The Joomla JSupport component version 1.5.6 suffers from a remote SQL injection vulnerability.
4b803c5016270ee6808924d7ce0a83fc6ac436b22328d84419f6547282a8d99eThe Joomla JSupport component version 1.5.6 suffers from a cross site scripting vulnerability.
4c2779496afa3a01005f153d309b4f041b981023b3039e39e092a4f267eda0d6The Camtron CMNC-200 IP Camera suffers from buffer overflow, administrative bypass, default account and directory traversal vulnerabilities.
f4179a3a7b9ccf1244b48c4730ed3dbeb4940f45a22b1e54806f6011ae691979FreeBSD Security Advisory - The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.
3a98ed40616c81e73aa4a0d079237bc71bdc7a6f8d82304312a666edb259fb21Mandriva Linux Security Advisory 2010-231 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via a PDF file that triggers an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.
bda0eac3fcc6a27bd488c2139b589c44ca9949767c942af7f2231ba7fa93ed4fMandriva Linux Security Advisory 2010-230 - The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.
e9987008241858cdc47d939a6ed07854b592b833cbc729fda00bb009ede7dc7aMandriva Linux Security Advisory 2010-229 - The Gfx::getPos function in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in kdegraphics, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption. The updated packages have been patched to correct these issues.
0284f82e91807e1c0672171f87b87c2b401535241a197f83d996bf4d95e65c31Mandriva Linux Security Advisory 2010-228 - The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service via unknown vectors that trigger an uninitialized pointer dereference. The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption.
c7ea73badedcb929836bc2e5219cb5022c017b5fe4230268ae2adb6ce52c2932Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
a6a929924a2a4e416021de37391ae322365e7a942efcedc03f1b0a657de2be0ciDefense Security Advisory 11.11.10 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing an Excel file with a maliciously constructed Excel record. Specific values within this record can trigger a memory corruption vulnerability, and result in values from the file being used as function pointers. This allows an attacker to execute arbitrary code.
ff890312e47483c8b1244f6d7d408e3d962c8062c33a929494899fcca53cf69bPower Audio Editor version 7.4.3.230 suffers from a denial of service vulnerability.
82f61fa0c6113ddebebf3ecb45fe23b5694d852df51b3a6e6fb8b7ddd499836cVbsEdit version 4.7.2.0 suffers from a buffer overflow vulnerability when parsing .vbs files.
dfd120575dc4b9e63f7ef4ca6ec6bf6f4492cb662e93004bd60f4e7f1562b6a2Visual MP3 Splitter and Joiner version 6.1 suffers from a buffer overflow vulnerability.
9f5ce66a248bc9368466b4b84c6e7bd3e594338d45a873b65bcd89142ee2296dASPilot Pilot Cart version 7.3 suffers from a remote SQL injection vulnerability in newsroom.asp.
25c921d96e4877a9c5613869df60ae1315e06185b08d6b2060e42c97c375e217This Metasploit module exploits a stack overflow in SCADA Engine BACnet OPC Client v1.0.24. When the BACnet OPC Client parses a specially crafted csv file, arbitrary code may be executed.
2c6eff3365a8cd3ef62a57d222795cb41fc95f13bba51789e6bb9bd0f996aedaUbuntu Security Notice 1017-1 - It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled joins involving a table with a unique SET column. It was discovered that MySQL incorrectly handled NULL arguments to IN() or CASE operations. An authenticated user could exploit this to make MySQL crash, causing a denial of service. It was discovered that MySQL incorrectly handled malformed arguments to the BINLOG statement. Various other issues were addressed as well.
12f74318d601ad71c04de02b7f2984a919b4f5c8e5d6f180e143084260daa6f4E-Xoopport version 3.1 suffers from a remote SQL injection vulnerability in the eCal module.
c5b9bda59e9bab2823be3e32d3e3b6ba7eb16bb2e261df0e71d913e5fab29351Secunia Security Advisory - A vulnerability has been reported in Mono, which can be exploited by malicious, local users to gain escalated privileges.
bc2fa89462e9f3d59a6671df7982c87262927750023f4892206e0e833f750b7dSecunia Security Advisory - Dan Rosenberg has reported a weakness in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information.
28e7c8444cd75ec2810750d0bf3305c5efb44ccb2d9510319d43691c8c524469Secunia Security Advisory - Dan Rosenberg has reported some vulnerabilities in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
5746089dd217b779da567a63664fb56a168cb54f343164a621837cfd5e69a28cSecunia Security Advisory - Fedora has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting attacks, and compromise a user's system.
b08482246851b917e6b622fb4f851647f75f06043426ae93d19cc304b4b05295Secunia Security Advisory - A vulnerability has been reported in LANDesk Management Gateway, which can be exploited by malicious people to conduct cross-site request forgery attacks.
a77dfece1fbc2c8d46e9139ddbb927ccb30354f623487a626bf324b2c528f7f9Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and malicious people to compromise a vulnerable system.
935835595154a67760183f1ef165aa344fad7c5c20bb9da7d93531059c0837b0Secunia Security Advisory - Pawel h0wl Wylecial has reported a vulnerability in FileCOPA, which can be exploited by malicious users to disclose sensitive information.
3564d00a1e6bd7b89a70c9b25456d6bbe10bc52e9d57abcd3c170f58d8f50605Secunia Security Advisory - Fedora has issued an update for libsmi. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
3d8e5a8c487123fe386a1fef466ad7e49825f3d23de55791eeb7299991cfdbd6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed