Adobe Pagemaker versions 7.0.1 and 7.0.2 suffer from a buffer overflow vulnerability when handling long font names. Links to full advisory are provided however the author has removed the exploits related to the vulnerability.
4d649063f056168db14f9bd0375f8e3ad886dc0ae43795c2a6b08c1fe0359a45Gentoo Linux Security Advisory GLSA 200710-09 - Chris Evans reported an integer overflow within the FreeType PCF font file parser. NX and NX Node are vulnerable to this due to shipping XFree86 4.3.0, which includes the vulnerable FreeType code. Versions less than 3.0.0 are affected.
3a9239dcfea19ae1b63de62872bbf157179a136141258f98772d86f60011fedaGentoo Linux Security Advisory GLSA 200710-08 - KPDF includes code from xpdf that is vulnerable to an integer overflow in the StreamPredictor::StreamPredictor() function. Versions less than 1.6.3-r1 are affected.
381a2e4a9e88cc3c225d25d30e09d7aaf76971ddcb097b4f5de944157ede3b22Small write up discussing how ShellExecute() works and how applications must make use of it.
7a9b8aea89ccd7fbd91c4adf251cb37df6751074c2749b4e00907f8bac322700World in Conflict versions 1.000 and below suffer from a denial of service vulnerability due to allowing access to a NULL pointer.
dbef05b91e1f849784a4d9edcf6c2240e954adac928fbc2a32714040008e6435Technical Cyber Security Alert TA07-282A - Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook Express and Windows Mail, Microsoft Office, Microsoft Office for Mac, and Microsoft SharePoint. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
e0859f7589473840c9dfb074ebdd09f56024344f1e9cc298514d8a3c4d5b467bSecunia Security Advisory - A security issue has been reported in Sun Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
455bb8c3072b80122fc5ca725f6f1ac334508d5e43cb955577f7d01dd6ada448iDefense Security Advisory 10.09.07 - Remote exploitation of a heap overflow in Microsoft Corp.'s Windows Mail and Outlook Express NNTP clients may allow an attacker to execute code with the privileges of the logged on user.
8b33b8798d8b760973d1bdb3e31f6e4db4c8ed300300f9438a91fdcb87c7ca17LedgerSMB versions 1.0.0 through 1.2.7 and SQL-Ledger version 2.x are susceptible to SQL injection vulnerabilities.
eda42bf7f295bb93c14358c74c7fcb4333fb8f63d7b699a043b52c7b3368a891The Linksys SPA-941 version 5.1.8 is susceptible to a cross site scripting vulnerability using SIP as a vector of attack.
0958d5a7f2e07f89b846c84b23a0dcf0bafece8411139aa26cd887a7b529b58fUbuntu Security Notice 527-1 - Joris van Rantwijk discovered that the Xen host did not correctly validate the contents of a Xen guests's grug.conf file. Xen guest root users could exploit this to run arbitrary commands on the host when the guest system was rebooted.
b20366bfd1d1fb2c8d548ccbaca36149c280a32d2dedb03ec5ce0141a24f9566SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.
b4ce7d3390a65075e49977aa14755b3028fc45bc726cd7eaafb4a1d36f7bc67fLightBlog version 8.4.1.1 remote code execution exploit.
4e118497976bd7cb4eb74a897f54fbbb0382096bd54bb724aa3db4335c3b74c2The DNews News Server is susceptible to cross site scripting vulnerabilities.
a540f73157973907cb350119d482dced0f6bcd1836e5dc5d650ece23c064a755The speaker lineup for Black Hat Japan 2007 has been announced along with the Call For Papers for Black Hat D.C. and Black Hat Amsterdam.
0b75ab511d25ac44fd050ee64161f08f69d479ac2bdc73716b76ade740fa5426Simple connect-back back door for Unix. Sends statistical information regarding the remote server such as uid/gid, uname, etc.
2e1e678ec44e8a8dd04699775555f44b001eb535aa98bfd66e2d7b932893bd3cSoftbiz Jobs and Recruitment suffers from a remote SQL injection vulnerability.
c6a8e37dc44aa1cdbdd413eee8a4a70f56d3f461f01852e7f284fc0c4b7999abWhitepaper titled Cybercrime and the Electoral System.
fc2dcd7e071c499f8ddbca1dd9d1ee53828e4e34f0ef7d23ffac7d92a00c8545It appears that the BT Home Hub is susceptible to some critical vulnerabilities.
7a1d22a3d50174df5079afb9fddeb87643baa008c3b4fdb1c002960066a85ff9LiveAlbum version 0.9.0 suffers from a remote file inclusion vulnerability in common.php.
b12c73953607f6967e6727aa5bebca1908e2e6c12b7e17f316e3ed6a4133c7ebxKiosk version 3.0.1i suffers from a remote file inclusion vulnerability in xkurl.php.
c730a769e6aa6577ada32ef88a2a8cac8f405f557f8c88eaaaff6a0170245c91Microsoft Visual Basic FoxPro version 6.0 arbitrary command execution exploit that makes use of FPOLE.OCX.
c0ea521d876f6724d876a0c9da5db0d05cdf7b1f76a041b0ad90aad87ae16b24Secunia Security Advisory - rPath has issued an update for xen. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
b8e74e6667a6c2c90933a8f18cb944b738fc3a2e90b44877f90ebc106a484797HP Security Bulletin - Potential security vulnerabilities have been identified with HP System Management
b4662f90fe505cc23cfc9512d04b2471c895345ca85c6dda5cc611ec63c35275HP Security Bulletin - Potential security vulnerabilities have been identified with HP System Management
85c6d732941b75ce3540fc77989458c55a5aec7d70cbd58a4d86918246d13137
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed