Yahoo Messenger version 9.0.0.2162 may suffer from an Active-X related denial of service vulnerability.
9c9f06c980115572cc48233067a38d9a26d5105b4e5a905cdbf57643c172acf9The HP ProCurve web management interface suffers from multiple cross site scripting vulnerabilities.
e57756a4a34597d8f2dd62ec80ec67f4d64fc33db533090b009807bf7f4e53ffThe McAfee Network Security Manager suffers from authentication bypass and session hijacking vulnerabilities.
b12872dd251208a1cc15c410cb1e33a05ce1ed4893ee463b09b90a098f0298b1The McAfee Network Security Manager suffers from a cross site scripting vulnerability.
09c7a1dfab50d5489985fd9b9a43cdaa64983e2cf8977b27fd6fd900163dbcceSecunia Security Advisory - Red Hat has issued an update for samba3x. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to bypass certain security restrictions, disclose sensitive information, and cause a DoS (Denial of Service).
c9d2f17b1fae25fb4d4e9f0822f346065d1e70ffd6331a87fdb6de538e838a51Secunia Security Advisory - Slackware has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data.
a5f937ebfda46dbf9cdb07c73fef01e81a914e7ae40846fce63fbbf45898d038Secunia Security Advisory - A vulnerability has been reported in HP Discovery & Dependency Mapping Inventory (DDMI), which can be exploited by malicious users to compromise a vulnerable system.
ef4a82694dd691d06b155f17cf72fbb8d72b3011743aa239d2b6df44e30b91d8Secunia Security Advisory - A vulnerability has been discovered in Home FTP Server, which can be exploited by malicious users to cause a DoS (Denial of Service).
4c1a2260efbfeb0b0d8052d4bab1839fb72e2798ec3a75164e0976d7269ad90eSecunia Security Advisory - Red Hat has issued an update for java-1.6.0-openjdk. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
ae7820847a5f50f6b8d5c8e66acd92324efe514743d1e6f203972cc7a4e55c40Secunia Security Advisory - Debian has issued an update for apache2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service), bypass certain security restrictions, and manipulate certain data.
c68379ae58b0faa87f311e32533494ba6dc3945b1c8c7ccd1c6845f3948b51a3Secunia Security Advisory - A vulnerability has been discovered in the Wikipedia Toolbar extension for Firefox, which can be exploited by malicious people to compromise a user's system.
9b3dd62f5112b7b868ff5d0a22ac9ef1539fdc8f7b545efc954f18806afb3d67Secunia Security Advisory - A vulnerability has been discovered in avast! Home/Professional, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or potentially gain escalated privileges.
8e2fc64c3bcbfc363fd360cdf5be920c323bd2096d2bbcb2308465b745da8bf0Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
1a6a878512a6930d632134eec73d30f8ee4cd5cc0bbc30801fe18c7f72f14c59Secunia Security Advisory - Secunia Research has discovered a vulnerability in Gimp, which potentially can be exploited by malicious people compromise a user's system.
ff7e4be6b62e2fa9d73dabd4a43b7866ab27e5b63c92ca6aa67e341651db0b56PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.
a0ff0a8ec79bf6713fe5bd669e6ff55f9916ec2d34e69f219fc8a3fcb182a836wtmpClean is a tool for Unix which clears a given user from the wtmp database.
d54b68ed1a2b635e4e252c69427bd57bfcb99c9e27bdbd8734c034ff9b278290Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
9be98fb1aa5e96e44095df267d89b776aa539e6dce90dd0d54db675e9a95cd80htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls.
9f2e98af019d3b5445bede40d649c0dc8245787e77eeaa688ee2285e7c7efeb0Mandriva Linux Security Advisory 2009-299 - Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.
281d6a15f383eabd030d4a0d230719306faf859d62b9cd042d5e97ddc38ec6a2Mandriva Linux Security Advisory 2009-297 - The ffmpeg lavf demuxer allows user-assisted attackers to cause a denial of service (application crash) via a crafted GIF file. FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a Tcp/udp memory leak. Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL pointer dereference. The updated packages fix this issue.
52cf9ea61bd4c6ecdc805d07ea7144e9a4e7ca015433a7ece41d5a0a0a789d34Mandriva Linux Security Advisory 2009-298 - xine-lib before 1.1.15 allows remote attackers to cause a denial of service (crash) via mp3 files with metadata consisting only of separators. Integer overflow in the qt_error parse_trak_atom function in demuxers/demux_qt.c in xine-lib 1.1.16.2 and earlier allows remote attackers to execute arbitrary code via a Quicktime movie file with a large count value in an STTS atom, which triggers a heap-based buffer overflow. Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. This update fixes these issues.
5d042dccc94ef37a7d0408f534588f6948d25d09047cfc5837da14932f9f6036Mandriva Linux Security Advisory 2009-296 - Integer overflow in the ReadImage function in plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a BMP file with crafted width and height values that trigger a heap-based buffer overflow. This update provides a solution to this vulnerability.
4ac465217e3550eff56ead3dc617eaad69ffec140bdd9145c8d1774f14777969WordPress versions 2.0 through 2.7.1 suffer from a security bypass vulnerability in admin.php.
751cbc34df5a1384e9a5e8cbac91523d1b2055903c93a05531f97a4ab2e12711Ubuntu Security Notice 858-1 - It was discovered that OpenLDAP did not correctly handle SSL certificates with zero bytes in the Common Name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.
a6024a3110c743272fbf0c499c8ca74b5389d0e98c503beef7f5a6a43719f0edTelepark Wiki versions 2.4.23 and below suffer from code execution, delete page, and cross site scripting vulnerabilities.
e05ff3e7914791681f62150cfc68fabd723e0080f71a3052bee1138a83e2fa59
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed