Secunia Security Advisory - Some vulnerabilities have been reported OpenJDK, which can be exploited malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
ecdab2059cfe8ab1668b442161cd3b26iDefense Security Advisory 03.25.09 - Remote exploitation of an integer signedness vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_11 for Windows. Previous versions and versions for other platforms may also be affected.
cb6bb6c5533e769fb18b73a55e15c663PowerCHM suffers from a stack-based buffer overflow when processing files with the .HHP extension. Version 5.7 is affected.
51978c2beab4c533f161e47119ef342fSecunia Security Advisory - A vulnerability has been reported in the Gigaset SE461 WiMAX router, which can be exploited by malicious people to cause a DoS (Denial of Service).
81e6c7188a4ad99fe4b1845ec16cacadSecunia Security Advisory - Some vulnerabilities have been reported in VooDoo cIRCle, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
be0b714f67269008cae7893740e2e232Secunia Security Advisory - Fedora has issued an update for argyllcms. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise an application using the library.
9c7c1d7f5cf23ceab1ef8483d9996b00Secunia Security Advisory - A vulnerability has been reported in HP-UX, which can be exploited by malicious, local users to gain escalated privileges.
d56b0a5853472a9ecddfaceea1f9cbb2Secunia Security Advisory - A vulnerability has been discovered in Jinzora, which can be exploited by malicious people to disclose sensitive information.
6ff6a8b25034432e312a420fdb6675b6Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information or potentially compromise a user's system.
c6c0777ac06394a8143682ea818562caSecunia Security Advisory - SUSE has issued an update for multiple packages. This fixes some security issues and vulnerabilities, where one has unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and cross-site request-forgery attacks, conduct script insertion attacks, manipulate data, cause a DoS (Denial of Service), and compromise a vulnerable system.
6f8c3a0c6ed9dd23dd5949c1f6844630Secunia Security Advisory - Slackware has issued an update for for mozilla-thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), conduct spoofing attacks, or potentially compromise a user's system.
c65701a3dcd56dd505d0730a5f4b1c2cGentoo Linux Security Advisory GLSA 200903-39 - Two vulnerabilities in pam_krb5 might allow local users to elevate their privileges or overwrite arbitrary files. Versions less than 3.12 are affected.
97464b24cd741424abfe96e35d23a6f6Debian Security Advisory 1755-1 - Erik Sjoelund discovered that a race condition in the stap tool shipped by Systemtap, an instrumentation system for Linux 2.6, allows local privilege escalation for members of the stapusr group.
f45df11568cb71ca527f3dc368546aa3Cisco Security Advisory - A vulnerability in the handling of IP sockets can cause devices to be vulnerable to a denial of service attack when any of several features of Cisco IOS Software are enabled.
c7eab8bfb77cb1fcdc77ffbb84368b54Cisco Security Advisory - Several features within Cisco IOS Software are affected by a crafted UDP packet vulnerability. If any of the affected features are enabled, a successful attack will result in a blocked input queue on the inbound interface. Only crafted UDP packets destined for the device could result in the interface being blocked, transit traffic will not block the interface.
17fe15b2dee8be81a6c5521e4bcebfeeCisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that can be exploited remotely to cause a reload of the Cisco IOS device.
435cd9388e83e7fc07986f1d9c142134Cisco Security Advisory - Cisco IOS Software contains a vulnerability in multiple features that could allow an attacker to cause a denial of service (DoS) condition on the affected device. A sequence of specially crafted TCP packets can cause the vulnerable device to reload.
ed16c16c2d546e5184a20843f234de7fCisco Security Advisory - The server side of the Secure Copy (SCP) implementation in Cisco IOS software contains a vulnerability that could allow authenticated users with an attached command-line interface (CLI) view to transfer files to and from a Cisco IOS device that is configured to be an SCP server, regardless of what users are authorized to do, per the CLI view configuration. This vulnerability could allow valid users to retrieve or write to any file on the device's file system, including the device's saved configuration and Cisco IOS image files, even if the CLI view attached to the user does not allow it. This configuration file may include passwords or other sensitive information.
91d7b59025b0930329d45da187db75bdCisco Security Advisory - Devices that are running Cisco IOS Software and configured for Mobile IP Network Address Translation (NAT) Traversal feature or Mobile IPv6 are vulnerable to a denial of service (DoS) attack that may result in a blocked interface.
eee56ea6fa21d7e2983a7e14dfc95b3eCisco Security Advisory - Cisco IOS software contains two vulnerabilities within the Cisco IOS WebVPN or Cisco IOS SSLVPN feature (SSLVPN) that can be remotely exploited without authentication to cause a denial of service condition. A crafted HTTPS packet will crash device. SSLVPN sessions cause a memory leak in the device.
9a67d2ac3147d0d2071a0e8e3c8b4b38Cisco Security Advisory - A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Cisco has released free software updates that address this vulnerability. No workarounds are available; however, the IPSec NAT traversal (NAT-T) feature can be used as an alternative.
4ae06216d9b0b9d3ceb849d73c26dfa6Debian Security Advisory 1745-2 - Several security issues have been discovered in lcms, a color management library. This update fixes a possible regression introduced in DSA-1745-1 and also enhances the security patch.
2f902e77a9d6440881ccb506ee6b6b7bSecunia Research has discovered a vulnerability Adobe Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the processing of JBIG2 streams. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file containing a malformed JBIG2 symbol dictionary segment. Successful exploitation may allow execution of arbitrary code. Adobe Reader versions 8.1.3 and 9.0.0 are affected.
6b177ee230b5f0cde73dff6cc5e5fb21Adobe Acrobat Reader suffers from a memory corruption vulnerability. Versions 9.0.0 and 8.1.3 are affected.
f904cd3fa41f726a1835f12221a87c0dSecunia Security Advisory - Some vulnerabilities have been discovered in PHPizabi, which can be exploited by malicious people to conduct SQL injection attacks, disclose sensitive information, or compromise a vulnerable system.
928210dbe791a4bb70f6df1a2bcb6980
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed