cross site scripting flaws.
a45bfd3448999b6bb39c1eae2050456fSecunia Security Advisory - A vulnerability has been reported in Horde Application Framework, which potentially can be exploited by malicious people to conduct cross-site scripting attacks.
93de6ad2eb0e93396dd55d615aef5a6dGentoo Linux Security Advisory GLSA 200410-27 - Buffer overflow vulnerabilities have been found in mpg123 which could lead to execution of arbitrary code. The flaws in the getauthfromURL() and http_open() functions have been reported by Carlos Barros. Additionally, the Gentoo Linux Sound Team fixed additional boundary checks which were found to be lacking.
3aed7692680f5193ddc47e2dea420ee8Quake II version 3.2.x is susceptible to multiple vulnerabilities. Due to unchecked input at various stages in the server, remote users are able to cause the server to crash, reveal sensitive information or potentially execute arbitrary code.
7bc381702143ab0259af8b0b05e89b7bRealplayer 10.5 permits execution of arbitrary code via a malformed skin.
74f922327a4f7f3c19e3b46ae38d0143PuTTY 0.56 fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it.
90fc3823961fadf8492205f905db3eb3HP Security Bulletin - A potential security vulnerability has been identified with HP Serviceguard running on HP-UX and Linux that may allow remote unauthorized privileges.
b921659616eed613a0cc3cdc16d45589zgv uses malloc() frequently to allocate memory for storing image data. When calculating how much to allocate, user supplied data from image headers is multiplied and/or added without any checks for arithmetic overflows. There are a total of 11 overflows that are exploitable to execute arbitrary code.
4a235d5af57f08ade4a17ad8a542608fA buffer overflow and two remote crashes were recently discovered in gaim's MSN protocol handler. An attacker could potentially execute arbitrary code with the user's privileges by crafting and sending a particular MSN message.
ce6dab8cfae21bb1a8a69d8432dcb67fGentoo Linux Security Advisory GLSA 200410-23 - Multiple vulnerabilities have been found in Gaim which could allow a remote attacker to crash the application, or possibly execute arbitrary code.
22d16395188af69fdfa98d4958d6fc8e
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed