JPEGsnoop version 1.5.2 suffers from a WriteAV arbitrary code execution vulnerability.
a106a4b486db7909dcbee3661ab4941a5788b191b8246f580eb52671715d140fOgg DirectShow filters are distributed and installed with vulnerable MSVC++ 2008 runtime libraries.
b06efefa49fe4a839ba260c3501c2c5e9f23dfff7b6ac56b0a3f398118641d05phpMyChat Plus version 1.94 RC1 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.
d9626844cb02819f221ed1ea5a274e573e77484d4acae3b0ffe3b8d801141449Cyme ChartFX client server suffers from a vulnerability that is caused due to an indexing error in the "ShowPropertiesDialog()" method (ChartFX.ClientServer.Core.dll) of the ChartFX ActiveX Control. This can be exploited to write a single byte value to an arbitrary memory location via the "pageNumber" parameter. Successful exploitation may allow execution of arbitrary code.
5710bd2cdef00b1beebd3eb5db71e3e75a63f51295473d4c9d8eb9549ef60db6Secunia Security Advisory - A weakness has been reported in HP Network Node Manager i, which can be exploited by malicious people to disclose certain sensitive information.
1dced3b4b67d49f7c69eb9653866e06e0882bdae852c5840da317437e685ef78Secunia Security Advisory - Ibrahim M. El-Sayed has reported some vulnerabilities in OSSIM, which can be exploited by malicious people to conduct cross-site scripting attacks.
441cc0588db4e3e28728d30db8fed8ef8cc78fff52f613c94a7a398326ffaa2aSecunia Security Advisory - Some vulnerabilities have been reported in Apple OS X Server, which can be exploited by malicious people to disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.
6f9f37fcf8c287dfc0efdbddef018fb6120447ed6a2f762614c9671d8f041911Secunia Security Advisory - A vulnerability has been reported in the Commerce extra panes module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.
0547df3ce7b43b0a02c636f1ee08502a4437ae3f0e96099780494ae0dd0f854bSecunia Security Advisory - Ibrahim El-Sayed has reported two vulnerabilities in Omnistar Mailer, which can be exploited by malicious people to conduct SQL injection attacks.
5c4d95a255f82315fd6b89a2a0139a31e28ede841c78ed47a37af8b9c763d71aSecunia Security Advisory - McAfee has acknowledged a vulnerability in McAfee Firewall Enterprise, which can be exploited by malicious people to cause a DoS (Denial of Service).
261c15f53198d9718eea56e6516ff1d037383ce45eabf22bcf7ac18fa1a07919Secunia Security Advisory - High-Tech Bridge has discovered two vulnerabilities in Template CMS, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
fbba16a8bba496a81219c8c7c6f6d1305146049374000f15d826abda28783c84Secunia Security Advisory - A vulnerability has been reported in the MijoFTP component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
c5d2f5d88ab96c45973a851df2f6c46cfa1c84766d2fe225b79a5e3f7fae8f00Secunia Security Advisory - Red Hat has issued an update for JBoss Operations Network. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
bef65c8219ccbe6941009492eba8b7d28c51b66930ead160a4e6e9bb378d1d7aSecunia Security Advisory - Reaction Information Security has discovered a vulnerability in XnView, which can be exploited by malicious people to compromise a user's system.
07738acdfdc3dd5f6bcea902bfa1fdd4e07607e6b9bd68c1a01d87002fb1fdc3Secunia Security Advisory - Ubuntu has issued an update for kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service).
2a9d819cb88d74ec9e0ba8c303d461aa11f2ef57ec533119ce890fa2df0a6bf8Secunia Security Advisory - A weakness has been reported in Linux Kernel, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service).
776c9cd0da49fd97fab27ebf8c3ec4f9859cd0019828321634cd732913fd32aeSecunia Security Advisory - Two vulnerabilities have been discovered in Spider Calendar plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
da85f412d5fc6bdb16e226f45256c0f0b60a5cbb258d24c75dacd3aa531ee5a0Secunia Security Advisory - Scott Herbert has discovered a vulnerability in Zenphoto, which can be exploited by malicious people to conduct cross-site scripting attacks.
2ebf189822f6dd50256e8429d05cbb0218aa8f751c8a2281364984a2a0e83f64This Metasploit module exploits a lack of authentication and authorization on the InduSoft Web Studio Remote Agent, that allows a remote attacker to write arbitrary files to the filesystem, by abusing the functions provided by the software. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of InduSoft Web Studio on Windows pre Vista. It has been successfully tested on InduSoft Web Studio 6.1 SP6 over Windows XP SP3 and Windows 2003 SP2.
3fdafb054398a32fb8b23fd92f9caabbc9e00bce705897aaeb32c9f0b57d9a2aRFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
09c73cb29fda1b5a15f58a65deceecfdca1eeff82b18873bdec2879f8aacc9a2HP Security Bulletin HPSBMU02817 SSRT100950 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.
e9d4821f4ceaf1020b29d4d16d5b74369c66f4c26aeda5c8fae454140856e46cWordPress may suffer from a remote command execution vulnerability.
3ddeffcccbff53b5e13af69c322ebfd90f4169d91e4e3de98ef09a1c11e26077Oracle Identity Management suffers from a reflected cross site scripting POST injection vulnerability when parsing user input to the 'username' parameter via POST method thru '/usermanagement/forgotpassword/index.jsp' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. Version 10.1.4.0.1 is affected.
11ad165297c46531c1bd989c2c880dd5e46fce591848aa84984ee7c5353bca88Mandriva Linux Security Advisory 2012-159 - Stack-based buffer overflow in the cbtls_verify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long not after timestamp in a client certificate. The updated packages have been patched to correct this issue.
4bd0e5c1e1f4bac97382e07b834a7234e367cc73c4575ca442fe2b2cdbffc204Mandriva Linux Security Advisory 2012-158 - Multiple integer overflows in the calloc functions in malloc.c, and the GC_generic_malloc_ignore_off_page function in mallocx.c in Boehm-Demers-Weiser GC before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected. The updated packages have been patched to correct this issue.
88b0f00c58533372ad08311ae93c93dc5a627ff295fd192460b3e451c48ae741
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed