Mandriva Linux Security Advisory 2008-230 - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.4. This update provides the latest Mozilla Firefox 3.x to correct these issues.
cd12dfa15bcb2ac0c25d66d11ff5cdbdabd4a8e11943b79c78f4fd30d75a880cMandriva Linux Security Advisory 2008-227-1 - Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates. It was found that the previously-published patch to correct this issue caused a regression when dealing with self-signed certificates. An updated patch that fixes the security issue and resolves the regression issue has been applied to these packages.
bac14626a031686f97e9d85f053eab14d2203b73251d868c94d7cd0108d40380Debian Security Advisory 1666-1 - Several vulnerabilities have been discovered in the GNOME XML library.
064f38eb88ea26a817466095e1b24a56f4b59230023f2ebed8afe3093a55b66dChilkat Socket Active-X control (ChilkatSocket.DLL) version 2.3.1.1 remote arbitrary file creation exploit.
6b2ae0709e8bcee8a87aed30190264ec6fdc0900b16372bf71e4707ea16842dbJob Site Script Design by i-netsolution suffers from a remote SQL injection vulnerability.
7b92a479c551dacd86bc96eccbd24121f251dc964e147878cea22464346e17c7Jadu Galaxies suffers from a blind SQL injection vulnerability.
0190750d8c448e0a6821c98c4831651c106df26024ce32a31d15a61590c8c5eeCNN.com suffers from cross site scripting and content modification vulnerabilities.
bfcc8419314c5c245c68d63bc8934b0444d1a4f928f37fd95e5471fb4182bb80Simple Customer version 1.2 suffers a SQL injection vulnerability that allows for authentication bypass.
bb4ee43b3d58c182d6b3437f18390d40803fd1411b5cd0a2947ca2d816140de9Opera version 9.62 local heap overflow exploit that makes use of file://.
0c505f5b5815520dedfaa605cd1cc337f180f0f688e436a86e4ab9cd240e5e30phpfan version 3.3.4 suffers from a remote file inclusion vulnerability in init.php.
d2b29cc064f682a5fdf7ebc98bb7e13cf0c50222be635bb6e11a0318181b8a87Downline Goldmine Paidversion suffers from a remote SQL injection vulnerability in tr.php.
34f7172cbbf59f12995cf890163a7dfe8ff96af21ca7945e11b53474c09cf322Ubuntu Security Notice USN-671-1 - It was discovered that MySQL could be made to overwrite existing table files in the data directory. An authenticated user could use the DATA DIRECTORY and INDEX DIRECTORY options to possibly bypass privilege checks. This update alters table creation behavior by disallowing the use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY options. It was discovered that MySQL did not handle empty bit-string literals properly. An attacker could exploit this problem and cause the MySQL server to crash, leading to a denial of service.
00a13f8fad3bfb4215919fbf05ac85cb6b70b3801a97cc6ae3c91370e004410evBulletin version 3.7.3pl1 suffers from a remote SQL injection vulnerability.
281f8824a21ee744c2e9623738b4bfcf0f02c5d55605d6775a421d5c519da677SaturnCMS suffers from a blind SQL injection vulnerability.
ca2111a4547d9a972b31fe8b6b1e8929baee9c092f32125548cbe7cfebb26b74Q-Shop version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
c2a91274a1ca83c31b7cebe41e70c8bb54787a1a665d06c111fd541f5e40f1fcvBulletin version 3.7.4 suffers from multiple remote SQL injection vulnerabilities.
7616ea592696b19126df0c67e92f237a255b4bc6899fc4efcf4894b2314caa88Ultrastats versions 0.3.11 and 0.2.144 suffer from a remote SQL injection vulnerability.
e5fb44103bf0b0c9aa04eb9b41122fa3e6f907b655fc1f012ab0996cb4618efaFREEze Greetings version 1.0 remote password retrieval exploit.
3907092c7c2d070539fcafcb3214703d673428fcd430dd429645982f2ec63868E-topbiz AdManager version 4 suffers from a blind SQL injection vulnerability.
f0aa9700327bc350bc231232c9463fd66add82f340e94cac9699b2a6ba8e0c0eA collection of shellcodes for various platforms such as bsd-x86, linux-x86, sco-x86, and solaris-x86. This project contains a set of assembly components for proof of concept codes on different operating systems and architectures. These components were carefully designed and implemented for maximum reliability, following strict coding standards and requirements, such as system call invocation standards, position independent, register independent and zero free code. A special attention was put on code length when designing and implementing them, resulting in the most reliable and shortest codes for such purpose available today.
d25fcf7756089a75b6e419be8e5587a8b3471d72d2e0112c2cb38b7403c693aeOpenASP versions 3.0 and below suffer from a blind SQL injection vulnerability.
a2a23419298200c81f3ed7a1118d63a73979d5690281b7b57400f426807fe3a3mxCamArchive version 2.2 suffers from a configuration bypass download vulnerability.
d2b79e9b09f56fa47ef3f19db7a8628f8889d0b1a956ce27b4ac6823e7286744
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed