Secunia Security Advisory - rPath has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
1cdf77be5fc80f87f27adddaac25ab7e2dbe7eb4ed8a6a538713d2a36ede6d64Secunia Security Advisory - Some vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system.
f300c65b124b3ca9733ec6912de0dae0bb53dab4df05a27d26cb63df7b27df84Secunia Security Advisory - A vulnerability has been reported in the mod_imagemap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
330b9713df36378f2a40108e82bc6027b222db8c9f15f177024ca2ce7f2d730dSecunia Security Advisory - Sun has issued an update for Adobe Flash Player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
c19a10851fd7e27becc65857bc5a02112ead453d7dbf8f8ea1750b8bf2eca31dSecunia Security Advisory - A vulnerability has been reported in the mod_imap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
4e3d2b78c500d7082ed45251c63599f1ecffca1601e83413484b755647702bf5iDefense Security Advisory 12.11.07 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s DirectShow could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability exists in the DirectShow SAMI parser, which is implemented in quartz.dll. When the SAMI parser copies parameters into a stack buffer, it does not properly check the length of the parameter. As such, parsing a specially crafted SAMI file can cause a stack-based buffer overflow. This allows an attacker to execute arbitrary code. iDefense has confirmed Microsoft DirectX 7.x and Microsoft DirectX 8.x are vulnerable. Microsoft DirectX 9.0c or newer is not vulnerable.
13a7ee86d40260d7b3d9c10a605bff89d2993050d850639780f669cac844978ciDefense Security Advisory 12.11.07 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Internet Explorer web browser allows attackers to execute arbitrary code in the context of the current user. The vulnerability lies in the JavaScript setExpression method, which is implemented in mshtml.dll. When malformed parameters are supplied, memory can be corrupted in a way that results in Internet Explorer accessing a previously deleted object. By creating a specially crafted web page, it is possible for an attacker to control the contents of the memory pointed to by the released object. This allows an attacker to execute arbitrary code. As of April 5th, 2007, iDefense testing shows that Internet Explorer 6.0 and Internet Explorer 7.0 with all available security patches are vulnerable. Older versions of Internet Explorer may also be vulnerable.
c6eea38816e48a936133434a4c88c56569839a288fc99a9ce562f7da2a25286fOpenStego is a command line tool for image based steganography. It supports embedding of messages or files in 24bpp images.
70d4810016f6ecbd3952e4b56dd605464abec63ae0de90b3a1da93656c6078efHP OpenView Network Node Manager version 07.50 CGI remote buffer overflow exploit that spawns a shell on tcp/4444.
c1b6e6242b27a389d95d0a8c0c0d9590bc8a620c50eb280474996d727d7eb991ViArt CMS version 3.3.2 suffers from a remote file inclusion vulnerability.
af61702e2b2d46714e69be47e6601e288f50f688896861e4dc953ee74183d80aFastpublish CMS version 1.9999 suffers from a remote file inclusion vulnerability.
8121b87c6f07bbfd58cfec51bd995f07ffc5eb537a456dc26329e4e099e960a6Apple Mac OS X xnu versions 1228.0 and below local kernel denial of service proof of concept exploit.
2e323cf33386194c54a2790669544766a133c7ce2d5fe0d3c4fa8fcb19efa821Aanval Basic is the light-weight alternative to the full Aanval Snort and Syslog. Aanval is the leading web-based snort and syslog interface for correlation, management and reporting. Capable of handling more than 1+ Billion events, Aanval has been protecting Domestic and Foreign Governments, Fortune 50 Enterprises, Global Financial Institutions and local Small Businesses since 2003.
73bfe4b4422d3aa8e5ce118dd92f64cebbf6006890865f70a90fcbcaea004533liveSnort is a simple, yet useful live Snort monitoring web-application that takes advantage of AJAX/Web 2.0 technology to make the task of monitoring and viewing the most recent Snort events easier.
d5b75b73400e717779267dbf83931f39b62e7497234ee0b4185d56689fb5b9f6Microsoft Office 2007's digital signature protection does not protect meta-data.
380ee7d304ea3c18807fc2b575f41178ba4068e6610e881e7766079f48ba29baSUSE Security Announcement - The Samba suite is an open-source implementation of the SMB protocol. This update of samba fixes a buffer overflow in function send_mailslot() that allows remote attackers to overwrite the stack with 0 (via memset(3)) by sending specially crafted SAMLOGON packets.
d44ee78d410a101198a5f8deb694eeb8e59ccfddd09e6aef980ed4fadcc4896bDebian Security Advisory 1428-2 - Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code.
d208aaafcdf71649d5f5d53804b2a9df4f4a595a2e6095dd3483d2570b3018edSecunia Security Advisory - Red Hat has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
2b7f2ea6fbee3832e4837b8a5fd69a0ddd31d6676ea6e6f8a6ed7a8c6ad2b985Secunia Security Advisory - Slackware has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
05066affd8c2e30e7b211f1e9aa827d5a91226640e82d57459e637ff2032fb40Secunia Security Advisory - Debian has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7fef13e90bf64fa6866065f71556cf19331a069760e5e67d3e08475603dc155eSecunia Security Advisory - Dave Lewis has reported a vulnerability in Websense Enterprise and Websense Web Security Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
e219e78c3114e6f35c8781225de5e891cbe648b101b27644603ada228bf5bdf8Secunia Security Advisory - Multiple vulnerabilities have been reported in IBM AIX, which have unknown impacts.
bd70f4932169f06cc738a80b5b2934f9c58e451adeec28669f4a4aff4f4d0877Secunia Security Advisory - A vulnerability has been reported in Red Hat Enterprise Linux, which can be exploited by malicious, local users to gain escalated privileges.
f8347024ba4bb1ec5bd033057f6d9aa32a0f90732aeb17d2fb09658d3a159885Secunia Security Advisory - Debian has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
500a6a196801265ed0a0ae81e5e17bd1fc3ef9a377bbd3646850423a7001be44A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows with the Message Queuing Service enabled. Authentication is not required to exploit this vulnerability. The specific flaw exists in the RPC interface defined on port 2103 with UUID fdb3a030-065f-11d1-bb9b-00a024ea5525. During the processing of opnum 0x06 the service copies user-supplied information into a fixed length stack buffer. Sending at least 300 bytes will trigger a stack based buffer overflow due to a vulnerable wcscat() call. Exploitation of this issue can result in arbitrary code execution. Affected versions are Windows 2000 SP4 and Windows XP SP2.
7ad73b80c43474accf67595197f54a090063d04177565333581b8946b1c2a6f3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed