Mandriva Linux Security Advisory - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include buffer overflow, integer overflow, and input sanitization vulnerabilities.
f189d8c744eddd35b44db5e6784bf71dSecunia Security Advisory - Some vulnerabilities have been reported in A-LINK WL54AP3 and WL54AP2, which can be exploited by malicious people to conduct cross-site scripting or cross-site request forgery attacks.
c894f4eef9e30f593facc1b9cb89c4b5Secunia Security Advisory - DeltahackingTEAM has discovered some vulnerabilities in various MW6 Technologies ActiveX controls, which can be exploited by malicious people to overwrite arbitrary files.
5778e43606e07e00323a964afe402919Secunia Security Advisory - Marco Torti has discovered a vulnerability in eXPert PDF ViewerX ActiveX Control, which can be exploited by malicious people to overwrite arbitrary files.
768cc80c7b533e28be7ace6e1d31db4aSecunia Security Advisory - GoLd_M has reported a vulnerability in SPBOARD, which can be exploited by malicious people to compromise a vulnerable system.
716379d69aa10663ba6b34d367a75d74Secunia Security Advisory - Russ McRee has reported some vulnerabilities in CompactCMS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
7954604aa38512163affa60dec5194bfSecunia Security Advisory - Hakxer has reported a vulnerability in Absolute Podcast .NET, which can be exploited by malicious people to bypass certain security restrictions.
53c5c6288ce9f2b848c09213f23b9cd7Secunia Security Advisory - ZoRLu has discovered a vulnerability in the Lyrics plugin for e107, which can be exploited by malicious people to conduct SQL injection attacks.
9e3c921a97d3c7afad8347ca7c385289Secunia Security Advisory - Fedora has issued an update for phpMyAdmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
19abfb9512bc114a012bd987c95d81f6Secunia Security Advisory - A security issue has been reported in CrossFire, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
26b331935fcaf521dae315ab8b731727Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
b9aab95b1d322649f56724eef51ba159Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
3523af6ef39209ff1e73da2e40083a92Secunia Security Advisory - Gentoo has issued an update for libspf2. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library.
49ac12fb5677a851911c2a204c29ad93Secunia Security Advisory - Ehsan_Hp200 has reported a vulnerability in the BookCatalog module for PHP-Nuke, which can be exploited by malicious people to conduct SQL injection attacks.
0a48b383a0e9b9dc64ced9ac371935faSecunia Security Advisory - SuSE has issued an update for multiple packages. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct cross-site scripting attacks or potentially, to compromise a user's system.
400b629401a5ed04becfc2f364f1d4bbSecunia Security Advisory - A vulnerability has been reported in various SonicWALL products, which can be exploited by malicious people to conduct cross-site scripting attacks.
98a5ef79c05ad4d5435da01ceb81972eSecunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct SQL injection attacks.
49110b2642de8bdc245f7cd0545fcba0Mandriva Linux Security Advisory - Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code. The updated packages have been patched to prevent this issue. The patches used to correct the problem on Corporate Server 4.0 and Corporate 3.0 contained a problem where certain fonts would not be displayed and would cause applications, such as drakfont, to crash. This update corrects the regression.
b5bbdc1f98fdef8437a222fdba1d0410iDefense Security Advisory 10.29.08 - Remote exploitation of a stack based buffer overflow vulnerability in Oracle Corp.'s WebLogic Server Apache Connector could allow an attacker to execute arbitrary code with the privileges of the affected service. A stack based buffer overflow vulnerability exists in the Apache Connector of Oracle (formerly BEA) WebLogic Server. When parsing a request with an invalid parameter the module uses a string without properly validating its length. This string is copied into a fixed sized stack buffer. This results in a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in WebLogic Server Apache Connector version 10.0. Previous versions may also be affected.
6ff30a0d941f386bea95271534a16c5eiDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.
d171510742688331e37fb3cc9eb6cf1aSecunia Research has discovered two vulnerabilities in Interact, which can be exploited by malicious people to conduct cross-site request forgery and SQL injection attacks. Version 2.4.1 is affected.
50d4f22f625ff21b334f039cc07ea0a5VMware Security Advisory - A denial of service flaw was found in the way libxml2 processes certain content. If an application that is linked against libxml2 processes malformed XML content, the XML content might cause the application to stop responding. A flaw was found in the way ucd-snmp checks an SNMPv3 packet's Keyed-Hash Message Authentication Code. An attacker could use this flaw to spoof an authenticated SNMPv3 packet. Multiple uses of uninitialized values were discovered in libtiff's Lempel-Ziv-Welch (LZW) compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked with libtiff to crash or, possibly, execute arbitrary code.
a65a9972a55e92b7b25ec9b7e2f267a0Secunia Security Advisory - SUSE has issued an update for tomcat5 and apache-jakarta-tomcat-connectors. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions.
39f731ae494db11c1e5ecb521ab01ae6Secunia Security Advisory - Secunia Research has discovered a vulnerability in Interact, which can be exploited by malicious people to conduct cross-site request forgery attacks.
c7dea2c8c823801b2b202d460f6e9af6Secunia Security Advisory - A vulnerability has been reported in IBM Tivoli Storage Manager (TSM) Client, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
cbfcb95138050c8225698fcf4f3d2725
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed