Technical Cyber Security Alert TA08-043C - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Office, Visual Basic and Internet Information Services (IIS). Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code, gain elevated privileges, or crash a vulnerable system. Systems affected include Microsoft Windows, Microsoft Internet Explorer, Microsoft Office, Microsoft Visual Basic, and Microsoft Internet Information Services (IIS).
4ea392064f976f1ca1762d31449e7f29521b46f41804760b6036bf51ff62e43fSecunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service).
e0d05c9dd6870ff6456095f1324ef2c4a38913b293ed2c31957a9f2bd108517eSecunia Security Advisory - A vulnerability has been reported in Microsoft Internet Information Services (IIS), which can be exploited by malicious, local users to gain escalated privileges.
004ae405a318816301501af131d3a5bd4bd9de6f1caca4cd57b03735ed2ec58dDebian Security Advisory 1496-1 - Several buffer overflows have been discovered in the MPlayer movie player, which might lead to the execution of arbitrary code. Felipe Manzano and Anibal Sacco discovered a buffer overflow in the demuxer for MOV files. Reimar Doeffinger discovered a buffer overflow in the FLAC header parsing. Adam Bozanich discovered a buffer overflow in the CDDB access code. Adam Bozanich discovered a buffer overflow in URL parsing.
c361d51d6f24230ed4e54481cadc697f2445ea513792e3be9d71f8ed668a8eb2Debian Security Advisory 1495-1 - Several local/remote vulnerabilities have been discovered in two of the plugins for the Nagios network monitoring and management system. A buffer overflow has been discovered in the parser for HTTP Location headers (present in the check_http module). A buffer overflow has been discovered in the check_snmp module.
b718f3d850c7ae2b639d85c965fdb86e849f7b2350eb8bf95e90b635271d3450Gentoo Linux Security Advisory GLSA 200802-06 - Florian Weimer from Debian discovered that scponly does not filter the - -o and -F options to the scp executable (CVE-2007-6415). Joachim Breitner reported that Subversion and rsync support invokes subcommands in an insecure manner (CVE-2007-6350). Versions less than 4.8 are affected.
a696c82ee26ae1b4774c3444ce5bd51104032a4228186e327864756a10af101aGentoo Linux Security Advisory GLSA 200802-05 - Multiple integer overflow and signedness errors have been reported in the excel_read_HLINK() function in file plugins/excel/ms-excel-read.c when processing XLS HLINK opcodes. Versions less than 1.8.1 are affected.
e7a54a5d92b2bada86244aa96b1f938b9a165a9f7729f5c96987c2037bb71ce9Multiple security vulnerabilities such as cross site scripting and SQL injection have been discovered in Cacti versions 0.8.7a and below. Full exploitation details provided.
40eeb2e3bd758718bab24d1dda1ef1a8de3acea488b2f6daa45622393b146ba0LI-Scripts LI-Countdown suffers from a SQL injection vulnerability.
4e169640dfd1470c95824a1bcf4bbff26acae777551a3790de4792487b105133Intermate WinIPDS versions 3.3 Revision 052-33-021 and below suffer from directory traversal and denial of service vulnerabilities.
531142ae03915670cc867124a7f556f8f88e3307b3da54f3becb5c5d74dd3422Exploit for the RPM Remote Print Manager versions 4.5.1.11 and below which suffer from a unicode related buffer overflow vulnerability.
87d49422cfdff7f99139e9406f2644f80e9d36d510a36dd7c36948a1c0531197The RPM Remote Print Manager versions 4.5.1.11 and below suffer from a unicode related buffer overflow vulnerability.
472461a3e5b7e5763fa02402f33f3fd2a1ad7fad7fc5888fd74568d736e13a54Secunia Security Advisory - A vulnerability has been reported in Microsoft Internet Information Services (IIS), which can be exploited by malicious people to compromise a vulnerable system.
a681bd4be26bd85414c6dfadd69c7173ab81c24c8e0a8a9546a2cb3814ff4047Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
9e72adeef1f747683ac9edb332d6479cf2c93023872626d356588dd776a7bc90Secunia Security Advisory - Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
28f687f5d3084c42feedafb91687d0d20c9019217bd73c6004fd2a31366478ccSecunia Security Advisory - Some vulnerabilities have been reported in Microsoft Office Publisher, which can be exploited by malicious people to compromise a user's system.
c71d7f5b09ea0d1dc1f95a28a24f85f1c8188c52928dfe2cf9bfe99e0076ee6ciDefense Security Advisory 02.12.08 - Remote exploitation of an integer overflow vulnerability in Clam AntiVirus' ClamAV, as included in various vendors' operating system distributions, allows attackers to execute arbitrary code with the privileges of the affected process. iDefense has confirmed the existence of this vulnerability in ClamAV 0.92. Previous versions may also be affected.
a41220bd562f0751be2d8a4c85b3aa329da8712ae380c55def9f43dd8a24c6b3Ubuntu Security Notice 577-1 - Wojciech Purczynski discovered that the vmsplice system call did not properly perform verification of user-memory pointers. A local attacker could exploit this to overwrite arbitrary kernel memory and gain root privileges.
c3097de3abfb7924d2558c14687527f7f3e24c385dfac514b18b0843fe5d9effMultiple security vulnerabilities such as cross site scripting and SQL injection have been discovered in Cacti versions below 0.8.7b and 0.8.6k.
4d5536e480473c05419a2d4a87325aeafd226002691c479b6b3acec58bf8dda8Technical Cyber Security Alert TA08-043B - Apple has released Security Update 2008-001 and OS X version 10.5.2 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service. Systems affected include Apple Mac OS X versions prior to and including 10.4.11 and 10.5.1 and Apple Mac OS X Server versions prior to and including 10.4.11 and 10.5.1.
ad0609bce659248c5bdd08afd89dc55894858d34d2af81e86ef96c37923ce080Technical Cyber Security Alert TA08-043A - Adobe has released Security advisory APSA08-01 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code. Systems affected include Adobe Reader version 8.1.1 and earlier and Adobe Acrobat Professional, 3D, and Standard versions 8.1.1 and earlier.
b6a4625c313fb3666ae95c4af3dc7bb4d1ba99e0a330ec6ce4dc5866a785c250The Endian firewall version 2.1.2 suffers from cross site scripting vulnerabilities.
1f0d21c5eccd7166bf9aafc3ee4c981a067dce5a155cd4e3c10e9d78fbb1c0f3Mandriva Linux Security Advisory - Various local denial of service and privilege escalation vulnerabilities have been added for the Linux 2.6 kernel package.
15110333a170cf683e179d93999a7af19fc080a86fb4507d86be6f743bbbae3cThe Counter Strike Portals (Kommentare zum Download) suffer from a SQL injection vulnerability.
c32829c32a31dcfdc9dfa144b44a363c658ce3946f0e572bbd125ae579fc9f0eThe Joomla com_iomezun component suffers from a SQL injection vulnerability.
4983b0960a20c329ab49326fc0806eae6f19387b74d1ae4dd1e4f22dc517b134
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed