Secunia Security Advisory - A security issue has been reported in the WPtouch plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
c74155fae470310295c95e76d5bb9b22563d25740665f95db8e665cc6d9e419aSecunia Security Advisory - A security issue has been reported in the W3 Total Cache plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
927c29a063fcb3a2acf77d975ef06d3665dfadbf80915f1c87f8b9ac777cd96bSecunia Security Advisory - Multiple vulnerabilities have been reported in LibreOffice, which can be exploited by malicious people to compromise a user's system.
488faa4d94616489b6f17748767cae1923b864d9d359c78e9c59a672345a9244Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in FanUpdate, which can be exploited by malicious people to conduct cross-site scripting attacks.
5fe9808aee509a26930af19582d515776019ac19bd461c1934f0c474bd905292Secunia Security Advisory - Multiple vulnerabilities have been reported in AiCart, which can be exploited by malicious people to conduct SQL injection attacks.
7e517c6fb7b4dd277a2dca8fba978bc9361caffd9a076c4496e75b8ae122e5e6Secunia Security Advisory - A weakness has been reported in NetworkManager, which can be exploited by malicious, local users to bypass certain security restrictions.
05e1c20c22c7fee07b20714d1c268aa4b48a16a2bb44fda2448c4eed5eca707cSecunia Security Advisory - A weakness has been reported in WoltLab Burning Board, which can be exploited by malicious people to disclose certain system information.
50317d68eb20fffe95d5099e4896bf36ccad2444d1d1fe6e4e506baa57c8c3e5Secunia Security Advisory - Novell has acknowledged multiple vulnerabilities in Sentinel Log Manager, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).
8f579326d09fcbdb538a7916524abfe7573cb75f31a4c751be22f6c0c7267cbaSecunia Security Advisory - A security issue has been reported in the AddThis plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.
2e69aabc514c81946e83a9e4d95be3846ffa50d29f303e3c8ca1bc1be5c5e0a9Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious people to conduct cross-site scripting attacks, and by malicious users and malicious people to cause a DoS (Denial of Service).
6c19c93fac7a213bd48f11785bfd45e66c926aff3e766c06d4ad4b929f24023bSecunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in Kofax e-Transactions Sender, which can be exploited by malicious people to manipulate certain data and compromise a user's system.
34b617695b0992f32420e8007821d5af161d6190052422b12bc107e8ece0ac2bSecunia Security Advisory - Brendan Coles has discovered multiple vulnerabilities in BrewBlogger, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
50beedd8061bf99554ffc4b2d6fc59b15be1c3f56cd60c2fc89cf83e715ba867This Metasploit module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.1 (Build 6.0.10.10) or earlier. By sending a specially crafted On_FC_CONNECT_FCS_LOGIN packet containing a long username, an attacker may be able to execute arbitrary code.
eefc2e2dd1a8e6e3d6bbd51968ba293d8582140300ddd65d9a563690a5bf114bThis Metasploit module exploits a buffer overflow in Sielco Sistem Winlog <= 2.07.00. When sending a specially formatted packet to the Runtime.exe service, an attacker may be able to execute arbitrary code.
ad560ed7c2b5c2b085b3af27e95252ee83dd229a20d5349ee20068a8929d360fUbuntu Security Notice 1149-1 - Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
f55fddce9d2bddcb039c6598e1e5566ab72817a1185ebc7d254888c12c8d5f6fMandriva Linux Security Advisory 2011-111 - Security issues were identified and fixed in mozilla firefox and thunderbird. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. regenrecht also reported via TippingPoint's Zero Day Initiative that a XUL document could force the nsXULCommandDispatcher to remove all command updaters from the queue, including the one currently in use. Various other issues were also addressed.
f7dd994ed60b9ada7310c8c1c6924839daffb71af4e1d407d023ec1f99cea07eUbuntu Security Notice 1157-2 - USN-1157-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 5. Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the privileges of the user invoking Firefox. Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Jordi Chancel discovered a vulnerability on multipart/x-mixed-replace images due to memory corruption. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Chris Rohlf and Yan Ivnitskiy discovered an integer overflow vulnerability in JavaScript Arrays. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. It was discovered that Firefox's WebGL textures did not honor same-origin policy. If a user were tricked into viewing a malicious site, an attacker could potentially view image data from a different site. Christoph Diehl discovered an out-of-bounds read vulnerability in WebGL code. An attacker could potentially read data that other processes had stored in the GPU. Christoph Diehl discovered an invalid write vulnerability in WebGL code. An attacker could potentially use this to execute arbitrary code with the privileges of the user invoking Firefox. It was discovered that an unauthorized site could trigger an installation dialog for addons and themes. If a user were tricked into viewing a malicious site, an attacker could possibly trick the user into installing a malicious addon or theme. Mario Heiderich discovered a vulnerability in displaying decoded HTML-encoded entities inside SVG elements. An attacker could utilize this to perform cross-site scripting attacks. Various other issues were also addressed.
ab0de8b218db560872113e115b67dd7d3a8d9bab94d781b359d06958c84f7b71Sitemagic CMS suffers from a directory traversal vulnerability.
6b480a073a294ad63da8d569a12e8ffa57a5e07c8a301358a24e317656464735Ubuntu Security Notice 1157-1 - Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the privileges of the user invoking Firefox. Martin Barbella discovered that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.
6901bd3bd698c3f992c925348a9980fc10a18121095e9376894d341d91280f14
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed