iDEFENSE Security Advisory 12.20.2004 - Local exploitation of an untrusted path vulnerability in the chcod command included by default in multiple versions of IBM Corp. AIX could allow for arbitrary code execution as the root user. Verified in version 5.2.
5fcb009b609699d12cd1c4c09eee472af26805ac0e9da8716890e671ec6d8c2aSecunia Security Advisory - Some vulnerabilities have been reported in PHPFormMail, which can be exploited by malicious people to conduct cross-site scripting attacks.
92ca82c5724daa51e197fd7a11be7504b3b88424a2a02fd722f848864636cf89Faronics FreezeX version 1.00.100.0666 is susceptible to a denial of service attack.
4b95bbec5e4d3a5fa68737e01355b32d94a3cbac1de4e9842565247e2fb05d77It is possible to remotely conduct a denial of service attack on a Gadu-Gadu client by sending special crafted messages several times. All versions up to 6.1 build 156 are affected.
319325bba63d3c3846e86ffd415a85985e53bf73e9be51eb8dbf0c244dca4f6aA cross site scripting flaw exists in the Workboard 1.x module for PHP-Nuke.
1e9c560f0a1da8a7dede76d12d2021a3fb4a1deddc1905c10f9eae07941e85b9Secunia Security Advisory - A vulnerability has been reported in ArGoSoft Mail Server, which can be exploited by malicious people to conduct script insertion attacks.
baa6d38e27b266b7c196e409d7afc0f2dfc3a89c61bac22ad7d003004b1f30bdGentoo Linux Security Advisory GLSA 200412-21 - Multiple overflow vulnerabilities have been found in MPlayer, potentially resulting in remote executing of arbitrary code.
747c5835ac16bc7e325b87fef9cd14c3d309bad7cdf92fa9b79ebdcb5a813d62Various vulnerabilities exist in rftpd2 and rpf 1.2.2.
2ed7f2d3bc39db9d613a507fce37b089494a62dcb4dfa22d782fc9823f7b8131KDE Security Advisory: Two flaws in the Konqueror webbrowser make it possible to by pass the sandbox environment which is used to run Java-applets. One flaw allows access to restricted Java classes via JavaScript, making it possible to escalate the privileges of the Java-applet. The other problem is that Konqueror fails to correctly restrict access to certain Java classes from the Java-applet itself. All versions of KDE up to KDE 3.3.1 inclusive. KDE 3.3.2 is not affected.
2ed5ada9061438c8f6796da3847fe6c906ed5e2cd6dc24c94bc73b1a1b3d2856Tlen.pl versions 5.23.4.1 and below suffer from a remote script execution vulnerability.
e8ca200d31b825e6ab2973601348deb5fb5ffa6c0c79b7ae7681ef26fa074147Debian Security Advisory 612-1 - Rudolf Polzer discovered a vulnerability in a2ps, a converter and pretty-printer for many formats to PostScript. The program did not escape shell meta characters properly which could lead to the execution of arbitrary commands as a privileged user if a2ps is installed as a printer filter.
b7d1671381767fda539331d6422257d72f2e054e15ea8637476d61b928dcd473HP Security Bulletin - A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. Affected versions are HP-UX B.11.00, B.11.04, B.11.11.
d8ef72d09d9f76a79ac2bb34ee9f9261bf8e887a3660036d2bf151384a01fb3fDebian Security Advisory 611-1 - infamous41md discovered a buffer overflow in htget, a file grabber that will get files from HTTP servers. It is possible to overflow a buffer and execute arbitrary code by accessing a malicious URL.
511fb334e4db231517cbb485ce524703f96e7f54faf131445aa81bad7591e658A buffer overflow in UnRTF version 0.19.3 may allow for system compromise.
ed8e15b1ff29f2b48ade8b0266ace04da74771910cada6b1022271ca4515fc76A buffer overflow vulnerability in the YAMT 0.5 id3tag_sort() function can lead to a system compromise.
1c71d04732d85755d294beb6c3cb7d2555831537db575c19bf857787cdad2df5Vilistextum version 2.6.6 is susceptible to a buffer overflow in the get_attr() function.
3647ccca69811067c47b4f3ca914498ff7ba6d96d57aa902ef52f5d4d65c7f20xlreader version 0.9.0 is susceptible to a buffer overflow condition in the book_format_sql() function.
24823c2b3a25e369e195d3e131c64fa7dc46b58fb25a2375c5797b7a36fdb1c9A buffer overflow in the vb2c 0.02 parse() function allows for system compromise.
71cadaf06edac8de52c4c0639698cb6e06a9945c1355327b359fc56a7bcdffeauml-utilities version 20030903 is susceptible to a denial of service vulnerability via the uml-net utility running setuid root and being able to take down the system's ethernet connection.
7865d6b62e1c5ca1c01ea1e07943af6e336d6ed25181b424183688b18bcc1236Buffer overflow vulnerabilities in the getline() and get_holiday() functions of Pcal version 4.7.1 may allow for system compromise.
c81e9520fea6b7e040203920de07de941f9a4423b4a4dd6af30cd1cfcf986f1cMeshViewer 0.2.2 is susceptible to a buffer overflow vulnerability in the Mesh::type() function.
48c500c50c1bdc659ae3eb5f23851995fdf87cfd73bdce583224eebeb01ecb60NapShare version 1.2 is susceptible to a buffer overflow in the auto_filter_extern() function.
9f6268214b9c62aab2bae9c43665803556fe9133330989fdc005d563fb473609Ringtone Tools version 2.22 is susceptible to a buffer overflow in the parse_emelody() function.
0913841787d40062b8ee4df0ada5efe1147d121c51613149421228d9de960439LinPopUp version 1.2.0 has a buffer overflow in the strexpand() function.
d31de35666d78f705405cfb23c8c4a2a6ffc96ab00efea6d5a9f7692f2a7ccb4o3read version 0.0.3 suffers from a buffer overflow condition in the parse_html() function used when parsing HTML content.
db690ba8a5fb9f6261dc6bc447acbbda88abdeeb6d4898680a7bcd3cc9f2c0e1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed