HP Security Bulletin - A potential security vulnerability has been identified with the version of GZIP delivered by HP-UX Software Distributor (SD). The vulnerability could be remotely exploited leading to a Denial of Service (DoS).
d0ae6580d774a6d54290f2105648643ccaad8d051dcad97ab862a7eeadc3b778Apple QuickTime player versions below 7.1.5 suffer from a udta ATOM integer overflow vulnerability.
e03394245274b6b00e5fa22b4c2814fab82e21766b6d438a9e3795daf1e5fb32Apple QuickTime player version 7.1 on Windows suffers from a remote heap overflow vulnerability.
65da3ab8f46f0b132528896188ac81e77e60eee67849338401fb5ac40456b761PHP versions 4.4.6 and below mssql_connect() and mssql_pconnect() local buffer overflow exploit.
92d4547d24e68dddd983ba158385a312924951aeaa3d8dccb81e10b405a832f7Core Security Technologies Advisory - GnuPG and GnuPG clients suffer from an unsigned data injection vulnerability.
105bc292cde7181a51838486efb114fc2b42ca52c8eb7401d9334c18e0c47625iDefense Security Advisory 03.05.07 - Remote exploitation of a heap corruption vulnerability in Apple Computer Inc.'s QuickTime media player could allow an attacker to execute arbitrary commands in the context of the current user. The vulnerability specifically exists in QuickTime players handling of Video media atoms. When the 'Color table ID' field in the Video Sample Description is 0, QuickTime expects a color table to be present immediately after the description. A byte swap process is then performed on the memory following the description, regardless if a table is present or not. Heap corruption will occur in the case when the memory following the description is not part of the heap chunk being processed. iDefense Labs confirmed this vulnerability exists in version 7.1.3 of QuickTime on Windows. Previous versions are suspected to be vulnerable.
fec5cfa3ca512e52554badeb637b6197568fa66695d6a4894d6a34b8670d4953Sava's Guestbook version 23.11.2006 is susceptible to SQL injection attacks.
4b81cf03f82bc3f5072fccfcdf278134f7e8f1d7da28b000f7859912b360c878LI-Guestbook version 1.1 is susceptible to SQL injection attacks.
590295790e9c6394f46eac6d6aa675cb7140685a838bef447c02a4e364cde498ePortfolio version 1.0 suffers from java related input validation vulnerabilities.
d580e5ce9cef125f074ae8c920d55a8cfb0d446d4ef395be40632278026b0f21The call for papers for the upcoming Hack in The Box Security Conference 2007 in Malaysia is now open.
6504485a29aad2f92cef6c8e35787de7c8126e0d0a79da54a13e9027dd4a371dPHP-Gaestebuch versions 6.3 and below suffer from a HTML injection vulnerability that can allow for cross site scripting attacks.
2e93b4d81779ca64b2a6b178843c2da8f2564aa45d9289efe4ab6618d10fa2cdrrdbrowse versions 1.6 and below suffer from an arbitrary file disclosure vulnerability.
cca8d4336f4a7dd8d011665d3a65fb9d0b0656fdacef8ac9fe5e6dff2d1478e9Debian Security Advisory 1262-1 - "Mu Security" discovered that a format string vulnerability in the VoIP solution GnomeMeeting allows the execution of arbitrary code
fd3a3dd2ccd3984ed7096275fad1986e440af7e5ab5d6241f5577d25b8a7f850Konqueror crashes if Javascript code tries to read the source of a child iframe when it is set to a ftp:// URL.
ffbeac05613ea571f4126734b453bc72f30bdd4b66c8470af2cfc41577833dd9vCard version 2.6 suffers from a cross site scripting flaw.
e1147a89a3994e21c9d5b36eaee74aa8ed77228883fbe59a7cba3406729c9699Remote denial of service exploit for Asterisk PBX that makes use of a bug in the SIP channel driver. Versions below 1.2.16 and below 1.4.1 are affected.
5a35585cb02179c081c481b527bb9d32dd489f17cdc09a9fbdc837c8bfa91a2cRPS version 6.2 SQL injection exploit.
e3e7f1bf0133f64fb0a116a1bbdef3784a4b0ac39907ed817f0822cc8e5d5bcdRapidleech remote code execution exploit.
47a91b634d79fb830254956b731b301636d7ebe298c0f61b6ed34b09600f5956Tyger bug tracking system version 1.1.3 suffers from SQL injection and cross site scripting vulnerabilities.
0a6b81b6f0f669ee5e6eebdb06a55621e97da19d9ed0ef0bd07b8fa5c834cf26BJ Webring suffers from a cross site scripting flaw.
b2d1f90bffbe032f022a3e17b4bd6644751dc808374a207f9de684cabad91a9awebSPELL versions 4.01.02 and below remote code execution exploit.
29547bcb116a8a5c976676f6723cca0288b40635aecde39ddaec964f24859f18It appears that the WordPress blogging software was compromised and backdoored on Feb 25th, 2007 on the WordPress site.
34ddea36404bae61b3ed5fc2e049d2e8e59f33ea3c70b17cba90e92bcbaf2098Mandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10.
a6c727c9c55b7a3d9a6b157a2ab03de066cd8481902e55ee8a61cf7b1109a114Proof of concept exploit for Netrek versions 2.12.0 and below which suffer from a format string vulnerability.
93c912a65f97bc2caa9814c08bf6f13b9a409e47d7b90b10ac88e62c3795baafNetrek versions 2.12.0 and below suffer from a format string vulnerability.
41c173dd96c828918b04020674893aaebeedf56a458fb39de4e1d091992fd623
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed