Debian Security Advisory DSA 1677-1 - An integer overflow has been discovered in the image validation code of cupsys, the Common UNIX Printing System. An attacker could trigger this bug by supplying a malicious graphic that could lead to the execution of arbitrary code.
8b80bf7892307528425277fb7e9b0214a62daea0cbc4d7b1e498eae6f3e5ef0cz1exchange suffers from cross site scripting and remote SQL injection vulnerabilities.
a6c0e4ff0dd3f07ea531bcfee432c297a73c8400d9baa489d892d34662f55aa7CMS MAXSITE Guestbook component remote command execution exploit.
0d7257fd82c498884ba6391916be30590c5f4499dff38d1cc6dded3f8e08819fOcean12 Mailing List Manager Gold suffers from a direct database download, remote SQL injection, and cross site scripting vulnerabilities.
531880bbad77a754a05f0a9f87220ee122e25f7770e662a70be1afdf679601deThe Orkut Clone by i-netsolution suffers from cross site scripting and remote SQL injection vulnerabilities.
d9358d35fcc2470ccdf1b2b5638cac7f64cc356c3e16135d7710ceec5c54b724Rapid Classified version 3.1 suffers from a remote database disclosure vulnerability.
b54cb097f0b25e6e2bfbad7de0282849b6f9e4742fec5fb912e87a8949dcbf23JBook suffers from a remote SQL injection vulnerability that allows for authentication bypass and also suffers from a direct database download.
5420b0d21aa0a8efbfc163ce12f6859e4147cac477755f20bfa611ded2217796Pardus Linux Security Advisory 2008-77 - Two vulnerabilities have been fixed in ffmpeg which can cause to a DoS (Denial of Service).Versions below 0.4.9_20080909-48-16 are affected.
020d5a4726238fdff876dfab924ad97c0bab8cfbd235da8c0f446a73adaceb2bSunByte e-Flower suffers from a remote SQL injection vulnerability.
a99d280cf5516349c530c1e4f17f2fcb39e560afc498fadd21088a86340b1edcCPanel version 11.x privilege escalation exploit that bypasses mod_security and a php restriction.
4f9e8bf07ce96a89fbaf48ac06ccae2328581efd59d55d9926d846192e0130d5Gentoo Linux Security Advisory GLSA 200812-07 - Multiple vulnerabilities have been discovered in Mantis, the most severe of which leading to the remote execution of arbitrary code. Versions less than 1.1.4-r1 are affected.
3f1f1bc50386386a5b67c2ecfd59d0590df90324100507755a9560bfcc1d9016Gentoo Linux Security Advisory GLSA 200812-06 - Multiple vulnerabilities in libxml2 might lead to execution of arbitrary code or Denial of Service. Versions less than 2.7.2-r1 are affected.
afea399183d7e4bf5793e6c11d39e7d05e10783db16546041be89900723e4205Gentoo Linux Security Advisory GLSA 200812-05 - A buffer overflow vulnerability in libsamplerate might lead to the execution of arbitrary code. Russell O'Connor reported a buffer overflow in src/src_sinc.c related to low conversion ratios. Versions less than 0.1.4 are affected.
4ae5acec7c8e7f580629028dd59f977d145a81b028de76b8e7292392e5c931e2Gentoo Linux Security Advisory GLSA 200812-04 - Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service. Versions less than 1.4.20 are affected.
8dbd4ebd6f120ca3ce5381f079e7811f7a384c746563ef0caae36f04c35355f8Gentoo Linux Security Advisory GLSA 200812-03 - IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability. Versions less than 0.7.1 are affected.
431df99e62ca8e96b747019b963df7c6b8db90d7c4e827a2bbb529d246ff7f47Gentoo Linux Security Advisory GLSA 200812-02 - Two buffer overflows in enscript might lead to the execution of arbitrary code. Two stack-based buffer overflows in the read_special_escape() function in src/psgen.c have been reported. Ulf Harnhammar of Secunia Research discovered a vulnerability related to the setfilename command (CVE-2008-3863), and Kees Cook of Ubuntu discovered a vulnerability related to the font escape sequence (CVE-2008-4306). Versions less than 1.6.4-r4 are affected.
8cbd0e0780d7c5ffd3c6367c7776e0d6e14aa37279c75668c254b97bf5515cbfGentoo Linux Security Advisory GLSA 200812-01 - A vulnerability in OptiPNG might result in user-assisted execution of arbitrary code. A buffer overflow in the BMP reader in OptiPNG has been reported. Versions less than 0.6.2 are affected.
a2360109d31c6a36f2d60306d3b5995b9d12bba3736a753c136de265bd34b8c5Ubuntu Security Notice USN-683-1 - It was discovered that Imlib2 did not correctly handle certain malformed XPM images. If a user were tricked into opening a specially crafted image with an application that uses Imlib2, an attacker could cause a denial of service and possibly execute arbitrary code with the user's privileges.
c56ff171823e1f8e6404d05981696b1bf2f30ebae25697ac72eb81de04e3c34aDebian Security Advisory 1676-1 - Dmitry E. Oboukhov discovered that flamethrower creates predictable temporary filenames, which may lead to a local denial of service through a symlink attack.
41d5be2e26d097de090f8254c16419a5495ab4e8ec106c4e09fe04a09fc1ae8fSecunia Security Advisory - Debian has issued an update for phpmyadmin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
1b59aabfd8a67b714991d5e50cf3ea2cb8b9e4f85f1350179d794c530301ed88Secunia Security Advisory - CWH Underground has discovered a vulnerability in bcoos, which can be exploited by malicious users to conduct SQL injection attacks.
774f412a2c62a79a8c232e7ead016c802c88d6cc606c05b7ec17baa523af8a94Secunia Security Advisory - Ubuntu has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise an application using the library.
7651b6d4664c560737f89e8e2f9255ed9c3e0371d8f711a9b5014b5bb8a12768Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
358b7e1dcee274325e5c86954a6284f5eeb3ed2b1a6677aebe76e33d8c5652f4Secunia Security Advisory - A vulnerability has been reported in DAHDI, which potentially can be exploited by malicious, local users to gain escalated privileges.
a25bada679b8b9d42573d91fd4064753a54acd28c8d6beef2e6983c03948a8abSecunia Security Advisory - CWH Underground has discovered a security issue in ASP Portal, which can be exploited by malicious people to disclose sensitive information.
ac0d5171786c4f38eda981f73d6b64f441b0af5dea3f502e81665e2e617c265f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed