Debian Security Advisory 1627-2 - The previous security update for opensc had a too strict check for vulnerable smart cards. It could flag cards as safe even though they may be affected. This update corrects that problem.
a08e37a0acc0cd253e7afd269ffbaa23Pardus Linux Security Advisory - A security issue has been reported in OpenSC, which can be exploited by malicious people to bypass certain security restrictions.
09e3b8dc9ef4a0333180e6e1a02ce6baPardus Linux Security Advisory - Juraj Skripsky has reported a vulnerability in Mono, which can be exploited by malicious people to conduct HTTP header injection attacks.
acca5f8f15ae95df11ff49d9288b0ebbDebian Security Advisory 1597-2 - In DSA-1597-1, an update was announced for multiple vulnerabilities in the mt-daapd audio server. One of the fixes introduced a regression preventing successful authentication to the administration interface. An updated release is available which corrects this problem.
87015fdb27a0d50b4637a0d087465bc6VMware Security Advisory - Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues.
66543adde34c36baff73bda1674cfb79An input validation error within the web interface of Dreambox model DM500C allows for a denial of service condition.
249afecfcb2122f8d5df9de75eb67421Secunia Security Advisory - shinnai has reported some vulnerabilities in Ultra Office Control, which can be exploited by malicious people to compromise a user's system.
223ceb42a6950cee86de55bdf831977aSecunia Security Advisory - Red Hat has issued an update for libtiff. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
480e38cc56634bf47a673162603a0e7dA vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of messaging applications that make use of the libpurple library. User interaction is not required to exploit this vulnerability. The specific flaw exists in the implementation of the MSN protocol, specifically the handling of SLP messages. The function msn_slplink_process_msg() fails to properly validate an offset value specified in the SLP packet. By providing a specific value, an attacker can overflow a heap buffer resulting in arbitrary code execution.
d76ab9bcd5ffc3e70e7f81027f487560Mandriva Linux Security Advisory - Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory. The updated packages have been patched to prevent these issues.
2d7f6108eed9a9dc420bf8b8ca56cdb7Firefox version 3.0.1 (final release) suffers from an unspecified remote code execution vulnerability.
e5305be99ab1f77ca6497f785fd1274eHP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Apache. These vulnerabilities could be exploited remotely resulting in Cross Site Scripting (XSS) or Denial of Service (DoS).
50243815f59ecafcedf99163c1ad9ff7Ubuntu Security Notice 638-1 - Aaron Grattafiori discovered that the Gnome Help Viewer did not handle format strings correctly when displaying certain error messages. If a user were tricked into opening a specially crafted URI, a remote attacker could execute arbitrary code with user privileges.
c3002bba563957c93b2edfad569c7c01HP Security Bulletin - A potential security vulnerability has been identified in the HP Enterprise Discovery. The vulnerability could be exploited remotely by an authorized user to gain extended privileges.
a84ae83f38e250d72f3b90696e44be96Secunia Security Advisory - Lidloses_Auge has reported a vulnerability in webEdition CMS, which can be exploited by malicious people to conduct SQL injection attacks.
3519783cced0871bfd24d884f7163d37Secunia Security Advisory - Corwin has discovered some vulnerabilities in K-Rate Premium, which can be exploited by malicious users to compromise a vulnerable system, and by malicious people and users to conduct script insertion and SQL injection attacks.
637436da77a8303efdd4b7e1ac617a0eSecunia Security Advisory - A vulnerability has been reported in HP Enterprise Discovery, which can be exploited by malicious users to gain escalated privileges.
6df876a7e98ac3608209cbd9c3713800Secunia Security Advisory - Seth Fogie has reported some vulnerabilities in KM Scanner File Utility, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system.
fdd35c682081e32d5042902478dd0b19Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Quickr, which can be exploited by malicious people to conduct cross-site scripting attacks.
2394f1645a4703314e06154349a91061Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM DB2.
3fdd92173c4bfce78953616cf54dec21Pardus Linux Security Advisory - A vulnerability has been reported in LibTIFF, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system.
89fde6963eee81805e587266f74bbffaSecunia Security Advisory - Lostmon has discovered two vulnerabilities in the PopnupBlog module for Xoops, which can be exploited by malicious people to conduct cross-site scripting attacks.
c4b4b31c9b6d6d7534273dfd62e37978Mandriva Linux Security Advisory - Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding. The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did.
cee89e63538737ae53aedf3ab3fd7410The Kyocera Mita Scanner File Utility version 3.3.0.1 suffers from multiple file manipulation vulnerabilities.
c188a08ce39e9da8719c911ff27e4178Debian Security Advisory 1631-2 - The previous security update of the libxml2 package introduced some problems with other packages, most notably with librsvg. This update corrects these problems whilst still fixing the reported security problem.
f024501160502cc01f3a8a6951c7c361
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed