sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.
b2036d45402949553965c07da5b6d34cOSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.
a12abb24c0bcbb63744f41b14614b5bbPostfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.
dd4d0622a04f9e835b76a657cce1e426Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.
4c3f584caafc12dbf6d71610a1d2c410The Joomla Propertylab component suffers from a remote SQL injection vulnerability.
234cfbaa2fa7139f42f69411ea24bd80DPI version 1.0 suffers from a cross site scripting vulnerability.
e92965d578bb18262516d6781d4073e0Mibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.
f32c2798bd75a6a10e425d0591bc87c3The Joomla BBS component suffers from a remote SQL injection vulnerability.
a3be06ef419abf86154d0accfdf0e70ePhux Download Manager suffers from a remote blind SQL injection vulnerability.
6d22563ebdaaf2cecc143d641f7f7e8eRed Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
44d81ae92adf7850ee1f492269f37d84Red Hat Security Advisory 2012-0070-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
d315ce01d286f71b01b0b81eb34f1950Red Hat Security Advisory 2012-0069-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
ef371079c7969e4ffda3cb3dc3bff183Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.
34098d57e9d12d3b3947c2fb58c89cf8Gentoo Linux Security Advisory 201201-17 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 16.0.912.77 are affected.
23d9709d773251cea2af43e3f01f8d78The Joomla Firmy component suffers from a remote SQL injection vulnerability.
279fb685b3bac33f19ce66a579700475Tracker Software pdfSaver ActiveX control (pdfxctrl.dll) version 3.60.0128 suffers from stack buffer overflow vulnerability.
c60d9b746f82351000d385b4d5a0aff2Gforge.org suffers from multiple cross site scripting vulnerabilities.
4e54b6dae4fd31561f3990dd708a7fe4HP Security Bulletin HPSBUX02724 SSRT100650 3 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 3 of this advisory.
8581e59a3cb274fb81665357779bdabdHP Security Bulletin HPSBUX02697 SSRT100591 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 2 of this advisory.
f81a46fb7c45c36468485a1af46e45ba4Images version 1.7.6 suffers from a cross site request forgery vulnerability.
f10e749f786d1d0fcfaa0e5d083c4fa8VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.
f01c53578bb58b204ee302611e8e3317Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system.
ef906d38584e851acc7d8c6778fc5f09Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system.
a9fc2c0206a18e003747bad81aaab5daSecunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.
9fa75d56644707dcc051b2369694c2d1Secunia Security Advisory - A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.
682990bd01bf5789932b98b1652c542f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed