NovaBoard versions 1.0.1 and below suffer from a cross site scripting vulnerability.
f8fe8b2938711a77820fcb328acecba6868a79215340edd3548bb3d101c9fef4GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP specific capabilities such as presence and messaging. It supports secure telephone extensions for making calls over the Internet, and intercept/decrypt-free peer-to-peer audio and video extensions. It is not a SIP proxy, a multi-protocol telephone server, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.
2335e0261b571f980efbed1cc166a3ea79da2c0c494386dacdf173da46ef5b79Whitepaper called Defeating the iPhone Passcode.
4057ba42acd5baab592ee9f0a9a299e6dee396369e8d1034ae8a86a9271d0b89Ghostscripter Amazon Shop suffers from cross site scripting, directory traversal, and file inclusion vulnerabilities.
4e57053545531baeac49bfc80ddd1f9b93ac08cc1ecee41ff01fce6519ea0159Mandriva Linux Security Advisory 2009-064 - Security vulnerabilities has been identified and fixed in University of Washington IMAP Toolkit which could allow local users to gain privileges by specifying incorrect folder name. The updated packages have been patched to prevent this.
5faed625e4de4ed595ab21867cef59e7b9c4dceb7261b7405dc26e620ce6be46Zabbix version 1.6.2 suffers from remote code execution, cross site request forgery, and local file inclusion vulnerabilities.
6fc6a1f1b3df47f2608e299ed5ea4014c5c4b5292607adb72d978c18e293dc26BlindBlog version 1.3.1 suffers from local file inclusion and a remote SQL injection vulnerability that allows for authentication bypass.
a46ca1ee4cb9d934ffc313d81f2df2188b36602b41cc3fb22ed162be3e1d1d13The Imera ImeraIEPlugin.dll version 1.0.2.54 suffers from an arbitrary code execution vulnerability.
4fec98095b98c4e50689fb2b454b7ab1bde5684601a56db62c95836de5a60c9cSecunia Research has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the libsndfile.dll library while processing CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking a user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Versions 5.541 and 5.55 of Winamp are affected.
e97f2fe73e532a5dec458183af5d69b27e62e2a71a4a255ef386e4dca35a6f89Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an integer overflow error in the processing of CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking the user into processing a specially crafted CAF audio file. Successful exploitation may allow execution of arbitrary code. Version 1.0.18 of libsndfile is affected.
b5eb317c23578aec59191a12b52b4f678a3da0e4fb73652dfa8b4375cf3a713aGoogle's GMail service is vulnerable to cross site request forgery vulnerabilities.
5e81bd372f765d1aa6e08bbb3574bc02f3fffd59eb60cdad2600347d27ff9d55Sopcast SopCore Control SetExternalPlayer() user assisted command execution exploit that leverages sopocx.ocx version 3.0.3.501.
c8ad28db3188f7a8c3d2dc7d08602bb8f80dfcb9040c262bf8287c712a696860FreeRange CMS suffers from a remote SQL injection vulnerability in resources_for_nowal_members.php.
5e5291457e6a59bc62373da7ef074e135997da7af572d1651565a417dfb2e86bProtX Shop suffers from a remote SQL injection vulnerability in productdetails.php.
7829db5eccd36cd67ac1bd489fec37856ad496a8fea5ffd2b08e5faa73f343f0Debian Security Advisory 1733 - Several vulnerabilities have been found in vim, an enhanced vi editor.
ac7379d457a6d77bac691d4b0a79c31d70bae3178e666cf6edf19545fa85f02flibcURL suffers from an arbitrary file access and creation vulnerability.
ea48c68e60758cd036e647780eceaa6311e727a11ac4678e78454f9681ad31cdEFS Easy Chat Server authentication request SEH buffer overflow exploit that spawns calc.exe.
ccf382c74daf1cd4e09b03aa86e18bc93b57ffb27366e8af079aceaa3798c5f8Orbit versions 2.8.4 and below long hostname remote buffer overflow exploit.
e04704d5f38326fa8ed25ae66ffbb6e3fa2741d55c4277b1feecf32fcd322af7Debian Security Advisory 1732 - Joshua Morin, Mikko Varpiola and Jukka Taimisto discovered an assertion error in squid3, a full featured Web Proxy cache, which could lead to a denial of service attack.
a983b90292ef870490f19ac8f72c722d9da3a72ba10dc4ff81d262c3dca19584Secunia Security Advisory - Matteo Ignaccolo and Gabriele Zanoni have reported some vulnerabilities in Plunet BusinessManager, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks.
9858e5e8499f6df030175f73a1d3eefce708f6c53af8af7d1d3eac96b7f26d41Secunia Security Advisory - Debian has issued an update for vim. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious people to compromise a user's system.
90611c43342a32ed42a31d68ecf125c41b2e00284e24312cebbf160b3d734085Secunia Security Advisory - Debian has issued an update for squid3. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
439042419e1ddf3a3ba9f20018426a5abdbaea42acce576c75e99ea3fa6c5d10Blogsa versions 1.0 Beta 3 and below suffer from a cross site scripting vulnerability.
726407a7afa60b9becff57b57418976454485f050bc0c47529f0cf04a77063f9Mandriva Linux Security Advisory 2009-063 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current eog working directory. This update provides fix for that vulnerability.
7d5f8348c8180cb57da5367b9337064c16fd1fb59a680802ba899adff5f47f96Mandriva Linux Security Advisory 2009-062 - A security vulnerability has been identified and fixed in login application from shadow-utils, which could allow local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line (aka ut_line) field in a utmp entry. The updated packages have been patched to prevent this. Note: Mandriva Linux is using login application from util-linux-ng by default, and therefore is not affected by this issue on default configuration.
f85164ad0dd2f9a35f8b48660973cda52086237a9ab2d346109d2032752d2d29
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed