Secunia Security Advisory - Francis Provencher has discovered a vulnerability in Adobe Photoshop, which can be exploited by malicious people to potentially compromise a user's system.
d6c0e3b2b033ebf39fe9ab0c1625dad36607c24c4185df357994ab4479d238e5
Secunia Security Advisory - A security issue and multiple vulnerabilities have been reported in RSA enVision, which can be exploited by malicious users to disclose potentially sensitive information and conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.
1ff105331866d14b170708cc7a6d599a76db6d51da86aea50247fae526e553c7
Secunia Security Advisory - Debian has issued an update for nginx. This fixes a weakness, which can be exploited by malicious people to disclose certain sensitive information.
61b2ff8974cb4545bc84246e04173a019b4d908d2d5d51dc23f726fa31e7a517
Secunia Security Advisory - A vulnerability has been reported in Python mwlib Library, which can be exploited by malicious people to cause a DoS (Denial of Service).
0059d5ff96a3902898b789d1847f815146e5624da0cdb6ce40e6f7a8bada95f5
Secunia Security Advisory - Ubuntu has issued an update for xulrunner-1.9.2. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information, conduct cross-site scripting attacks, and compromise a user's system.
bfbf3ecc89e5fa5cc0912dc412810fc4beac76095e4c426715882ef90e9c1753
Secunia Security Advisory - Red Hat has issued an update for JBoss Operations Network. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.
0572e06daf6ad496f0763f12e55fdb024339c5bf86ccb1948eaefe4778eff754
Secunia Security Advisory - Debian has issued an update for gnash. This fixes two security issues and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and perform certain actions with escalated privileges and by malicious people to compromise a user's system.
ef513a4a1993a3296bfb6a678e84b6cb9fb4d5a1b30e44f04b7f1b4e04ec5143
Secunia Security Advisory - A vulnerability has been reported in InspIRCd, which can be exploited by malicious people to compromise a vulnerable system.
7c82a9701a545d6814ea043699352318a324052efb88f820256ac44d990e7100
Secunia Security Advisory - K1P0D has discovered a vulnerability in LiteSpeed Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
860769154eec9093bb6465e4c5a7b920200adfc6f8c9439376152a7ab3179eb5
Secunia Security Advisory - A vulnerability has been discovered in CrazyTalk Web Player, which can be exploited by malicious people to compromise a user's system.
79f17cddcbd88a56ea35d3e29749d3ad20f05a75507d4a77f410f583b02b48ec
Secunia Security Advisory - Andrea Micalizzi has discovered two vulnerabilities in ManageEngine DeviceExpert, which can be exploited by malicious people to disclose sensitive information.
49315622dc198dda45909e29ea8a47d5286eca9651b795f846b549194956d2e1
Secunia Security Advisory - Sony has reported a vulnerability in Kayako Fusion, which can be exploited by malicious people to conduct script insertion attacks.
1fe20ff7f3b3c31e41b87acc4da6add0769d4b90e9e67976a7e51e04fdca7516
Mu Dynamics has discovered vulnerabilities in GnuTLS and Libtasn1. The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability. Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1_get_length_der is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally corrupt or otherwise buggy structures.
5c22831c56b5d7f5cefb792251ddbea761d9ea8806a0c02c5e304b7b960abf12
Oreans WinLicense version 2.1.8.0 suffers from an XML file handling unspecified memory corruption vulnerability.
ecaeb80b932c772374367633ded0ddf88a9d374e83667364d56cc37986cf3e2f
CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. CA Technologies has issued fixes to address the vulnerability. The vulnerability occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services.
f6cc7aa2a2c098a2e8ed419d61aa4d65e98cc20b7bdc4c73e4cfe07ba7fc117b
Oreans Themida version 2.1.8.0 suffers from a TMD file handling buffer overflow vulnerability.
3f2087c9b5eb545bc7121de64cc500b486a25054948f2ed5f9ab46380d0e0c64
Mandriva Linux Security Advisory 2012-032 - Security issues were identified and fixed in mozilla firefox and thunderbird. Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windows 7 systems. Security researcher Soroush Dalili reported a way to bypass this protection. Security researcher Atte Kettunen from OUSPG found two issues with Firefox's handling of SVG using the Address Sanitizer tool. Various other issues were also addressed.
49b3630cca0e0de5bb12bfca94a302580b25a97edcb8bcd005ed74bcb9ba23bf
HP Security Bulletin HPSBMU02752 SSRT100802 - Potential security vulnerabilities have been identified with HP Insight Control Software for Linux (IC-Linux). The vulnerabilities could be exploited remotely to execute arbitrary code or to create a Denial of Service (DoS). Revision 1 of this advisory.
30bc52b92fd916034415c3776af5aa318ac48908a3cb84ed86e9a8ce99bb8554
FreePBX versions 2.10.0, 2.9.0, and perhaps earlier versions suffer from cross site scripting and remote code execution vulnerabilities.
c0dc63cbf6a988c5ad9949e03b41cdc392dd8ee9f96e32b725cc523d6c490d96
Proxy Check is a tool that includes a website to automate testing for web proxy content filtering. It has a battery of tests that includes looking for typically malicious URLs, several PDF exploits, and more.
ac9e7fea81ae9f981e0e3a0a3524dbb37d2aefac198ef4e781a1ffbf6cab1891
Red Hat Security Advisory 2012-0407-01 - The libpng packages contain a library of functions for creating and manipulating PNG image format files. A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. Users of libpng should upgrade to these updated packages, which correct this issue. For Red Hat Enterprise Linux 5, they contain a backported patch. For Red Hat Enterprise Linux 6, they upgrade libpng to version 1.2.48. All running applications using libpng must be restarted for the update to take effect.
02c66306b59208c15ad10058e8dd7d64c24149876c04fe8f5487335ca9732c80
Red Hat Security Advisory 2012-0406-01 - JBoss Operations Network is a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss ON 3.0.1 release serves as a replacement for JBoss ON 3.0.0, and includes several bug fixes.
360d101810e6235cc19b655e12a4aa1d69327636cb618300fd94bdd33f5fd22e