C-Arbre versions 0.6PR7 and below suffer from a remote file inclusion vulnerability.
d5d3686703e6bbdc57b0c60d120c2dd60ee1c9dce1c842ac579cacd4170ae670realGuestbook_V5 suffers from a HTML injection vulnerability.
b86ba6f04ebc3607caae18cbb9583cca99aa5c34260a4f01415eda8a014f5b3cKDE Security Advisory - The KDE FTP ioslave parses the host address in the PASV response of a FTP server response. mark from bindshell.net pointed out that this could be exploited via JavaScript for automated port scanning. It was not possible to demonstrate the vulnerability via JavaScript with Konqueror from KDE 3.5.x. However, other scenarios are possible. Systems affected are KDE up to and including KDE version 3.5.6.
11a8b2185f26494437aee4a5b794dd9dfc7df3072b51c8db1a96b3d190915204Ubuntu Security Notice 445-1 - Sven Krewitt of Secunia Research discovered that XMMS did not correctly handle BMP images when loading GUI skins. If a user were tricked into loading a specially crafted skin, a remote attacker could execute arbitrary code with user privileges.
e266e06f177d39efc971ec36eaf88b0d5d9d0d133e7c84c3f8d2d42ec2966ac0Ubuntu Security Notice 444-1 - A stack overflow was discovered in OpenOffice.org's StarCalc parser. If a user were tricked into opening a specially crafted document, a remote attacker could execute arbitrary code with user privileges. A flaw was discovered in OpenOffice.org's link handling code. If a user were tricked into clicking a link in a specially crafted document, a remote attacker could execute arbitrary shell commands with user privileges.
dcedce99eb92d93c1a698358523dc0e85c4d2330d3ab5a24910aba66705750fcUbuntu Security Notice 443-1 - A flaw was discovered in how Firefox handled PASV FTP responses. If a user were tricked into visiting a malicious FTP server, a remote attacker could perform a port-scan of machines within the user's network, leading to private information disclosure.
58646c1cfd058aba882bd432342de1d5ef5a77df5689e6b60b68c1753dd4ce77Debian Security Advisory 1273-1 - Several vulnerabilities have been discovered in nas, the Network Audio System. A stack-based buffer overflow in the accept_att_local function in server/os/connection.c in nas allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large max_samples value. The AddResource function in server/dia/resource.c allows remote attackers to cause a denial of service (server crash) via a nonexistent client ID. Array index error allows remote attackers to cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function in server/dia/auutil.c. The ReadRequestFromClient function in server/os/io.c allows remote attackers to cause a denial of service (crash) via multiple simultaneous connections, which triggers a NULL pointer dereference.
1e4f485fabdc7a6df39aba602cc017d7080e34af96a042dda8fc9d8dddd5c602Mandriva Linux Security Advisory - A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers.
303330030e6f55cb5e27b3158c57236a5547755445f23a98d029aeca2072f934The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
cb27df6dafe7b2d1c2d2174000afd07965cdc09e759e8cda5147cfc58e445251Secunia Security Advisory - Ubuntu has issued an update for nas. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges or by malicious people to cause a DoS (Denial of Service).
8ab7b61979801379bdfa4a85b6f2134abc8bd59a8aa5b45a2b3526a147a1fc92Secunia Security Advisory - Some vulnerabilities have been reported in IBM Lotus Domino and Lotus Domino Web Access, which can be exploited by malicious people to conduct cross-site scripting attacks or cause a DoS (Denial of Service).
4ade0a2f36493ebed88d65ffc560ca73795e35ac090c0fe9deaeb56b27a49b62Secunia Security Advisory - Debian has issued an update for nas. This fixes some vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges or malicious people to cause a DoS (Denial of Service).
e4af7ed34dd8c07dee3b2dc70857fa34bce15d1f6cd953cf2b3b9e0de1120d2fSecunia Security Advisory - A vulnerability has been reported in ArcSDE, which can be exploited by malicious people to cause a DoS (Denial of Service).
6f10ae71056254d923e5f9a42a96286dd9ec704fc1e54fb8513fe0e5f69fd83fSecunia Security Advisory - Tim Rees has discovered a security issue in TrueCrypt, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
4e16d4933bfd69aac4490a4abd439463a205178c8e12571fa3f5555fc7b9fbb4Secunia Security Advisory - Ubuntu has issued an update for xmms. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
6f72da827b8381c976212e45d00b320d178958e87b6a254d72efd7d8bc724af7Secunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
9a5940cc85a243c51e102a0a5d47cf2f170e73e6837e65a25e92831898e3f518Secunia Security Advisory - Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).
7caa511d27d5b785ef2a529a264c205574d451b47b83c88ccbb8f9a72139a874Secunia Security Advisory - KEZZAP66345 has discovered a vulnerability in Web Content System, which can be exploited by malicious people to compromise a vulnerable system.
f492445ecd828bb7b72ce47023ac065bbf0cd6cb5cf23f92729e77a09b022db9Secunia Security Advisory - Mandriva has issued an update for evolution. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
a0c3d9dfb5d4fb4a82d2d345a591572c42980c6ef9e3e26ba6a32c8f4fbf5336Secunia Security Advisory - UniquE-Key{UniquE-Cracker} has discovered a vulnerability in the Articles module for Xoops, which can be exploited by malicious users to conduct SQL injection attacks.
e93f758674d30b60aa5307074f8472dd699c77dfcbe25a999f40a778b20b54acSecunia Security Advisory - skillTube has reported a vulnerability in NaviCOPA Web Server, which can be exploited by malicious people to compromise a vulnerable system.
6e70a35d52f80814c4d5b200e2c8355f4d52caf00db6ded9d24aea84093b44caSecunia Security Advisory - Lostmon has discovered some vulnerabilities and weaknesses in aBitWhizzy, which can be exploited by malicious people to disclose system information or conduct cross-site scripting attacks.
5701dc1296401d5a02c9c1da5d68d87ba4f2fbbebfc1fca7750403c9a9527d60Secunia Security Advisory - Park Gyu Tae has reported a vulnerability in SignKorea's SKCommAX ActiveX control, which can be exploited by malicious people to compromise a user's system.
8aa06d9a470b41380ee24be062f2d08764f15ccbb69b351697fc18213f77683aSecunia Security Advisory - Slackware has issued an update for libwpd. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
b6a23fa5c4d2c79d10bfc1ecd064712bcb7d4096a5b013f6f6ed4b9174e9d1dcSecunia Security Advisory - Ubuntu has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
659a2e54d19eb8c3a5e143b28e737898eacaf52aa64fd1198ad31b0f89821208
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed