Secunia Security Advisory - A vulnerability has been reported in YABSoft Mega File Hosting Script, which can be exploited by malicious people to compromise a vulnerable system.
e0ab112fb953dc8e4b8d22544b77f3f57ed7849673b7721deeb35aa8df5327b7
iDefense Security Advisory 03.17.09 - Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user. This vulnerability exists within the "wp6sr.dll" which implements the processing of Word Perfect Documents. When processing certain records, data is copied from the file into a fixed-size stack buffer without ensuring that enough space is available. By overflowing the buffer, an attacker can overwrite control flow structures stored on the stack. iDefense confirmed that this vulnerability exists within Lotus Notes 8 installed on a Windows XP SP3 machine. All applications which utilize the Autonomy KeyView SDK to process Word Perfect Documents are suspected to be vulnerable.
b937ed5f21b2e4393b8c522f7c8752591ab0f7291ae5ffefd1340932bb43c9c1
Gentoo Linux Security Advisory GLSA 200903-31 - A vulnerability in libcdaudio might allow for the remote execution of arbitrary code. A heap-based buffer overflow has been reported in the cddb_read_disc_data() function in cddb.c when processing overly long CDDB data. Versions less than 0.99.12-r1 are affected.
a3a8c31aeb59cd4c415c9380463abc1d37339199f86674332465a060c8b51555
FubarForums versions 1.6 and below suffer from a critical file disclosure vulnerability.
1ca8ea032d5342e71fb58f2640ef03059e3b8a75dd3f53e6188e3d080d63a5b2
FireAnt versions 1.3 and below suffer from a critical file disclosure vulnerability.
e36803ad299e50093e36b4c4b8f1765e50f0c1d759e12ed87c496a61002cf2e1
chaozzDB versions 1.2 and below suffer from a critical file disclosure vulnerability.
27f1f1f5b6da1e75ba3889e5330340981c20989251cd48c7fa08a70bbd2159a0
The Wordpress fMoblog plugin version 2.1 suffers from a remote SQL injection vulnerability.
222989819229eac2238d467aef6ceb288bddab7793a1b17d882210878ba094a6
The Mega File Hosting Script version 1.2 suffers from local and remote file inclusion vulnerabilities in cross.php.
92eb2aeaf6c1c925324cea83963af697357f08f2890e69ebb192e5a570a08cd6
Ubuntu Security Notice USN-740-1 - The MD5 algorithm is known not to be collision resistant. This update blacklists the proof of concept rogue certificate authority as discussed in http://www.win.tue.nl/hashclash/rogue-ca/.
eb367d093282e2aea29c25b42f290e84f8b6811f89c1340744adea36f034a6b3
Ubuntu Security Notice USN-739-1 - It was discovered that Amarok did not correctly handle certain malformed tags in Audible Audio (.aa) files. If a user were tricked into opening a crafted Audible Audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
136b88006950f873fe8ef3669adbc936dbf4292ef36abd6a0343af73f774ec23
The Cpanel file manager in version 11.24.4-CURRENT suffers from multiple cross site scripting vulnerabilities.
3cb9b9e490ecf0caa4e07b03f6a0c8a3b9f005a459d46096dd04acb34cadc31d
The HP LaserJet web management interface suffers from cross site request forgery and insecure default configuration vulnerabilities.
57f014c142d2ed6d34415ced0e89ebbe42259af4291756e1337c57f0ff359dc5
GDL version 4.x suffers from a remote SQL injection vulnerability.
c9ee69a33d17f6fba5b12ec8fecf9f4ab3887f8da011359be6a781607b67c99b