Red Hat Security Advisory 2013-1418-01 - The libtar package contains a C library for manipulating tar archives. The library supports both the strict POSIX tar format and many of the commonly used GNU extensions. Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially-crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code. Note: This issue only affected 32-bit builds of libtar.
fdaca26e2d87e3bb5cee8e9635c7dcf5e268654ac961fdf49590aaab5e53f0a5Debian Linux Security Advisory 2772-1 - Markus Pieton and Vytautas Paulikas discovered that the embedded video and audio player in the TYPO3 web content management system is susceptible to cross-site-scripting.
d71693ccddbeea0e2c67bd19e6e3bfc8446246fa678f51354ce799116e15162cMandriva Linux Security Advisory 2013-247 - GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared as if it has all bits set, which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. Special crafted input data may be used to cause a denial of service against GPG. GPG can be forced to recursively parse certain parts of OpenPGP messages ad infinitum. The updated packages have been patched to correct this issue.
eb8b68dbe596e9a343773777e3107f217d9e0cde3797f3795ed8c6806caff422Gentoo Linux Security Advisory 201310-9 - A vulnerability in Setuptools could allow remote attackers to perform man-in-the-middle attacks. Versions less than 0.8-r1 are affected.
a516d6146224c13ff1a4bd4df27d5ac0e23653bec067dadc0731ba30c6122a4eIndusoft Thin Client version 7.1 suffers from an active-x buffer overflow vulnerability.
c00e0788c5d6462b72882a1157510d0caed575ccdad96d8ed169da385363cbccGoogle Translate suffers from an open redirection vulnerability.
81a16a12b6553003b478483b6934b4cb5aaa0b10101d76317337d6e31f9e0ec3Subrion CMS version 3.0.1 suffers from a cross site scripting vulnerability.
0ac3ee7611ad37967de005d18613b45aa10427d650f86abe7306afdc16b9b311Gentoo Linux Security Advisory 201310-8 - Multiple vulnerabilities have been found in Quagga, the worst of which could lead to arbitrary code execution. Versions less than 0.99.22.4 are affected.
ba9ca5c17e84ebeec9337e6ffbaa556d3fbe8194187caaf3a58902d40d14f254Gentoo Linux Security Advisory 201310-7 - Multiple vulnerabilities in OpenJPEG could result in execution of arbitrary code. Versions less than 1.5.1 are affected.
4744b99bae389f5d50939f689297bb60a271c09b189e9dc15ebe646d7d6c5a03Imperva SecureSphere WAF MX version 9.5.6 suffers from a remote blind SQL injection vulnerability.
52af25e0aaf58f7639edcd6675d339141171ec2a7c673ffaa2704d59cd107936Automne CMS version 4.4.1 suffers from a remote shell upload vulnerability. Note that this advisory has site-specific information.
78885025a98e01274bc51edc0982eb0bca19ceb9486b7e6af95997c8b83da414Internet Haut Debit Mobile suffers from a buffer overflow vulnerability.
25a77ccee9993902d295850e04bf0adb14bf0610e02e410272006f4790f8214dWordPress Simple Flash Video plugin version 1.7 suffers from a cross site scripting vulnerability. Note that this advisory has site-specific information.
7714c16e062459979093cd9f760fbf44bac002ee973ebcf23c9d1ec6ba94ddbdZiteman CMS suffers from a login bypass vulnerability due to SQL injection.
b0aa4808aaa8d0cc75bae160a607950a691b4249de427f3552ae9828a005d6f7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed