Ubuntu Security Notice 2099-1 - It was discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.
da5f11c08898e9ebb91735f266683b787a02a7ceb86277819ba80fa40377ef5cDebian Linux Security Advisory 2855-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.
cdb059b02b1c23f6f02f9dd887c04116c1ac664ba252de491d1b90de3671310eRed Hat Security Advisory 2014-0140-01 - Apache Camel is a versatile open-source integration framework based on known Enterprise Integration Patterns. A flaw was found in Apache Camel's parsing of the FILE_NAME header. A remote attacker able to submit messages to a Camel route, which would write the provided message to a file, could provide expression language expressions in the FILE_NAME header that would be evaluated on the server. This could lead to arbitrary remote code execution in the context of the Camel server process. All users of the affected products as provided from the Red Hat Customer Portal are advised to apply this update.
bc81dc060c390772a5b1a581a7e8a45b6cf676ad3b0ee4a9c285540cd86c822dDebian Linux Security Advisory 2854-1 - Several issues have been discovered in mumble, a low latency VoIP client.
2088706e534cc92d82d75d5bd65c599453c66a2ff6edd852ddb061bb3f67c104Gentoo Linux Security Advisory 201402-5 - An environment variable processing error has been reported in Banshee, possibly allowing local attacker to load a specially crafted shared library. Versions less than 1.8.0-r1 are affected.
5362eccb6bd0ca934ad8ca51d060f512601e464387821acb53503ff47a5b4e77Red Hat Security Advisory 2014-0139-01 - Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin. A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin.
02c189bcb1976a4f4f88111e98a6e444bb4d4b7b3022798749683cfa0197b660i-doit Pro version 1.24 suffers from a cross site scripting vulnerability.
85742c3414a02c3893bedfb6f3301566ed32f027885f25095effcaaa4d8b4602Netgear D6300B routers suffer from remote command injection, root shell spawning, UPnP issues, credentials being submitted in the clear, and additional vulnerabilities.
896c086babecbfe246ba805c87d9f85d74b7f8d36859c8eca2c8d15b625be9c7Inteno DG301 remote command execution proof of concept exploit.
676c063a123bb6632d0c3722f2eb7566064d177f5285af48d6fca8019e6a8363Core FTP Server version 1.2 suffers from denial of service race condition, password disclosure, and directory traversal vulnerabilities.
cdd4723d3be809710e87bcb55c3ae14a73cde7aec28bad3f8f208fa620b79cceDrupal Tagadelic third party module version 6.x suffers from an information disclosure vulnerability.
34450b5c7ab2e02cb75dbe9e1d9c4dd028ed9fe5af6b80ff5d4a9f318239bfc0EMC DFS server may be vulnerable to malicious attacks that may allow access to content on the DFS file system. This is due to the way the DFS web service is used to upload content. Affected products include EMC DFS 6.5, 6.6, 6.7, 7.0, and 7.1 with all their service packs and patch versions.
ef4cb3d0f88f5998a859dfbf420714ce2b91e529bc2093489f021ec4eabeffefRed Hat Security Advisory 2014-0137-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed in the Adobe Security bulletin APSB14-04, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.336.
04865d9bb71ac1548718bbedace58ba354f7776bf4858cffbc8a461a4e55cffcThis whitepaper discusses rooting windows server using the PHP Meterpreter Webshell in Metasploit.
969178f6ff5208ad667a07134dd268f1f3afb8fbcc598cfc6a4095ef57d2b50bBandizip version 3.09 suffers from a dll hijacking vulnerability.
c62b674cac9e10905ad964d283c5a0a404b0d9e48891039a010f360cc74e0895
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed