Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
7c99ef64bfc0338ec6f317c16f73ff04Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
1e07e58e799d937de79f9a8685c827aaSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
3d559dc765a3666312900d97ec293124Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
50abca786543ffdc74a394e0ff72c086Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
54f75386e8a64e96a4a8814d3df82ed6Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
051da84386777387a8d490662fbcab7bSecunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
b86bf4c0e20e58cec482e0807c9fbb94Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
51d0af3f78c93a798c10dd606371c9dfSecunia Security Advisory - Red Hat has issued an update for jboss-seam2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
1885f500c7d8fe88f35cd6bccb9551a6Secunia Security Advisory - A security issue and a vulnerability have been reported in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.
d256e7d7aa961f062a1ccb43a814ed60Secunia Security Advisory - A vulnerability has been discovered in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks.
9c77181788849b7fef46c1cbeac37df1Secunia Security Advisory - A vulnerability has been discovered in KVIrc, which can be exploited by malicious people to hijack IRC connections.
d81f8ab64b57ef18925cc1a397d7fc7dSecunia Security Advisory - A vulnerability has been discovered in bozohttpd, which can be exploited by malicious people to bypass certain security restrictions.
c669946e2c4504078dda399855579e65Secunia Security Advisory - A vulnerability has been discovered in nuBuilder, which can be exploited by malicious people to compromise a vulnerable system.
e60282b28a3820e9a13b9603b24bf551Secunia Security Advisory - Some vulnerabilities have been reported in hsolinkcontrol, which can be exploited by malicious, local users to gain escalated privileges.
9442a238f62946101e1927378ef6e2c1Secunia Security Advisory - A security issue has been reported in the Front End User Registration extension for TYPO3, which can be exploited by malicious people to bypass certain security restrictions.
00146257b5b1ceb672e21e8b345fcea6Secunia Security Advisory - Oracle has acknowledged a weakness in Sun Solaris, which can be exploited by malicious, local users to gain knowledge of sensitive information.
8dfa62a26397b87c12ca1e3c95b545f3Secunia Security Advisory - Fedora has issued an update for turba. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
c8d1936f5d38f255b577cac31019759dSecunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can potentially be exploited by malicious people to disclose sensitive information or compromise a user's system.
4d633a3a3c02443d54ce3f13c696886cSecunia Security Advisory - Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
ba00e3392eca082fad88100dcd8edca5Secunia Security Advisory - Fedora has issued an update for libvirt. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions.
83e406deaa4d1f24eae906db537fbb1dSecunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
072c081350f6626531164b67afa031a4Secunia Security Advisory - Some security issues have been reported in JBoss Enterprise SOA Platform, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions.
e480352d36e1c13fabb2eeddb0d5827dSecunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system.
9d74c0c4f30d671107fcca4bd330e563Secunia Security Advisory - Cisco has acknowledged a vulnerability in multiple Cisco products, which can be exploited by malicious people to manipulate certain data.
4ed1177f613d0c5ffa5643bb22ade895
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed