Debian Linux Security Advisory 2384-2 - It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny.
2b562edca928d44931c946b9675957b1Secunia Security Advisory - Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
407bda4fb0d96e76204004084a65952fSecunia Security Advisory - A vulnerability with an unknown impact has been reported in Skype.
e9a81b1ab677f397ea8c4a53846108a4Secunia Security Advisory - A vulnerability has been reported in Xen, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.
e52f54ee37630cc46824c58f10e01b83Secunia Security Advisory - A vulnerability has been reported in the Forward module for Drupal, which can be exploited by malicious people to bypass certain security restrictions.
80151cbd76a120e05740e257d0119255Secunia Security Advisory - A vulnerability has been reported in PHP, which can be exploited by malicious people to compromise a vulnerable system.
dc041f739e99ada7af582ccc48bd735dSecunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
3983f7fba046df4fffe170dc6c4a039aSecunia Security Advisory - Red Hat has issued an update for ghostscript. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
e0e720db6745601a920279f6429ee525Secunia Security Advisory - Red Hat has issued an update for php53. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7c165fbfd68021eb1264d1e03d65394dSecunia Security Advisory - A weakness and two vulnerabilities have been reported in Joomla!, which can be exploited by malicious users and malicious people to disclose sensitive information.
1d73e61d5374e1d2844d0189daec6c1eSecunia Security Advisory - Sony has discovered multiple vulnerabilities in Foswiki, which can be exploited by malicious users to conduct script insertion attacks.
93cbf400dcce33a88fb7d3f1a9c32832Secunia Security Advisory - Red Hat has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
a8eb50bda9e6c9d1e71e48fd17e71392Secunia Security Advisory - Debian has issued an update for php5. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
e50d4994067597a6469dc6259c8dee48Secunia Security Advisory - A vulnerability has been discovered in the WP-RecentComments plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
7361e57fd548873e02b75ab76532b161Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.
720b2950a35bbd1f20bbe047bff623d1Secunia Security Advisory - Debian has issued an update for tomcat6. This fixes multiple weakness, two security issues, and multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to disclose sensitive information, bypass certain security restrictions, or cause a DoS (Denial of Service).
3bdbaa844c4af77dbe45f93ae7707563Mandriva Linux Security Advisory 2012-013 - Security issues were identified and fixed in mozilla firefox and thunderbird. Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Various other issues were also addressed.
8440ddc6266c7f42154730c51559597bUbuntu Security Notice 1355-1 - It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
21014e7685b2de0234ac75fd2b4a5509Ubuntu Security Notice 1355-2 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
8791de077f5bd63d5d9c170bf7739905Ubuntu Security Notice 1355-3 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
89b0a01e7c3a96dcdd52016aac1b682dEMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.
47766ee4538f434cc83fdd7864e8341fHP Security Bulletin HPSBGN02740 SSRT100741 - A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
1ee59b68380765139a6c58c7999ac86aDebian Linux Security Advisory 2403-1 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
c4d8e3fd768c60e10ba1bfdc3db5bf69Secunia Security Advisory - HP has acknowledged a vulnerability in multiple HP products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
e32bd55a88fc1518373e5ead032645a3Secunia Security Advisory - Two vulnerabilities have been reported in the RTG Files extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
46f39c572ca6ef85296c47a33ee1d6b2
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed