HP Security Bulletin HPSBMA02654 SSRT100441 - Potential security vulnerabilities has been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.
83f1bc01374980a7cc2327bb34498b3a438e237448a2b1eb4b89ca4005aab1dbUbuntu Security Notice 1125-1 - Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart cards with malformed ATR messages. An attacker having physical access could exploit this with a special smart card and cause a denial of service or execute arbitrary code.
1f6cd6b13084e130b879a99b97190be6e3b43d434e8f2710672c5ef18b87d850Ubuntu Security Notice 1124-1 - It was discovered that rsync incorrectly handled memory when certain recursion, deletion and ownership options were used. If a user were tricked into connecting to a malicious server, a remote attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
d5d28b49c35cf138278bca335f3a43fafdbe74b8ae492a3a556d3592ff36cb9eHP Security Bulletin HPSBMA02667 SSRT100464 2 - Potential security vulnerabilities have been identified with HP SiteScope. These vulnerabilities could be exploited remotely via Cross Site Scripting (XSS) and HTML injection. Revision 2 of this advisory.
2cf69103e1ccbf5117fbb99babe5f974812cc4b1b70ccc2127fb3306d3774343Insomnia Security Vulnerability Advisory - One of the pages included in the admin interface of Up.time Systems Management software contains a function designed to set the administrator password when the interface is loaded for the first time. After this task has been completed the code which processes this request is left in the page. By sending a specially crafted request a remote attacker can abuse this functionality to bypass the servers authentication mechanism and reset the password for any account.
6c9f9fe29a5db7bd0c9e35ad56265abf778b16ff07e28d1298796b7d1a51ecf2CA Technologies support is alerting customers to multiple security risks with CA Arcot WebFort Versatile Authentication Server. Two vulnerabilities exist that can allow a remote attacker to potentially compromise web user security. The first set of vulnerabilities occur due to insufficient handling of request parameters sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can potentially conduct cross-site scripting attacks. The second vulnerability occurs due to insufficient filtering of a request parameter sent to the Arcot Administrative Console. An attacker, who can convince a user to follow a URL or view a webpage, can use redirection to potentially carry out additional web based attacks.
b7f2426e298629c164af95d01b3886396dbdea3a03957d1a67ef5c0aac369b16PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation.
7602308b2836f9720c4e4130f269ad8f2a067e36ac6e61aedb1949bfcdcc9d7867 bytes small activate guest account shellcode for Win32/XP SP3.
5eb9e5a59cb9205dcfa21e15cf1832cb98df3ec64bbd499193aa321ce059954bCpanel X3 version 11.28.87 suffers from a cross site scripting vulnerability.
668b877429a09753fc0687182acb6df487a2b9db0ecabdd3f2936732861f677cConnectPlatform version 0.30 suffers from a remote SQL injection vulnerability in blog.cgi.
37bdcf8e4441542a78ef20c4bcf339293400fbaed028ef02e74f6b8ee9befa9aphpwcms version 1.4.7 add administrator cross site request forgery exploit.
704bf06ac1515e2eb1ca1b482d400efceeedf4be19db3f0fc4522173e85c5c2dPlum Design Studio suffers from a remote blind SQL injection vulnerability.
36b7ad08d84276e198f38e009a15639629647f3253a30a76774f4eff224057c0Secunia Security Advisory - A security issue has been reported in Cisco IOS, which can be exploited by malicious people to bypass certain security restrictions.
a6be87a905b2573daa159b8b88957275d59c69405af5f5d6fe85a6ad594533ddSecunia Security Advisory - Some vulnerabilities have been reported in openSUSE Build Service, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
9a103cd17d37f21824cfbdf4dd90fa9ee8e5bc0c33fc4fd9cf4b92820fabd1dcSecunia Security Advisory - A vulnerability has been reported in openSUSE Build Service, which can be exploited by malicious people to bypass certain security restrictions.
f2590947096af849c99567becd5cb42454656154d5c05c2d12371b6eba579481Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
17c0e508710bb4f00f1f179e385b3d378527bd4b35827d30da710e418db2694752 bytes small Microsoft Paint shellcode for Win32/XP SP3.
6cce3b104986cba0ba0f7a38893069b2dce9092a964b0fa5c9993637147ddc78Secunia Security Advisory - Two vulnerabilities have been reported in Videcon Viola DVR VIO-4/1000, which can be exploited by malicious people to disclose sensitive information.
572461b87df68f531f4bb03e9e345de61f7aa87136626d8bfdf04cf1fd1ac534Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges.
11cc3ef33852b29fdabe838c757706245d0fb726331366bd295ed3ce280c420fSecunia Security Advisory - A vulnerability has been reported in phpMiniAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks.
b261ba0807f9d417a3726a48fd2c05fc1b2e1f0a05cb54bba34b428c6186781cSecunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in the WP Ajax Recent Posts plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
1c0083bc38f5dcbc9d0bba9f575169c0e1e12f0231401d4da5807401d3e1f4edSecunia Security Advisory - A vulnerability has been reported in IBM solidDB, which can be exploited by malicious people to cause a DoS (Denial of Service).
0287578e1fa7efb9eaee0c818f1994a312a06b390a2571602e41b83c2fbc5e65Secunia Security Advisory - Two vulnerabilities have been reported in Spree, which can be exploited by malicious people to disclose potentially sensitive information and compromise a vulnerable system.
96e3458e571c827da29079c9ccedf7f238acda2e931956253692217547458ec7Secunia Security Advisory - John Leitch has discovered a vulnerability in webERP, which can be exploited by malicious people to conduct cross-site scripting attacks.
a8f9b49d002afdd0f7c986f8ed7e30f88d9dbea8293b4f4fed696e3ae615ab06Secunia Security Advisory - A vulnerability has been reported in the GNU C Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
25d745fddc520801daa3e5ab68d60d405e52b5d89e206ef28fbedd76a1bcf55f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed