PI SystemT suffers from an encryption weakness in the default authentication process.
0aed34aaaee9d700bfa04df349d46dcfSecunia Security Advisory - A vulnerability has been reported in IBM Tivoli Composite Application Manager for WebSphere, which can be exploited by malicious people to conduct cross-site scripting attacks.
6d018b8f03199edd55613b9888a52edeSecunia Security Advisory - bruiser has discovered a vulnerability in IBM Installation Manager, which can be exploited by malicious people to compromise a user's system.
0146c2d746d4a759a9973c04ff5990caSecunia Security Advisory - bellick has discovered a vulnerability in Adobe Photoshop Elements, which can be exploited by malicious, local users to gain escalated privileges.
86139625657fd3ca2647028a83cce446Secunia Security Advisory - Russ McRee has discovered a vulnerability in BIGACE Web CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
89a286828c39668d8d9f5e942c9f4f65Secunia Security Advisory - pyrokinesis has discovered a vulnerability in EMC Captiva QuickScan Pro, which can be exploited by malicious people to compromise a user's system.
66749d6abe40ef7335c3b207aa5c9c09Secunia Security Advisory - Some vulnerabilities have been reported in Activedition, which can be exploited by malicious people to conduct cross-site scripting attacks.
3743d0130645c0b64cc6c92436eb78d3Secunia Security Advisory - A vulnerability has been discovered in Oracle Document Capture, which can be exploited by malicious people to potentially compromise a user's system.
24d640ca7122d8fbcd30487ab0f3efceSecunia Security Advisory - Giuseppe Fuggiano has discovered a vulnerability in FlatPress, which can be exploited by malicious people to compromise a vulnerable system.
5cad3536d02af75f42aadcee53c94447Secunia Security Advisory - Two vulnerabilities have been reported in IBM AIX, which can be exploited by malicious, local users and malicious people to bypass certain security restrictions.
feee297726e3207b8b6870c9c89536c0Flickr's API suffered from an API signature forgery vulnerability.
13678bce7a271ddbc27327b741a26789WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.
8acd312b18e011b742860a8201a4793cSecunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, where one has an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.
89494cbaee39794035970b5418e9264eSecunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
d014032cafe65ec96d6d0e0ba5fbf304Secunia Security Advisory - Some vulnerabilities have been reported in Juniper JUNOS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks.
f3bc6e9c52f143957d44fd92a402b31eSecunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a vulnerable system.
23045f86daec1c1e74b9d84c0a9a47dcSecunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.
510fff61b8e3f6f1c8dc3b4f9036a414Secunia Security Advisory - Maxim A. Kulakov has reported a vulnerability in multiple TrustPort products, which can be exploited by malicious, local users to gain escalated privileges.
e7fbe2cd92a8a196b73eb3db8c73c8ceSecunia Security Advisory - A vulnerability has been reported in the FireFTP extension for Firefox, which can be exploited by malicious people to manipulate certain data.
174a211fff96134a2bf29097974f3f68HP Security Bulletin - A potential security vulnerability has been identified with HP Remote Graphics Software (RGS) Sender. The vulnerability could be exploited remotely to gain unauthorized access.
c6b0b7cf9a5b9153b505cd95fdaadfd0TrustPort Antivirus version 2.8.0.2265, Antivirus Business version 2.8.0.2265, PC Security version 2.0.0.1290, and PC Security Business version 2.0.0.1290 suffer from a local privilege escalation vulnerability.
f4125c990ffeba14c91e81629e0b2a6eDebian Security Advisory 1897-1 - Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without prior validation. An attacker can use this to overwrite arbitrary files on the system or to upload PHP code and thus execute arbitrary code with the rights of the webserver.
1cc29d8e7c72d67ccea9c6e02738dee6Ubuntu Security Notice USN-838-1 - It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovecot incorrectly handled ".." in script names. A remote attacker could exploit this to read and modify arbitrary sieve files on the server. This only affected Ubuntu 8.10. It was discovered that the Sieve plugin in Dovecot incorrectly handled certain sieve scripts. An authenticated user could exploit this with a crafted sieve script to cause a denial of service or possibly execute arbitrary code.
54a118d0ecc432c97961d4edf92d88b7PHP versions 5.3 and below suffer from a mysqli_real_escape_string() related full path disclosure vulnerability.
0522a5aca7db85a9b74270eabdf9697dPHP versions 5.3 and below suffer from a preg_match() related full path disclosure vulnerability.
54e0695da34a6e26278f82cc62ab29a5
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed