Fork CMS suffers from a local file inclusion vulnerability.
dc9c3676bed4b6dd47b65dcd79362c247ada9470a4af9cb6c2e29524e8645942Fork CMS suffers from a cross site request forgery vulnerability.
b1f5869ab5f633d45b74847ab258441ea7cf30e564f771344d4b1c00f8ba8c27Fork CMS suffers from a stored cross site scripting vulnerability.
8c5fae34f52db9b2663429d8f941353d9efee87ca897544f51278843d7e9d2b8SWFUpload suffers from cross site scripting, cross site request forgery, and object injection vulnerabilities.
88f9aac6098d0e3258845fe60905a4307536ba1d86078b4b59c2122b60d3ea28VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by a heap overflow error within the JavaFX component when decoding certain video frames, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
a2eb4b5d305a7ac6991835ccb5811297e7d48909f1c506568314ba2a5970316cMatrix42 Service Store version 5.3 SP3 suffers from a cross site scripting vulnerability.
d431e07e2090b3ecb928537ec9c68ab0d5ece0d754b16cb65ebe58d7828b3216Technical Cyber Security Alert 2013-107A - Oracle has released a Critical Patch Update (CPU) for Java SE. Oracle strongly recommends that customers apply CPU fixes as soon as possible.
2bc33c1159b0fcbf4383d5702e542342e6335e5d00c4f2e7df5b6d43cc1a63a6Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
a7eeb7f0852c3f890b1cf069da1c6007331be8b19ddd6ca7025e8cfe208f0861Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 'USER' command, a remote attacker can potentially have an unspecified impact.
9b812ca885b40a06ed5af29596e9d126320a1646dbcbe6be64b5c81887642462Cisco Security Advisory - Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify any information in the NAC Manager database. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.
0b2fd9431ac6f3023d470247efac603d079d9cd4168dd50bc6a519460459b72fThis toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.
75ff27cd30407cd57f35a7646b82e6fede9cfc7e1fac089b3da43e547424af48Ubuntu Security Notice 1803-1 - It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes.
0a8fc43b37e93e1260e0124d3f96f99613c73e4adbc0f22dda8909721d36cfa6Debian Linux Security Advisory 2661-1 - David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the Xorg X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.
ddec4e210a037caeffbc9a414e249bc38399f5e30f17b1044f4ffdad14f56b69Red Hat Security Advisory 2013-0753-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate applets from different domains currently running in the browser.
c1ce692c1521d0837522bfb3b37e40034340611dd97379e2d399b43394575abeRed Hat Security Advisory 2013-0752-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
41d947531ed3d252e75fac4e4c2beb0c11832cfe342063df05ef1bf45c210ec0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed