HP Security Bulletin HPSBUX02789 SSRT100824 3 - Potential security vulnerabilities have been identified with HP-UX CIFS-Server (Samba). The vulnerabilities could be exploited remotely to execute arbitrary code or elevate privileges. Revision 3 of this advisory.
ede63ffb5a2f14c0429fc9a03eebbb53fb85c803709c1fe088d7af87e5a33b45Apple Security Advisory 2012-07-25-1 - A cross-site scripting issue existed in the handling of feed:// URLs in Safari. An autocomplete flaw was also fixed in Safari. Various other Safari issues have also been addressed. Webkit had code execution, cross origin, access control, and various other vulnerability issues addressed.
8732227d6e75dc119efc7310ee76893499230d392a70d317817005bf2619e391Sites powered by code from 120host.net appear to suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.
d20c64908a88aaaf4b2c62d545a432348c90464c70dda946a4bcd87c144f5ca8Redaxo version 4.4 suffers from a cross site scripting vulnerability.
44fcafd5bf41a508f40719e15f1cb1569a6d62987e638d5f77a211a346b98692Mandriva Linux Security Advisory 2012-111 - It was found that previously libgdata, a GLib-based library for accessing online service APIs using the GData protocol, did not perform SSL certificates validation even for secured connections. An application, linked against the libgdata library and holding the trust about the other side of the connection being the valid owner of the certificate, could be tricked into accepting of a spoofed SSL certificate by mistake. The updated packages have been patched to correct this issue.
0e6890a08ae22ca1f467f5d5fce0ae80f27743e936d792f852966aa408755bd757 bytes small Linux x86 chmod 666 /etc/passwd and /etc/shadow shellcode.
590e152e8000ac65c31808f69843049356045877a386919811bea3db71213bd4Drupal Subuser third party module version 6.x suffers from access bypass and cross site request forgery vulnerabilities.
f1e7353947ba5d34aebd66e41a93861e0be79700e5fc6ab0bdea97b13c264eb9Drupal Location third party module versions 6.x and 7.x suffer from an access bypass vulnerability.
32e857f20d34d7a34a7f4fb7806d0de7e4b43d13c188388880debffda623191bSlackware Security Advisory - New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.
e0b2e87d2acceb14c61c2087afccaa1d022ee55170560ead2c4445f6120f1380BarCodeWiz Barcode version 4.0.0.0 suffers from an active-x buffer overflow vulnerability.
b100107c50c5435e8468ce713c08d01fee63a0729c92fd3d29da921ea87d64b1Drupal Secure Login third party module version 7.x suffers from an open redirect vulnerability.
085018766c4aca8f7f4e6b904acaa32fdef096340a8e38b04a51e988c9bae10cDrupal Gallery Formatter third party module version 7.x suffers from a cross site scripting vulnerability.
5b48a8e0c844ca57bc1ca91f72f0a359d87774ce2d59e39cb70c4c3bb05490bf28 bytes small Linux x86 execve("/bin/sh") shellcode.
e76c6cfce6e63e2e04ebe2418e31f5cc54c5925f41db12525c88204ca0278b05Joomla Odudeprofile component version 2.x suffers from a remote SQL injection vulnerability.
8b5536a92abeb5455576bdcda4e58fb09ea7f7b74b19c495050cdfec88ce5f79Secunia Security Advisory - Two vulnerabilities have been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service).
6e8b9db19ff75a72f524a180d663809cc372d88d2088684b0245852a8d37c58bSecunia Security Advisory - A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious users to bypass certain restrictions.
97ada1e4be02d46960d51389943f616526bc13d8216e951e9639dee8e48bb565Secunia Security Advisory - A vulnerability has been reported in Blackboard Learn, which can be exploited by malicious people to conduct cross-site scripting attacks.
464769021f84062862979d21d00ae879e9ac5d8ca21ef3a42ca54e644ec85b3dSecunia Security Advisory - Multiple vulnerabilities have been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
4f182462b99aaeeac6d2a43de092cebbdbf10d8be09375e100bdc24dfc1ca605Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft SharePoint Server and FAST Search Server 2010 for SharePoint, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
e6c9a12a3048f098ad666ec51a0733c593ccea3cb01d24daecb37787b49203c9Secunia Security Advisory - A vulnerability has been reported in SquidClamav, which can be exploited by malicious people to cause a DoS (Denial of Service).
b26168a03d13e1c5db9809741d8c78d01f064371d233aedf2feec8bbfe47941aSecunia Security Advisory - Charlie Eriksen has discovered a security issue in the GD Star Rating plugin for WordPress, which can be exploited by malicious people to bypass certain security restrictions.
ee85ab9808ff9f110f7871dc8fcc87890303cd35d29ee50ef17ca622dfd77a15Secunia Security Advisory - Microsoft has acknowledged multiple vulnerabilities in Microsoft Exchange Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
bd31dc70d533644f0848ab4b088f1675d08eda1e8131bc507b615ba237a878b2Secunia Security Advisory - A vulnerability has been reported in Zabbix, which can be exploited by malicious people to conduct SQL injection attacks.
aecc1320600598bf236398b0fd8a5501bf3d77b36d5d6f4655254efc29fd1970Secunia Security Advisory - Slackware has issued an update for libpng. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
8bc63a2f70ec5d3043e5461c3c9094a3399dfdc6ac04e2c55198124caf9e5060Secunia Security Advisory - A vulnerability has been discovered in @Mail Server, which can be exploited by malicious people to conduct script insertion attacks.
cc984eeaddf4866275dc5b4ce1252cdbe7bc8894a12203e613b894301927a35f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed