Mandriva Linux Security Advisory 2012-128 - A stack-based buffer overflow flaw was found in the way bash, the GNU Bourne Again shell, expanded certain /dev/fd file names when checking file names and evaluating /dev/fd file names in conditional command expressions. A remote attacker could provide a specially-crafted Bash script that, when executed, would cause the bash executable to crash. Additionally the official patches 011 to 037 for bash-4.2 has been applied which resolves other issues found, including the CVE-2012-3410 vulnerability.
ded651ae3fb8a40f05143e18cd58c2e666fadd104e5caa2a2f8e3f23bba5151fArasism (IR) CMS suffers from a remote shell upload vulnerability.
c7df3b543650230be10109cf9ed2f937f260e33d288ca3394342ee8650b5fb28Cyclope Employee Surveillance Solution version 6.0 suffers from a remote SQL injection vulnerability.
bd0909c3e422bbfd18d2ea996c369f5da57e023725ed14f2b97843f25e7ef12aThe Joomla Fireboard component suffers from a remote SQL injection vulnerability.
8d0c501fd44b32f026ce7af1a5f8051a166362be2831982e2e13f188b4977cdbFlogr versions 2.5.6 and 2.3 suffer from cross site scripting vulnerabilities.
e563a6e62d273e7156eaf1960998c6211c0640e0fbec4ba1516ffb8425c37086Ubuntu Security Notice 1526-1 - It was discovered that KOffice incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
43e88c37453c69867d815481a625315c78eea69767bddb4042378d1de7526dc2Ubuntu Security Notice 1525-1 - It was discovered that Calligra incorrectly handled certain malformed MS Word documents. If a user or automated system were tricked into opening a crafted MS Word file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
a534bf03e4f3fd9b5adceea60563dbe513a9895d51f11e031ad46c5e6a4e72c4Sananet CMS suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
376e8258e28e1cca47b9ee6246bca97d1a0f4d4a2c9bedfdf4a87a002da7b226Secunia Security Advisory - A vulnerability has been reported in the En Masse component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
60a963331192fcc92f50d2f9dd3c437bf5576a63b0c1cf60843bf0062447a34dThis Metasploit module exploits a vulnerability found in NetDecision 4.2 TFTP server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context of user executing the TFTP Server.
0d13cee7943b511e1894639ec337c177f0900b866756b484b6bf6fa8eab38bedDrupal Mime Mail third party module version 6.x suffers from an access bypass vulnerability.
b0a039f3f8e50612edc18654e3f08fa0768e7cce033393312917b22dddb2ce6fDrupal Shibboleth Authentication third party module version 6.x suffers from an access bypass vulnerability.
e56e802811cdc559b6dff8457f24a6cff5246f7478e4aea1adf2290a3508efecDrupal Better Revisions third party module version 7.x suffers from a cross site scripting vulnerability.
706f0cf2a00a465418ab1fd8ca4abfcb890a16db89f027f30d26c3c20d1b13acSecunia Security Advisory - loneferret has reported a vulnerability in the Postie plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
9104eb2fe16306c11ec227c41c5d34b5455bd5076fcbee6902d7b238037f7853Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.
a8db0f30b9271f122f48329f760cb003e0fa1324a73e9ab0ac9e0d5b7ffcb8a1Secunia Security Advisory - loneferret has discovered a vulnerability in ManageEngine Service Desk Plus, which can be exploited by malicious people to conduct script insertion attacks.
4b576f909e08c470239259f64d977553f3e5fa4e4a72ed165b1d7a788f36a797Secunia Security Advisory - A security issue has been reported in EMC Lifeline, which can be exploited by malicious people to bypass certain security restrictions.
5da7f9a81fe7255ecce8519f8d252071fd8be51983df7f74245222c8b3ab7027Secunia Security Advisory - loneferret has reported some vulnerabilities in the SimpleMail plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks.
f83e5e65043670becdc42a9b437540aa6f27a980121590167a6dcb2bdef541bfSecunia Security Advisory - A vulnerability has been discovered in SurgeMail, which can be exploited by malicious people to conduct script insertion attacks.
1ea0e404fe2864aee2054b13929507c751d48590f8f6bd8f521a88568eb84aceSecunia Security Advisory - A vulnerability has been discovered in SmarterMail, which can be exploited by malicious people to conduct script insertion attacks.
3f5608ec4dbfea645beb2b22ad9b62864b4c15427459039d6d1f2e563caba091Secunia Security Advisory - A vulnerability has been discovered in EmailArchitect Email Server, which can be exploited by malicious people to conduct script insertion attacks.
4e11e7a9ac1ac880cbf8adb48cf09c3e89639b5fc8d50a0d4565969456e92630Secunia Security Advisory - Some vulnerabilities have been reported in the powermail extension for TYPO3, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site scripting and SQL injection attacks.
0c65fe588d266494acdb6b788c9e15fc674c007333703c8929661a8f23164a16Drupal Short URLs third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.
2338b653ebbdca2d0e36655118d648626d3e1f46b55c30aef10e28f14326d139Drupal Chaos Tool Suite (ctools) third party module versions 6.x and 7.x suffer from cross site scripting and local file inclusion vulnerabilities.
12064a3019b369f44e0d7a14cf85b3ca9fa4586cade8f60da291fa6cfddc03aeThe Solaris 10 137097-01 patch suffers from a symlink attack that will let a user clobber a root owned file.
13b5efe587e83e9d28fceb6ebe9f80bdd07ca9622ef7767e9ebb53b9c4b62f13
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed