Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Qt, which can be exploited by malicious people to cause a DoS (Denial of Service).
f8f826cab1703ede26e6bfb60e284e63Secunia Security Advisory - salcho has reported some vulnerabilities in TopManage OLK, which can be exploited by malicious people to conduct SQL injection attacks.
97d5969a840575f2d208eebf604e28f0Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Mumble, which can be exploited by malicious users to cause a DoS (Denial of Service).
8f536b133ba53af733b2ba3edf38f718Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or to compromise a user's system.
a561f782c200179a82b517f7c14c5675Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Battlefield 2 and Battlefield 2142, which can be exploited by malicious people to compromise a user's system.
7f3a118effe59c12fd0d6b96b6cb8be3Secunia Security Advisory - Fedora has issued an update for moin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
be557101fc19e6589ec933c70a2a3016Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Website Baker, which can be exploited by malicious users to conduct script insertion attacks, SQL injection attacks, disclose sensitive information, and enumerate files on an affected system and by malicious people to conduct cross-site scripting attacks.
349d702fbbab8e06213784ebffe98677Secunia Security Advisory - A vulnerability has been reported in YPNinc JokeScript, which can be exploited by malicious people to conduct SQL injection attacks.
2049c93be56cae3c6537bb03a65402cdSecunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in the BookLibrary component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
5bb2ca86fe38c563d75f05f369560c5aSecunia Security Advisory - A vulnerability has been reported in YPNinc PHP Realty Script, which can be exploited by malicious people to conduct SQL injection attacks
5058c4cd09f5f48a2c64ba4f29997515Secunia Security Advisory - A vulnerability has been reported in Miyabi CGI Tools SEO Links, which can be exploited by malicious people to compromise a vulnerable system.
1724007a3fc9597c0a0c0797c2647a6cSecunia Security Advisory - A vulnerability has been reported in LIOOSYS CMS, which can be exploited by malicious people to conduct SQL injection attacks.
0ceee349e526cba99b84116dbc1439b4Secunia Security Advisory - A vulnerability has been discovered in Grafik CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.
4c945d50b0d697623b78ce956ec3cd52Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in the CKForms component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.
ea76389bc94f95e05a5d86d373c6f59eSecunia Security Advisory - Slackware has issued an update for libpng. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
db7948bdd469a285a321d9c7392d02d7Secunia Security Advisory - Slackware has issued an update for libtiff. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
c4d3532f86213cdeb2b033fe1c1b5852Ubuntu Security Notice 930-2 - USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2 on Ubuntu 8.04 LTS. If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.
f44db5e3bf939efd585de5172eb3ba6bUbuntu Security Notice 930-1 - If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.
034aad78b42f8bde6950a6c617d5b004Ubuntu Security Notice 927-5 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.
093578e350d89b398b4263009cb6e22cUbuntu Security Notice 927-4 - USN-927-1 fixed vulnerabilities in nss in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 8.04 LTS. Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.
a2d12e7ea216ab19438ccc4042949139Secunia Research has discovered a vulnerability in TaskFreak, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "tznMessage" parameter in logout.php is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Version 0.6.3 is affected.
eda34859a8afb27fe6a6339cc96e40deSecunia Research has discovered a vulnerability in TaskFreak, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "password" parameter to login.php (when "username" is set to a valid user) is not properly sanitized before being used in a SQL query in include/classes/tzn_user.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows bypassing the authentication mechanism, but requires that "magic_quotes_gpc" is disabled. Version 0.6.3 is affected.
2563bade9296fac0c6ca234a4450cc9aSecunia Security Advisory - A vulnerability has been reported in Hitachi JP1/ServerConductor/DeploymentManager, which can be exploited by malicious people to cause a DoS (Denial of Service).
5f8789d4eb53b714c0604222c1896a5bSecunia Security Advisory - A vulnerability has been reported in iScripts VisualCaster, which can be exploited by malicious users to conduct SQL injection attacks.
c8ee11042a2303f057071829c6289339Secunia Security Advisory - A vulnerability has been reported in PTCPay GEN4, which can be exploited by malicious users to conduct SQL injection attacks.
721c84fd5a031cfdf36754cbecd00d22
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed