Gentoo Linux Security Advisory GLSA 200507-29 - Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. Versions less than 1.8g-r1 are affected.
5cc93bfca53ae8b32a433ef8ca3de8e0OpenBook version 1.2.2 suffers from a SQL injection vulnerability.
6194694be717028c76d02ed780f7d2dfGentoo Linux Security Advisory GLSA 200507-28 - Earlier versions of emul-linux-x86-baselibs contain a vulnerable version of zlib, which may lead to a buffer overflow. Versions less than 2.2 are affected.
3f77347d96c2f73b5e43b01a21f6bf23PC-EXPERIENCE/TOPPE CMS suffers from cross site scripting and login bypass flaws.
0a53b5c49103f87e5fc1d030e3436c67Trillian Pro 3.1 Build 121 saves a user password in clear text in a temporary file that is world readable when attempting to connect to Yahoo mail.
7556ddc77fad7efe9e137628505daeceTechnical Cyber Security Alert TA05-210A - Cisco IOS IPv6 processing functionality contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service.
c95a2cc5b0c309abb290bf31b8d70b2dDebian Security Advisory DSA 770-1 - John Goerzen discovered that gopher, a client for the Gopher Distributed Hypertext protocol, creates temporary files in an insecure fashion.
161a6ee1f53a5397084bdb43665a8d99Cisco Security Advisory - Cisco Internetwork Operating System (IOS) Software is vulnerable to a Denial of Service (DoS) and potentially an arbitrary code execution attack from a specifically crafted IPv6 packet. The packet must be sent from a local network segment. Only devices that have been explicitly configured to process IPv6 traffic are affected. Upon successful exploitation, the device may reload or be open to further exploitation.
81aa26610de87bb904cf13a389cf7167Ubuntu Security Notice USN-156-1 - Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the YCbCr subsampling value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which caused the program that uses the TIFF library to crash. This leads to a Denial of Service in server applications that use libtiff (like the CUPS printing system) and can cause data loss in, for example, the Evolution email client.
ec51f28424e28a2a62ac33df15b97212Debian Security Advisory DSA 769-1 - Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.
3377dfdf3724af69d78fcb1c2966dec5SPI Dynamics Security Bulletin SPI-0001-07282005 - There exists a potential WebInspect cross application scripting vulnerability for versions below 5.5.386.
d1a9b783ffcaf9a713062d7a5a4a140fUseBB versions 0.5.1 and below suffer from multiple SQL injection and cross site scripting vulnerabilities.
87efe74fcdd09005ec610e4a68e249d4The Website Baker Project is susceptible to path disclosure and cross site scripting vulnerabilities.
592786bb447195f1b20f943929fd3437Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files.
18201c9353e20482da58606556f40385HAURI live update suffers from remote file download and execution vulnerabilities.
b0c582692ccecdb7dab8e7a8d192f5e0Gentoo Linux Security Advisory GLSA 200507-27 - Ethereal is vulnerable to numerous vulnerabilities potentially resulting in the execution of arbitrary code or abnormal termination. Versions less than 0.10.12 are affected.
4612039aea857070ea4f64d4d373a37dSecunia Security Advisory - Leandro Meiners has reported a security issue in Lotus Domino, which can be exploited by malicious users to disclose certain sensitive information.
6bcc12b07594ab31120d2733cac55130Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files.
eb878ed27d85a7780314f8af7a80a80aSecunia Security Advisory - Yun Jonglim has reported a vulnerability in UnixWare, which can be exploited by malicious people to cause a DoS (Denial of Service).
b1d39f3d34e342361e918e7428561f70Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which can be exploited by malicious people to conduct a DoS (Denial of Service) or potentially compromise a vulnerable system.
4a34211c6ee59aa5a140ef7363d8647dSecunia Security Advisory - Joxean Koret has reported some vulnerabilities in GForge, which can be exploited by malicious people to conduct cross-site scripting attacks.
11fc5b445bb61be80800c6d072cfa423Secunia Security Advisory - A vulnerability has been reported in MySQL Eventum, which can be exploited by malicious people to compromise a vulnerable system.
e910853acfc99974cbbc1ff41e9eb81fDebian Security Advisory DSA 768-1 - A cross-site scripting vulnerability has been detected in phpBB2 that allows remote attackers to inject arbitrary web script or HTML via nested tags.
9f8c2f665ccbdca367d2e2e217193569Debian Security Advisory DSA 767-1 - Marcin Slusarz discovered two integer overflow vulnerabilities in libgadu, a library provided and used by ekg, a console Gadu Gadu client, an instant messaging program, that could lead to the execution of arbitrary code.
a96d8c31cfa976bbe9634572bbd95d7fClever Copy contains a flaw that allows for unauthorized reading and deletion of private message from other users. Versions 2.0 and 2.0a are affected.
4f2de0514d7c6b838f32ce512c04fc50
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed