ZDI-06-017: Microsoft Internet Explorer UTF-8 Decoding Heap Overflow Vulnerability
237546bb002804e9744bc9da4f931f35c7fce70ccc6280ddbe88e15a60275535National Cyber Alert System Technical Cyber Security Alert TA06-164A: Microsoft Windows, Internet Explorer, Media Player, Word, PowerPoint, and Exchange Vulnerabilities
4665aa5d84884586dccd695a6dd2fa08cedd6d5a08952ab3a0f0a051f2c3c6a9Debian Security Advisory 1096-1: A vulnerability has been discovered in webcalendar, a PHP-based multi-user calendar, that allows a remote attacker to execute arbitrary PHP code when register_globals is turned on.
a92071a706d7fd7176114c8efdca4577931f6f847437bacc5c903eaf66040308iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MRxSmbCscIoctlOpenForCopyChunk Overflow
1ff5c523afaed6fdc2fbce1b539f61b6067605d19bc45d44500f623cfa4fff61iDefense Security Advisory 06.13.06: Windows MRXSMB.SYS MrxSmbCscIoctlCloseForCopyChunk DoS
5c263ae185ce3f5794f8c2c236dfe6db54faac6fa6d5575a57f908e08d88c054iDefense Security Advisory 06.13.06: Microsoft Internet Explorer ART File Heap Corruption Vulnerability
e79d8dbd239673656aebb04ab64adc490f2723f51b0f55bde602259455d8047fiDefense Security Advisory 06.13.06: Windows Media Player PNG Chunk Decoding Stack-Based Buffer Overflow.
a7f3228661730d98a8bcab15060857f553e8606f21a4a226e8ff911f25225da8In Windows XP, the task scheduler service runs as "SYSTEM", so if an ordinary user has access to the scheduler they can become an administrator.
29173531c65d43e6210eaaddd378d2be9ca201c234205f2d657fb81b27385a41In PHP 5.1.4 it is possible to create a file with any name by exploiting a vulnerability in tempnam().
bab989edac8b4f3f2fbf7e79979276e58536f687cf9acdf27e2821d3ca064565Content-Builder (CMS) 0.7.5 suffers from a flaw that allows for remote command execution.
437aee474cf5b0652f4cbd173aa3119233d6255e04fae5396bd98eaf60d404e1igloo DoubleSpeak v 0.1 suffers from multiple remote file inclusion vulnerabilities.
7ceb5352bf2f70dbc50028ee5c449fe2066d2350ad2eaf8f42b7b9318c7fe03aFSA:011: AWF CMS 1.11, Remote command execution.
8e672eedf452e70aa2109ed32dce0e0fefd9ce6750d2f439963446bca8373713CS-Forum 0.81 and prior suffer from XSS, Full path disclosure and SQL injection flaws.
7d7546f688e7b3250812cd4180b1350d36de5342664f6cc7445018a54aa7910e[KAPDA::48] CopperminePhotoGallery 1.4.8.stable suffer from a SQL injection vulnerability.
90a2a4f42692f300590ee2c1c95bf22b8f9125457f74592ab00dbec78d285e26RCblog 1.03 suffers from a directory transversal vulnerability.
b4c9a909dbddb6dd80764fe524bb18e45209423acfe5ac88c4eba0307f96fc57ThWboard 3.0 suffers from a SQL injection vulnerability.
251cfb936451cedca8f29e3826ef145ced4d0131e5476b76ee732ac42ef90c5bPHORUM 5.1.13 and prior suffer from a remote file inclusion vulnerability.
bd3fee74a535708a715a9e691eeab6340fe791599f51da971e2fe7f782c629d0PhpMyFactures 1.0 suffers from XSS, SQL injection, and full path disclosure flaws.
c3b32d057237e3298f829cccbcf994757d4568185da36106fd42459c73867083ImageVue Gallery 16.2 suffers from a file upload vulnerability.
67a56068ef6a03983f69dbef8228de12f78e112dc90fe9a1cac8504782d824a6The Dell OpenManage boot cd starts up a SSH server that allows passwordless login in addition to running an X server that accepts connections from anywhere.
c2b5c66e51e800559e8bb08bc4e4ed9cdbb5f5d645b9d4d576bb6477643c00d0Mandriva Linux Security Advisory MDKSA-2006-100: A vulnerability in gdm could allow a user to activate the gdm setup program if the administrator configured a gdm theme that provided a user list. The user could do so by choosing the setup option from the menu, clicking the user list, then entering his own password instead of root's.
1052f4e3e540d537ffb63a7599d5134665bad35a14c46f16510b09ae5571e803Mandriva Linux Security Advisory MDKSA-2006-099-1: Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
585c42c3309229bc77eeeaae21c796cb78e4d404eccafb77a853b67dec792b11Mandriva Linux Security Advisory MDKSA-2006-099: Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing by 2 in a context that assumes an even number of values.
59f30d98e68f6fd04fef926cb60ee8031e55a3846fdd16dd7228efc722ba9232Gentoo Linux Security Advisory GLSA 200606-09 - When spamd is run with both the --vpopmail (-v) and --paranoid (-P) options, it is vulnerable to an unspecified issue. Versions less than 3.1.3 are affected.
b525842925fba041ca7e72a58eec590e98ed8945b49fd245351c41fef615eeb2Gentoo Linux Security Advisory GLSA 200606-14 - GDM allows a normal user to access the configuration manager. Versions less than 2.8.0.8 are affected.
21f2dbd6c58fd241a675df22c996acfa237b1212b191f1b3796b04e047df013f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed