Gentoo Linux Security Advisory 201201-8 - A stack-based buffer overflow flaw in FontForge could result in execution of arbitrary code or a Denial of Service. Versions less than 20110222-r1 are affected.
5e0ec606dc42c697f168165ded389291Gentoo Linux Security Advisory 201201-7 - An unspecified vulnerability in NX Server Free Edition and NX Node could allow local attackers to gain root privileges. Versions are affected.
07ba65a3f3519d54e078d1ab3226561eUbuntu Security Notice 1336-1 - Juri Aedla discovered that the kernel incorrectly handled /proc/pid/mem permissions. A local attacker could exploit this and gain root privileges.
1efb3c66fe91e5fae9088ec2e65520b2Bart's CMS suffers from a remote SQL injection vulnerability.
ac148e0909181d491a62b262da5478b1This is the Mempodipper local root exploit for Linux. /proc/pid/mem is an interface for reading and writing, directly, process memory by seeking around with the same addresses as the process's virtual memory space. In 2.6.39, the protections against unauthorized access to /proc/pid/mem were deemed sufficient, and so the prior #ifdef that prevented write support for writing to arbitrary process memory was removed. Anyone with the correct permissions could write to process memory. It turns out, of course, that the permissions checking was done poorly. This means that all Linux kernels greater than and equal to 2.6.39 are vulnerable.
50b274079f83341f00a4ec625f3359dbParallels H Sphere version 3.3 P1 suffers from multiple cross site scripting vulnerabilities.
319f2a9825aa5bfc031c08f116a63044Gentoo Linux Security Advisory 201201-6 - Format string vulnerabilities in iSCSI Enterprise Target could result in execution of arbitrary code or a Denial of Service. Versions less than 1.4.19 are affected.
0c393ac95e06dbf2eef22ebe4b510404The Joomla Mobile component suffers from a remote SQL injection vulnerability.
2fdba973a811f53d3325ff9ef372d15bZone Rouge CMS 2012 suffers from a remote SQL injection vulnerability.
8f3837afbf8c097af764e8dae15b4877Gentoo Linux Security Advisory 201201-5 - Multiple vulnerabilities have been found in mDNSResponder, which could lead to execution of arbitrary code with root privileges. Versions less than 212.1 are affected.
7d200da6320a6f51d408c07ef41a8f1fDebian Linux Security Advisory 2391-1 - Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web.
20fd4b6e674a43737e44e7ac7d9cd67dSecunia Security Advisory - Gentoo has issued an update for logsurfer. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
c22970e3947f22fe5ac56f0e20676adcSecunia Security Advisory - Gentoo has issued an update for mDNSResponder. This fixes multiple vulnerabilities, which can be exploited by malicious, local user to cause a DoS (Denial of Service) or potentially gain escalated privileges and by malicious people to conduct spoofing attacks, cause a DoS, and potentially compromise a vulnerable system.
739f2b3075be2231a3d1a4e207e208faSecunia Security Advisory - A weakness has been reported in EMC SourceOne Email Management, which can be exploited by malicious, local users to disclose certain sensitive information.
1a7566b2cc2aa13f36bd672bc852c9c5Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise CRM, which can be exploited by malicious users to manipulate certain data.
f8c84e46fd0d1009061c0c4570faed08Secunia Security Advisory - A vulnerability has been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious users to manipulate certain data or cause a DoS (Denial of Service).
e46cdb1d2de36a91b20a1d32f7c1977dSecunia Security Advisory - Two vulnerabilities have been reported in Oracle VM VirtualBox, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
bc18753b5f4ba42d60049ba948e80c2bSecunia Security Advisory - A vulnerability has been reported in OpenNMS, which can be exploited by malicious people to conduct script insertion attacks.
3351b469579604c72f63bf0c264915b2Secunia Security Advisory - Meder Kydyraliev has reported a vulnerability in Apache Struts, which can be exploited by malicious people to bypass certain security restrictions.
5f561078070fd1180604a73ca895afb4Secunia Security Advisory - Multiple vulnerabilities have been reported in Schneider Electric Modicon Quantum Series Modules, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
7b4f47ec19f51579c30258813e2d7a2bSecunia Security Advisory - Multiple vulnerabilities have been reported in Koyo ECOM100 Ethernet Module, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
caf3352b54f274141b64cc4c02e7ad5fSecunia Security Advisory - Gentoo has issued an update for fontforge. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
1c55f9bc5326970ea0eda9859fab252eSecunia Security Advisory - A vulnerability has been reported in SEL-2032 Communications Processor, which can be exploited by malicious people to cause a DoS (Denial of Service).
82a800e706261683813dcb14e06349f1Secunia Security Advisory - Multiple vulnerabilities have been reported in Rockwell Automation ControlLogix, which can be exploited by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a vulnerable device.
6770dd4b272aeb1f1873f9ecb1ce013aSecunia Security Advisory - Ben Schmidt has discovered a vulnerability in the Theme Tuner plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
f43406671bd1b5e85f2bfd8772214986
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed