Ubuntu Security Notice 2810-1 - It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. It was discovered that Kerberos incorrectly handled null bytes in certain data fields. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
54cd41e88f3b572fc0172f18b2a69d4bc309121aab39e9d9df3fcb5f00087252Ubuntu Security Notice 2809-1 - Jeroen Simonetti discovered that LXD incorrectly set socket permissions. A local attacker could use this issue to escalate privileges.
b735021c341adabe5de7754d1e9c240f2eb14954d779c9aaa12505216b0db50cPHP Vacation Rental Script version 7R suffers from cross site request forgery and cross site scripting vulnerabilities.
72e1c686d5cb411522987a046e67b02136896a062d2ff4b0efb2186d3c050b0aFBZX versions 2.10 and below are prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker could exploit this issue to execute arbitrary code in the context of the application. Failed exploit attempts will result in a denial of service condition.
1139d7a917b3b4db146ac19726e7effe45dddb5b2933bb8ab5a30db268e6c332Secunia Research has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error when processing CAMF section in FOVb images and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in versions 3.9.140 Build 239 and 3.9.140 Build 248 running on Windows.
db72a3562dc68479de1367e98146b3c4c4222d69e61574ce70158fc840cac565WordPress WP Fastest Cache plugin version 0.8.4.8 suffers from a remote blind SQL injection vulnerability.
6aaa25369dc28e64c704e16742bd0b7ed07bbfcf0895809f6c442cf2f847c015The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.
61ddc1ecef489ff69c00edb7ed3182af444a773253d7beed708c57be0d98de12Red Hat Security Advisory 2015-2024-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
ba728604768a0c0df28ef65843d05d2e027a23be0e53aea06d777c686943401bHP Security Bulletin HPSBGN03507 2 - Potential security vulnerabilities have been identified in HP ArcSight Management Center and HP ArcSight Logger. The vulnerability could be exploited remotely resulting in remote Cross-Site Scripting (XSS). Revision 2 of this advisory.
e3de986124bc7781a67c78017f46bc742d5c4d316c59f82c1de1bf2c96f3def7Red Hat Security Advisory 2015-2023-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-28 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
8204c4136f539269868b5d6624f20d39da33294057e672ab1d22b6e8cd023552Debian Linux Security Advisory 3397-1 - Several vulnerabilities have been discovered in wpa_supplicant and hostapd.
7e43c2bd17ae645a9043f632eca787e138833e14bf068e0fbaf606a2727aaf06
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed