CyberLink PowerDVD versions 8.0 and below crafted PLS/M3U playlist denial of service exploit.
a0b2c6042043ef33dfc51026f219777fb3e5a3956997e18ea91d32d52cdd97dbMandriva Linux Security Advisory - A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16.
1a1feb90c9988e61bcb518e33f6acd3b11f0f3d648503d3f2efaccfd1b4f80c9A vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must visit a malicious web site. The specific flaw exists in the rmoc3260 ActiveX control. Specifying malicious values for the 'Controls' or 'Console' properties with a specific timing results in a memory corruption which can lead to code execution under the context of the current user.
e5a1b62ac9be31af6068765c6d46144550da0621b7283dcfd5d9530cfd5aafe5A vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in RealPlayer's rjbdll.dll module when handling the deletion of media library files. An attacker could exploit this vulnerability using an ActiveX control {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} to import a vulnerable file into the user's media library. Upon deletion of this file, an exploitable stack based buffer overflow can be triggered.
2d8b4f84809b950729bc6aaba33360d9344f34c731fe1bb7bd34b47bc0023848A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the garbage collection of JavaScript document elements in WebCore. When a CSSStyleSheet object of a style element is copied, and the style element is deallocated, a reference to the ownerNode property of the copied CSSStyleSheet object will result in a heap corruption allowing for the execution of arbitrary code.
b433b68fb71e6f89bcc303229b44bf4ed20aa5c9d0698e4e7b03178f568dc5e7RealPlayer suffers from a vulnerability where the WindowName and Controls properties of rmoc3260.dll do not manage heap memory properly resulting in a use after free condition which can overwrite heap management structures resulting in code execution. RealPlayer 11, 10.5, 10, and Enterprise are all affected.
f4a867bf834fd12002bf185f61e63741d9d542b0daa5b3009f9be2f18b59f04cSecurity Objectives Advisory - The Cygwin installation and update process can be subverted to a lack of checksum verification. Cygwin setup.exe version 2.573.2.2 is affected.
7cbfe265f4aef5c957f93a0d315cd5334c327902cc77191d1a586a89fab67f7aSecunia Security Advisory - Mark Janssen has reported some vulnerabilities in Blackboard Academic Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.
47b3f4a6da9fb3d92b8f5d41577a9e3cf8a8404a408bfe476a11d83f99251917Secunia Security Advisory - Mr.SQL has discovered a vulnerability in Atom PhotoBlog, which can be exploited by malicious people to conduct SQL injection attacks.
d556e6a7d45a557a94d6f1c200a9ff7718ca4a40e4177f0663651c54d55b6a58Secunia Security Advisory - BlueCat Networks has acknowledged a vulnerability in BlueCat Networks Adonis, which can be exploited by malicious people to poison the DNS cache.
4cbddeb039c5677a9505612221d913ee2c6a232b9f4ff2e54b9ae87e5ba64cb6Secunia Security Advisory - IRAQI has reported a vulnerability in Live Music Plus, which can be exploited by malicious people to conduct SQL injection attacks.
d0d7772764d93d29a3151d957e73d23c4fdf4eff703a554393a75e6841f80c81Secunia Security Advisory - Some vulnerabilities have been reported in Lore, which can be exploited by malicious people to conduct cross-site scripting-attacks.
09a47817ac455142da7fc69eaa1b2d9e7f6e1bcab38455cb5396da005d881769Secunia Security Advisory - Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system.
c33555efe554154007f0eec9f3a0e55a7e3c3b8df644758ce5feb1ce9c0cd0d9Secunia Security Advisory - Red Hat has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
da6b3ec3dec5683f929aae4db72211e9eccc86251addf794c1817c33cb159a91Secunia Security Advisory - Red Hat has issued an update for vsftpd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
fa585121dcd4c7727104d9d96e4bd8cd6105572bdb54af299ae45bb6197fe7a2Secunia Security Advisory - Red Hat has issued an update for rdesktop. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
73a4340870193b1f73a1c86c910656609334555d747cc8da5ee33f18ed4963bbSecunia Security Advisory - Red Hat has issued an update for coreutils. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security restrictions.
6a5a6467a63e070dc20feca15bf5ea08a77786dd710b0a50a3c92081c39b22dbSecunia Security Advisory - Red Hat has issued an update for mysql. This fixes some vulnerabilities and security issues, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious users to cause a DoS (Denial of Service) or to bypass certain security restrictions.
87a3390b96d65efa94562d921997bc1b3c5eed17eed8c60866eeea1bf591f756Secunia Security Advisory - Red Hat has issued an update for nss_ldap. This fixes a security issue, which can be exploited by malicious people to manipulate certain data.
f43a0e989b3c251ff1d7c5f7c6a26a82bbe028521e191042168c627ef5b31e71Secunia Security Advisory - Red Hat has issued an update for kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
5ffa2e85039ef2b44e7a7e5ee9c6f90b49f7be4915f569da22586cbabe121560ezContents suffers from a remote file inclusion vulnerability in minicalendar.php.
c0265594b39b6ad236c566af3b2704616c871cb7c8be5b61e98fc84485f3c918phpTest version 0.6.3 suffers from a remote SQL injection vulnerability in picture.php.
58f9dde1e7ff5bffb03c452e0c3435ef6ccb6c09109a7178e3683b4c5de4e957FizzMedia version 1.51.2 suffers from a SQL injection vulnerability in comment.php.
0488f6b6b7455d8468f17eb349ca685f02effa7ce12da9882b89b188bf51da1e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed