Massting is an AJAX chat service that is susceptible to arbitrary javascript insertion attacks.
8774189129cfc217eed82a81d9b22431ced95554d277d26722651f6c47adcf91MoniWiki version 1.1.1 is susceptible to cross site scripting attacks.
487e192f01087c3d13dcfbf292b650cf6268d21a281e91b59932f342c396a06eThe Ahnlab search engine appears susceptible to cross site scripting attacks.
19433cdfea737eb71923c9ad50f2bb50eef396fff56c7b689d97ebe27c30e422Gentoo Linux Security Advisory GLSA 200606-30 - The iax_net_read function in the iaxclient library fails to properly handle IAX2 packets with truncated full frames or mini-frames. These frames are detected in a length check but processed anyway, leading to buffer overflows. Versions less than 0.8.5_p1 are affected.
81b05ce4c4aebb8684998fbbba6904a7c945539ace3fa76f64c7d233482e8f3cThe NCP VPN/PKI client version 8.30 suffers from a UDP bypass vulnerability in its provided firewall functionality.
0e50b70bed9f72501c61a0a43c6b1d570b5941d9c2d3be52bf78cf23a278143adeV!Lz Clan Portal remote SQL injection exploit for versions 1.34 and below.
c5dd32871e1e10f65f7092a18b061ff64e62c4b4bc773f63a5d71150953ca251Stud.IP versions 1.3.0-2 and below are susceptible to multiple remote file inclusion vulnerabilities.
dcc124a35d4b99a6c8ba47e6f00b65eefcd21b0a638a25a17b75b0cffbd7f6e0Plume CMS version 1.1.3 is susceptible to a remote file inclusion vulnerability.
dae5c339067cfd24b72b48787bf954e9f3d5ca9ffd2b1a167d8304c675e34904Microsoft RRAS RASMAN Registry stack overflow Metasploit exploit that makes use of the vulnerability discussed in MS06-025.
a7aedb2c3eea8e488a3e772cf3679c7965abbe0c0bce99960ca234e4a621aa33Proof of concept exploit for Mac OS X versions 10.4.6 and below which are susceptible to a vulnerability in launchd's syslog() function. PPC version.
219477bc10fd86f44e79866b7a5a535c7bfad56e533185cc869da47f54021bdflibwmf version 0.2.8.4 has been found susceptible to an integer overflow in memory allocation that leads to a heap overflow.
bd8dadf074afb77c1e1dcaff5970a2d24b3b85d8a32148d37d67bb55551bbb06Debian Security Advisory 1104-1 - Several vulnerabilities have been discovered in OpenOffice.org, a free office suite. It turned out to be possible to embed arbitrary BASIC macros in documents in a way that OpenOffice.org does not see them but executes them anyway without any user interaction. It is possible to evade the Java sandbox with specially crafted Java applets. Loading malformed XML documents can cause buffer overflows and cause a denial of service or execute arbitrary code.
deaefe6a689b0fc91e62a203448262cff8dbb4cb8432ae2e8ca49302d8c8b26fezWaiter version 3.0 is susceptible to cross site scripting vulnerabilities.
2b095c8ba268fd981b548afbf804ff0ba9f2b678f69869d800766cd38d2bfe93HP Security Bulletin - Potential security vulnerabilities have been identified in Perl 5.8.2 and earlier running on HP Tru64 UNIX. These vulnerabilities could be exploited by a local user to execute unauthorized code.
d23a8ee6f8d087198ee77c28904792640cf69c9be7a9730cfe5d3211938739c9Novell Security Announcement - A security vulnerability exists in the GroupWise Windows Client API that can allow random programmatic access to non-authorized email within the same authenticated post office. Affected Products: Novell GroupWise 5.x, Novell GroupWise 6.0, Novell GroupWise 6.5, Novell GroupWise 7, Novell GroupWise 32-bit Client.
6658eb77abb7d3e6b4e2686bc733dc0e41b332b2f8cc43e5d0387dc1cd8ea2e4Softbiz Banner Exchange Network version 1.0 is susceptible to cross site scripting flaws.
c17afb16b6ef40bf64663b67c05c0a7df75e0aeafdd967676279e2f8e9c83701Secunia Research has discovered some vulnerabilities in phpRaid, which can be exploited by malicious people to conduct SQL injection attacks or to compromise a vulnerable system. Versions 3.0.4, 3.0.5, and 3.0.6 are affected.
beef01385464473240bd9b603ae42c76d7b04f74bbe01d935c99809f807eaa26News versions 5.2 and below remote SQL injection exploit that performs arbitrary command execution.
7fa0ea9819fe5c86474b56680195b1d342dc218c728d8cd56f5654499f46ba9eNewsPHP 2006 PRO is susceptible to multiple cross site scripting and SQL injection vulnerabilities.
45870cacc07de85907fe00a61dea7b2830c862439b9b62e10ee3da3d937b7863Speedstream routers have UPnP/1.0 support. An attacker can access protected files and bypass the password protection without logging in using the UPnP part of the tree.
adcbe15b0873b77fb9f2f8bf776bd17519a1fda5e7ba3687a950a745bd51a80eGentoo Linux Security Advisory GLSA 200606-29 - Tikiwiki fails to properly sanitize user input before processing it, including in SQL statements. Versions less than 1.9.4 are affected.
abd8d7cefc568784ec38b358455748d65517ca129339a9ee1f554b5007fc2703Gentoo Linux Security Advisory GLSA 200606-28 - Michael Marek discovered that the Horde Web Application Framework performs insufficient input sanitizing. Versions less than 3.1.1-r1 are affected.
7efa420895759d1944d66c09922ff0dbf620b79c1bc88f505554933948705ad3PatchLink Update Server 6 is susceptible to a SQL injection vulnerability.
a9562f75995902c038a402621f56c40b5a748c4ef10be8a5af997407f9d6ec0eProof of concept exploit for Mac OS X versions 10.4.6 and below which are susceptible to a vulnerability in launchd's syslog() function.
dda0b65f359384ab350d9017041509539f3b96081550de30781a83c0f6e82742Mac OS X versions 10.4.6 and below are susceptible to a vulnerability in launchd's syslog() function.
ebe05c1d233358f6cc47cf20ff34ce80da5d2fbaea89f2ca9ece03f88113cdf0
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed