Mandriva Linux Security Advisory - A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes.
48441dc70983aa2af7d1f2f899351e60Ubuntu Security Notice 582-1 - It was discovered that Thunderbird did not properly set the size of a buffer when parsing an external-body MIME-type. If a user were to open a specially crafted email, an attacker could cause a denial of service via application crash or possibly execute arbitrary code as the user. Various flaws were discovered in Thunderbird and its JavaScript engine. By tricking a user into opening a malicious message, an attacker could execute arbitrary code with the user's privileges. Various flaws were discovered in the JavaScript engine. By tricking a user into opening a malicious message, an attacker could escalate privileges within Thunderbird, perform cross-site scripting attacks and/or execute arbitrary code with the user's privileges. Gerry Eisenhaur discovered that the chrome URI scheme did not properly guard against directory traversal. Under certain circumstances, an attacker may be able to load files or steal session data. Ubuntu is not vulnerable in the default installation. Flaws were discovered in the BMP decoder. By tricking a user into opening a specially crafted BMP file, an attacker could obtain sensitive information.
34890bd0a0e9cf83e242f860168920b9Certain Canon Multi Function Devices allow remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
056e6e1dd35f1d8b985326b0416c9b50Mandriva Linux Security Advisory - Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file.
52ccd7ac9349294e22e4288af884a5a8The Beehive/SendFile.NET Secure File Transfer appliance appears to have credentials hardcoded within the outboxWriteUnsent() function of the FTPThread.class file of SendFile.jar.
704d2fd0218615186c6c97c7a8362b90Ghostscript versions 8.61 and below suffer from a stack-based buffer overflow in the zseticcspace() function in zicc.c.
e8908af1dfabf34c4b2eab9ea0ace408Secunia Security Advisory - Chris Evans has reported a vulnerability in Ghostscript, which can be exploited by malicious people to compromise a user's system.
46c0bacfff915718dd405c70fa1bebdcSecunia Security Advisory - nnposter has reported a vulnerability in Packeteer PacketShaper, which can be exploited by malicious people to conduct cross-site scripting attacks.
5b16bf0b4032b1af8daee0a0df3c77a8Secunia Security Advisory - nnposter has reported a vulnerability in Alkacon OpenCms, which can be exploited by malicious people to conduct cross-site scripting attacks.
fdb93856f0523eaa3c05e50391d75079Secunia Security Advisory - Iron has discovered a vulnerability in eazyPortal, which can be exploited by malicious people to conduct SQL injection attacks.
cb47a98a621691a66331891baa424891Secunia Security Advisory - Luigi Auriemma has discovered some vulnerabilities in Trend Micro OfficeScan, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
4731232e550fa1cb161db161bc1ba1e1Secunia Security Advisory - Steve Kemp has reported two security issues in XWine, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
cb57c5d6be832700263402b35482de9cSecunia Security Advisory - Debian has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
1b5280a9bfacd390e7013cfcf2481ceaSecunia Security Advisory - IBM has acknowledged some vulnerabilities in AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges.
8b4cd5e73cb441579076bb9e98d67e46Secunia Security Advisory - A security issue has been reported in Berkely Automounter Suite of Utilities (am-utils), which can be exploited by malicious, local users to perform certain actions with escalated privileges.
b419e6cfec1d1aae18e33b54a495f0cfSecunia Security Advisory - Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
79f4023374bdb603cd7d05707f6fce78Secunia Security Advisory - Julien Cayssol has reported some vulnerabilities in Centreon, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose sensitive information.
be1ea137282acb67747999af03262c7bSecunia Security Advisory - rPath has issued an update for pcre. This fixes a vulnerability, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
d0f17042d7e0287ee65af9cf363c6db6Secunia Security Advisory - Some security issues have been reported in ViewVC, which can be exploited by malicious people to bypass certain security restrictions.
20d96e28d6144521207d72524269e837Secunia Security Advisory - vijayv has reported a vulnerability in XRMS CRM, which can be exploited by malicious people to conduct cross-site scripting attacks.
d4c5c76acc5c8fd28338013da6cc5a9dSecunia Security Advisory - Fedora has issued an update for imp. This fixes a security issue and a vulnerability, which can be exploited by malicious users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions and manipulate data.
389f8bb9a06d98e690000228f15f66c9Secunia Security Advisory - Fedora has issued an update for horde. This fixes a security issue and a vulnerability, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
9d3f64b9744f1ec4564c7fccf6b3af57Secunia Security Advisory - rPath has issued an update for am-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
37d0a8f82527222fb4e0ecb25137bed4Mandriva Linux Security Advisory - A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to.
394afef1d0e71f4050d6ba10e9acccd4Secunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
c9831d3ca5e48f9e880de84f0e748819
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed