Ubuntu Security Notice 1462-1 - Dan Luther discovered that Bind incorrectly handled zero length rdata fields. A remote attacker could use this flaw to cause Bind to crash or behave erratically, resulting in a denial of service. It was discovered that Bind incorrectly handled revoked domain names. A remote attacker could use this flaw to cause malicious domain names to be continuously resolvable even after they have been revoked.
fbb84f8a8376f523eed4e2f4816747ef3238b74da3cc1ad2b4f06e1fc32b80b8Ubuntu Security Notice 1461-1 - It was discovered that PostgreSQL incorrectly handled certain bytes passed to the crypt() function when using DES encryption. An attacker could use this flaw to incorrectly handle authentication. It was discovered that PostgreSQL incorrectly handled SECURITY DEFINER and SET attributes on procedural call handlers. An attacker could use this flaw to cause PostgreSQL to crash, leading to a denial of service. Various other issues were also addressed.
d480f4d0c7f143e0107319fc134d8cf735ea4e8f2d1e69b46c520248589c93c4Red Hat Security Advisory 2012-0710-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers with graphics cards that have hardware acceleration enabled.
35dacc3bc54c005099a85c967e17783210b5e078aaaf9b3bef596c8289747d29Debian Linux Security Advisory 2486-1 - It was discovered that BIND, a DNS server, can crash while processing resource records containing no data bytes. Both authoritative servers and resolvers are affected.
aaff0d5dfe0a95b4be0cdbb6f1f283c8f68f1de358f21672e99d54fa43fda6f7Mandriva Linux Security Advisory 2012-087 - Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters. The updated packages have been patched to correct this issue.
59c537bfb95b209de0cd8108e1c6f0a217ece674644b5d8578659d35b090558dWordPress Nmedia WordPress Member Conversation plugin version 1.35.0 suffers from a shell upload vulnerability.
a99fb99a06b0cc005210830fb0cb4087cc7bc4ffd6518eefe0c985f530c541baWordPress WP Mass Mail plugin version 2.45 suffers from a mass mailing vulnerability without authentication.
0f4be0ffd42eb19f066e86086bff871699469bded9dcd5440d843fc3d87aa66bWordPress Asset Manager plugin version 0.2 suffers from a shell upload vulnerability.
67a7d27c6dac545194eab72a353dd9e95748a06bceda5d6f4781312dc0a3e606WordPress Comment Extra Fields plugin version 1.7 suffers from a shell upload vulnerability.
b0737c05cac6ef02beb202bc391d379661a11eea71e6dbb0e28aafae9947d565WordPress Foxypress plugin versions 0.4.1.1 through 0.4.2.1 suffer from a shell upload vulnerability.
35e016559ec456e5169af3fd047c146dfb10a7b5d5afb5dd0b5261bfd8493eacWordPress Nmedia User File Uploader plugin version 1.8 suffers from a shell upload vulnerability.
623f09e54ed81dd6c81b44c75852c3da1dc37c1bb4f0e6a387799899d26beffdStyleDesign CMS suffers from a remote SQL injection vulnerability.
9245f4296cae4d66fd3a2cd48c7e10efe9f94637f6b20f0b08aa56f45981be4eWordPress HT-Poi plugin suffers from a shell upload vulnerability.
3fb2af3e738cdb064d384f11379a7b45c392cd8b485fd1dc53e86b2446642e27Technical Cyber Security Alert 2012-156A - X.509 digital certificates issued by the Microsoft Terminal Services licensing certificate authority (CA) can be illegitimately used to sign code. This problem was discovered in the Flame malware. Microsoft has released updates to revoke trust in the affected certificates.
a80356e05b1fd45f3ba9cfe0161f5859c378c426d0475df6cfebaacf024bf076WordPress HTML5 AV Manager plugin version 0.2.7 suffers from a shell upload vulnerability.
23c3388233d137348fb26746b77193f92136d9af9171e7dfa0a7fd56faebe515WordPress Google Maps via Store Locator plugin versions 2.7.1 through 3.0.1 suffer from information disclosure, email spoofing, and remote blind SQL injection vulnerabilities.
31c1d5f297d45ac15c06cb7eb1dbdb7a479046ff9ac8bbbf91a56cb7357ef596WordPress WP-Property plugin version 1.35.0 suffers from a shell upload vulnerability.
610078d6356bc0ee8b075e933f85b5f104c907bc70d208e53236a970f4ba8e4bSielco Sistemi Winlog version 2.07.14 suffers from a buffer overflow vulnerability.
71dc0e478c018802c78851d100f2652f7e842e3e1604094dcb13528a24d8940eSecunia Security Advisory - A vulnerability has been reported in @WEB ShoppingCart, which can be exploited by malicious people to conduct cross-site scripting attacks.
eab42ce4d258d2db888b439d577da2914e41d5588b8b1bd9240977402b2d9d12Secunia Security Advisory - SUSE has issued an update for php5. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
f1f18dbbdb31ea29185091abbdbe8fce89a6798d4df4318681f98d7209f2a763Secunia Security Advisory - A weakness has been reported in Kerberos, which can be exploited by malicious users to cause a DoS (Denial of Service).
94df7e9ca098bd22a2db96ddba3f613fc426ebec7e7795705d9d8b7e416aa6bbSecunia Security Advisory - Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
de541c3a2c60d5dd0c3af63285aef20d3a8a93723cd81e1cdb74cf25e4e06b78Secunia Security Advisory - A vulnerability has been discovered in the Theme My Login plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
bd7791c5e26a1a58fa8454cf5a09fc73ed249beba8d67b339c94bc4daa36e62fSecunia Security Advisory - Spentera has discovered a vulnerability in Hexamail Server, which can be exploited by malicious people to conduct script insertion attacks.
f14d8c0d32a8165d2fd65f9246d7198b06a4936b2c4049b0b2f72ab68892a942Secunia Security Advisory - Check Point has acknowledged a weakness in Check Point IPSO, which can be exploited by malicious people to conduct brute force attacks.
ab9b5d3485a11af0fddad65952e031ae7043677dd3a5699b8f53fa0e2ca7f39a
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed