Technical Cyber Security Alert TA06-220A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
50b39f90e5bfc23ce326ca67856a8f3a70330c703736854854acf826a243ce64
BlogHoster version 2.2 suffers from a HTML injection flaw.
d5b526974018700bbd8fe91f5d4d6f62eaa062dfc230fcc969722bf17d654abe
Gentoo Linux Security Advisory GLSA 200608-14 - Luigi Auriemma found a heap-based buffer overflow in the it_read_envelope function which reads the envelope values for volume, pan and pitch of the instruments referenced in a .it (Impulse Tracker) file with a large number of nodes. Versions less than 0.9.3-r1 are affected.
6d82ac4cf611d503f02d89a31a96faf2174778c5db38990eb8eef12fb10e2980
A vulnerability Microsoft Powerpoint allows remote attackers to execute arbitrary code in the context of the logged in user. An array boundary condition may be violated by a malicious .PPT file in order to redirect execution into attacker-supplied data. Exploitation requires that the attacker coerce or persuade the victim to open a malicious .PPT file.
30b627d479aa605a484c97b5825eb6551f6f35f7202004e7be15e2a53a90f1cd
Cwfm version 0.9.1 suffers from a remote file inclusion vulnerability.
22a59ac7440748d601b9477c803a79ed340dbbe76b48c5c72b4905f91b107e8e
Novell Groupwise WebAccess is susceptible to cross site scripting attacks. Versions 7 and 6.5 are susceptible.
ed89535ccb04b5ad07312b883638ed4b701ecaca83e8db67c376289feaf92856
A vulnerability allows remote attackers to execute arbitrary code on vulnerable applications that utilize Microsoft Hyperlink Component Object Model (COM) objects. Specifically, this includes at least Microsoft Word, PowerPoint and Excel. Exploitation over the web is doable via Office Web Components (OWC). It is not required for the target to have OWC installed.
d8d3c87b1ba6bb1e1400f579fa2ee1f092e95d727fbaf20eac30d77c0be0dd20
An arbitrary code execution vulnerability exists in Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the DirectAnimation.DATuple ActiveX control when improperly calling the Nth() method. By supplying a positive integer we can control a data reference calculation that is later used to control execution. The problem is due to the lack of sanity checking on the index used during a call to TupleNthBvrImpl::GetTypeInfo() in danim.dll.
769bb97641bc409682a302fdc938fac3ae5a377904cf391babafeb05d9e2157c
An arbitrary code execution vulnerability exists in Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability can lead to code execution when instantiating the Internet.HHCtrl COM object through Internet Explorer. The flaw exists due to invalid freeing of heap memory when several calls to the "Image" property of the ActiveX control are performed. By abusing the jscript.dll CScriptBody::Release() function user supplied data can be executed.
0bc39862ef933a14031affb82e5ca6d358a21f94744cabd82cdadf1d60eea715
MIT krb5 Security Advisory 2006-001 - In certain application programs packaged in the MIT Kerberos 5 source distribution, calls to setuid() and seteuid() are not always checked for success. A local user could exploit one of these vulnerabilities to result in privilege escalation.
5db9ff2738fcd6d0a0ced2e2d5163d49ea87c62d41b14cf20dadce5116a9f956
Archangel Weblog versions 0.90.02 and below suffer from html injection flaws.
2b91910a0fd834c4306140bccb4665ffe30dd8dbf099b23fb0d76c6abca63478
A vulnerability in Microsoft Internet Explorer allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists due to improper handling of CSS class values. Accessing a specially crafted CSS element via document.getElementByID causes a memory corruption eventually leading to code execution.
57fb1dc0472d53d18e1e1b8b3ad21deb294e25b88cdbc8f2051142b0af1bbafb
A vulnerability in Microsoft Internet Explorer allows arbitrary code execution. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to improper garbage collection when multiple "imports" are used on a "styleSheets" collection. Crafting a long chain of CSS imports in an HTML document results in a memory corruption eventually leading to code execution.
dac941decc7a45743d5845a19527090e075dfa85d406566b90b661b23341d886
The eIQnetworks Enterprise Security Analyzer suffers from multiple vulnerabilities that allow remote attackers the ability to execute arbitrary code.
0c958ba0e58c280878e97816e04c3b684803e7205a47ff82e11b381192278831
phNNTP version 1.3 suffers from a remote file inclusion vulnerability.
4c9c4c08b8c74d80ad77f027e0d7c95aa26967c41a4e4c75e4cbee6e290a7532
Black Hat Conference Presentation - How to Unwrap Oracle PL/SQL.
129dd1ef0f1f01363f56cf461f6fea2c38b211109db9b4f409ac4020178a32c0
FCE Ultra versions 0.98.1 and below suffer from a buffer overflow vulnerability.
ad753b7507a83df06c7222379c89ac4990dfdd983aa2c093328bb594e5d8da25
MojoScripts' mojoGallery is susceptible to cross site scripting attacks.
be6c3660444254095dd335b4565132864c43ad1aa0d34d6f9ad2a40852354e1b
docpile:we version 0.2.2 suffers from a remote file inclusion vulnerability.
ecb9a47ead5901d0ddbd0efa404ea5658a38e7dcc9baa8f037b01915fba35e81
Gentoo Linux Security Advisory GLSA 200608-13 - Damian Put has discovered a boundary error in the pefromupx() function used by the UPX extraction module, which unpacks PE Windows executable files. Both the clamscan command-line utility and the clamd daemon are affected. Versions less than 0.88.4 are affected.
b8545eb7310735bc5ee730c9fb80a86582661d462797e3f6084fa9b098590cf4
mysearch.myway.com suffers from a cross site scripting flaw.
33e8a6086d4078848a1edb6f03f3f893633f2d30d076a3ebd93f6fb812dbbbcd
forums.microsoft.com suffers from a cross site scripting vulnerability.
6f370fd3372a87514edf914d1db2374c4fa868c1095ee6fba50efb57c3ef3a99
Whitepaper discussing the bypassing of script filter with variable-width encodings.
3f758cdb2a9ed75213ae2fa409be10c8c8b216d0491636c6a61a4c332194a72f
Debian Security Advisory 1145-1 - Several remote vulnerabilities have been discovered in freeradius, a high-performance RADIUS server, which may lead to SQL injection or denial of service.
032830d52ad0cc8337c6c145d15954022bdf14ddecc112ada9a40655f1eafee0
eEye Digital Security has discovered a vulnerability in McAfee Security Center that ships with all McAfee consumer products. There is a remote code execution vulnerability that allows an attacker to take complete control of a remote computer by exploiting a vulnerability found in the Subscription Manager ActiveX control.
33f57785079720127a76ff9e72a1751b5ec39328493dd4c70ff158e5396f4cd4