Debian Linux Security Advisory 2275-1 - Will Dormann and Jared Allar discovered that the Lotus Word Pro import filter of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft(R) Office, is not properly handling object ids in the ".lwp" file format. An attacker can exploit this with a specially crafted file and execute arbitrary code with the rights of the victim importing the file.
1ea42de843890c6bd938dcc7d43f275e5fc0623819eb73e3698cbbf6938f2eebSpokane Web Communications suffers from a remote SQL injection vulnerability.
c51452ce03dd0f8b662430c18205496c2b3f8c6e31a9f481b3d0b1011ae30995Avaya IP Office Manager TFTP server version 8.1 suffers from a remote directory traversal vulnerability.
61c8fa884c812aabc7ad31ba5fe8b8c9e7716e766d7d6d4842ee6df0358ea666appRain versions 0.1.3 and 0.1.4-Alpha for both the Quick Start and Core editions suffer from multiple cross site scripting vulnerabilities.
52dd436444b837a85cbfd4a287fbb817919e848eaff7f9d393464836a3a9b5b2ZipWiz 2005 version 5.0 .zip file buffer corruption exploit.
4b5450a363e14a592d0ed687cb885ce1195d79774bd07bb105a95f6cc6374584Whirled Serpent suffers from a remote SQL injection vulnerability.
28ee29578e51d598bdbdeb2c80bed253db6c6ca52bd3bef7555d82ab86492bf2Realty Listing System suffers from a remote SQL injection vulnerability.
199690c0dda3a1454d5e265162463fb84a02e38f2de27c4ca0813bdd2adf4eeeSecunia Security Advisory - A vulnerability has been reported in Symantec Web Gateway, which can be exploited by malicious people to conduct SQL injection attacks.
986b72fa611cd314c22d8ffbf90da68a017a9c6a1a48c653c342802f08049911Secunia Security Advisory - A vulnerability has been discovered in Microsoft Visio, which can be exploited by malicious people to compromise a user's system.
e90f822237574e89bc9566e09b1e1d6192c945b61dc7f8489990efc3e14fe4e0Secunia Security Advisory - A vulnerability has been reported in Aruba Mobility Controller and AirWave, which can be exploited by malicious people to conduct script insertion attacks.
1571c186941df6842280034d2d7213b7774055865224181eba19b4870d3b3262Secunia Security Advisory - Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
e4480c0c6d2ffd3aa93b2530bbae61252c0e0c994341fc303feecc95529b1610Secunia Security Advisory - Multiple vulnerabilities have been reported in MariaDB, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).
7beb48b17101f6ddc1c61ab302f56afa886b8bd60237bfda8d46fa0bce779272Secunia Security Advisory - Red Hat has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
9d4e10d7cfc156d0115906d02e5211c876630450150b06af9de465e0a4784cbeSecunia Security Advisory - HP has acknowledged a vulnerability in HP Business Availability Center (BAC), which can be exploited by malicious people to cause a DoS (Denial of Service).
44b9bc4f49fdc06293a2f55d9bdb79507266fababb0d0bb95d22084686fea97aSecunia Security Advisory - A weakness has been reported in Aruba Mobility Controller, which can be exploited by malicious people to conduct spoofing attacks.
099c943843bff7ac69a018836d517965aabd4b17eb506c211537ccbd352c30c8Secunia Security Advisory - Debian has issued an update for openoffice.org. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
76d2289a1027329b60408f2e3c5f425d8f13ea8beedecf81b0dd1f2487c930d0Secunia Security Advisory - A vulnerability has been reported in FreeType, which can be exploited by malicious people to compromise a user's system.
8c619fae91c8214db614a330358647b72cccd4e53a4c6c5d175f0a60e6d2479fSecunia Security Advisory - Some vulnerabilities have been reported in the Global Flash Galleries component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks.
6be3e62d034df7c1c1c15e6db7ade93f1ae878f75e28250451ef2d4cc3353e77Debian Linux Security Advisory 2274-1 - Wireshark packages have been updated. Huzaifa Sidhpurwala, David Maciejak and others discovered several vulnerabilities in the X.509if and DICOM dissectors and in the code to process various capture and dictionary files, which could lead to denial of service or the execution of arbitrary code.
2e759c091207431ba7ec3a25ef20e3b921b32fd2d87ada68fdcb7887ba58e1e5Red Hat Security Advisory 2011-0926-01 - Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially-crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion.
7c572d6a3c08b098770bd23a3f0721fcd568929289220f336f98464ace956f88Aruba Networks Security Advisory - A persistent cross site scripting vulnerability was discovered where an attacker could plant an AP with a maliciously crafted SSID in the general vicinity of the wireless LAN and might be able to trigger a XSS vulnerability in the reporting sections of the ArubaOS and AirWave Administration WebUIs.
65c13bb632da606e6926e7c096d0d669b1d42968ee06e8bf0e6aa05eb4863634Netgear VMDG480 routers suffer from a cross site scripting vulnerability.
1b16df491d8e4181e33fccd769433b2023999d9e29ba0c143c4848ec03301e32phpFolio Script suffers from a remote SQL injection vulnerability.
dcb538983e50baf7519afd1bd2a5c436d59d7b6ce6120f742ad9a7215c5bb718Zero Day Initiative Advisory 11-233 - This vulnerability allows remote attackers to inject arbitrary SQL on vulnerable installations of the Symantec Web Gateway appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the username parameter of POST requests to the forget.php script. The parameter is not sanitized and a remote attacker can abuse this to inject arbitrary SQL into the underlying database.
87203ae1cbdf2e7d69bc6bc2e98651528d00f21540ac1ec7b2898b9546e99dcbHUGE-inc Portal suffers from a remote SQL injection vulnerability.
5f9954670e00e9f0e1ac035f84b2c5f6298123e4e8f83ca50d854cf3430d90a4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed