Kaspersky Internet Security 2011/2012 and Kaspersky Anti-Virus 2011/2012 suffer from a local memory corruption vulnerability.
18c23b61b3a5130f1676e81339edfa843b2843bccb7b7083fd3c502bd069ce8eCertificationMagazine suffers from a remote blind SQL injection vulnerability.
cc9755e4bd476d7e39514d1537348ba2ee0e32be53724bc41aa0528154c0f225Cyberoam UTM Application versions CR300i, CR500i v10 and older versions suffer from a remote SQL injection vulnerability.
b7bba3ca0e5d097d05c5be48898e06313af6ba34e1a9a89ae413b95095e5c55eNiX API is a powerful anti-proxy, anti-fraud, and IP reputation lookup API. It uses the NiX database at cli.nixapi.com to determine IP country/region/city, data center details, satellite provider details, open proxy details, and Tor network association.
474102596a87d21818c553be365a5aee27299455bc52719a27f2ca79bcfa0979Red Hat Security Advisory 2011-1845-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that web applications could modify the location of the Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system. A cross-site scripting flaw was found in the Manager application, used for managing web applications on Apache Tomcat. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages.
3793c6fc1e12931835b9486790eaeaec2b11866eebf59fdbbba3730d61befa79Ubuntu Security Notice 1315-1 - Jonathan Foote discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges.
c582938b1c84e55bad817ace630c8366e6860f089002b1d34130292263c8abc6Tiki Wiki CMS Groupware versions 8.1 and 6.4 LTS suffer from a stored cross site scripting vulnerability.
b6a4a107433a40e17f0035aef8bc745879ef539726e9eb3576090bc83cbb1b15PHPShop CMS Free version 3.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
8ffe5013bd85e933f7b064840141184420503d7040ec325bd1e48b4133e7824bThis is a whitepaper called Armitage - Hacking Made Easy Part 1. It covers using the Armitage GUI for Metasploit when performing pentesting.
5777c81d10c96a98fcf57d7f4affd16f8b29fa2e3121f0c628c6d44d023e0fafThe Joomla Matrimony component suffers from a remote SQL injection vulnerability.
58b8300185759c21c44594a5e2a718b78355ded87228dff646e9f63896be325dThe Joomla Caproductprices component suffers from a remote SQL injection vulnerability.
59707d1de7e36d6494fa2fa62d29df92adf2172fb61d2bfde49b145cfc0f1b94HP Security Bulletin HPSBUX02697 SSRT100591 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 1 of this advisory.
8bdcf05ff356ea4f3561cce56b06f9d4a0634b124b967b70bebbcf95e8432f20Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
29f99af8f56782787fa19e5ffefaa76adf0d067e87560e80a2df5d9c5ef61447Secunia Security Advisory - Debian has issued an update for mediawiki. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and bypass certain security restrictions.
19d04293fa172c609b1fa9c165afe59e14983b067a3ff7c42c5c465988b865d1Secunia Security Advisory - A weakness has been discovered in Apple Safari, which can be exploited by malicious people to disclose sensitive information.
428cb5413e2faded70164475c58d2c5a76a4ba382eec878a9924485be09dc165Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS.
6bc516ac218c12e4632c44c0960b0ea412255e51d6c0e252c62ff17e900c5a76Ubuntu Security Notice 1314-1 - Giampaolo Rodola discovered that the smtpd module in Python 3 did not properly handle certain error conditions. A remote attacker could exploit this to cause a denial of service via daemon outage. This issue only affected Ubuntu 10.04 LTS. Niels Heinen discovered that the urllib module in Python 3 would process Location headers that specify a file:// URL. A remote attacker could use this to obtain sensitive information or cause a denial of service via resource consumption. Various other issues were also addressed.
9d0bdcadae2291159af229197e983a064ffa1f479de8c8553242e7cc5b46c010Artmedic Webdesign Links version 5.0 suffers from a remote file inclusion vulnerability.
f0792f7220dbeea15bec70c0269c980119b5f0683dfeb27d780b641edfe2e437Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS, which can be exploited by malicious users to cause a DoS (Denial of Service).
a6b397fd8447961dc27207466aad515ff07a3a45f01c60fcc3f30402c5016f6eSecunia Security Advisory - Francis Provencher has discovered a vulnerability in libfpx, which potentially can be exploited by malicious people to compromise an application using the library.
63ccb0805aa93a985098b625d4675756dedcc5c997835d170e024768603e8466Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in PHPShop CMS Free, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
cd65dfc1974e5c12c579530b321be871eae7e3fc795c70de94594f66a7ee68c0Secunia Security Advisory - Ubuntu has issued an update for linux. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.
231c0466d579a5c8d7a5338e33f360c6dd664a22003250d30767b09d7bb05d4bSecunia Security Advisory - Francis Provencher has discovered a vulnerability in IrfanView, which can be exploited by malicious people to compromise a user's system.
c8127bbecbe094a401f09d85dea5ede276d9e3471d7a1f9f2107dc545bbe5685Secunia Security Advisory - Francis Provencher has discovered a vulnerability in the FlashPix PlugIn for IrfanView, which potentially can be exploited by malicious people to compromise a user's system.
3f5283717b2b01f47b0adf179b76ae23538ab43c693a17b9a318cd2bd61deb18
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed