Secunia Security Advisory - Oracle has acknowledged a weakness in Sun Solaris, which can be exploited by malicious, local users to gain knowledge of sensitive information.
b527a8e9e4534cc5ef2c8d915b3b4d9fb3dbf3b0f14d0a63f7e1b88d77833406Secunia Security Advisory - Fedora has issued an update for turba. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
0a49bac260e7bcfb28570c7177640737a3a2eaca6fa4e92b3a90471be5937e96Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can potentially be exploited by malicious people to disclose sensitive information or compromise a user's system.
da06efe862e77be549b4fd698e003bb6af423494f3a23e5356ba276033c58161Secunia Security Advisory - Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service).
fb1f8c0dde5a5eeec24be6d02057b7007ac13d3c6418fcb900048d0ae795462cSecunia Security Advisory - Fedora has issued an update for libvirt. This fixes a weakness and some vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions.
c2a87416e6f6ec6fef3471a5b6d86de5c25bac3faa289d8239394183e92d90a1Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
9debe52cdd1a71b13d62020c7ca41cb28bedcd6fb97bc1aefe887e6b1f8e1190Secunia Security Advisory - Some security issues have been reported in JBoss Enterprise SOA Platform, which can be exploited by malicious users to gain escalated privileges and by malicious people to bypass certain security restrictions.
c44cd7a9f7f9ceee18bdabf837419fd7f8e53b331bd5eb03ac37a800d7159d67Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Lotus Notes, which can be exploited by malicious people to compromise a user's system.
5afffc0f4497d3b6db8163c8b5cf0a69e1331c9924c0f61ba0a1b60265ddd235Secunia Security Advisory - Cisco has acknowledged a vulnerability in multiple Cisco products, which can be exploited by malicious people to manipulate certain data.
b30f5ff3bfa581906660a5a0f49041e2b19f9f37a504a94110c67da58fde51cfSecunia Security Advisory - IBM has acknowledged a vulnerability in AIX, which can be exploited by malicious people to poison the DNS cache.
ca6852945ee44d5f35efe6e7537ceb2f643e95e373eb7e6398fc37baf4ec9c20Secunia Security Advisory - A security issue has been reported in IBM Tivoli Directory Server, which can be exploited by malicious, local users to disclose sensitive information.
d7e9f67b2b42b56cb44a644ed6c7e803fc95096eb1228a071624e7eabd6b3472Secunia Security Advisory - A weakness has been reported in GNOME Display Manager, which can be exploited by malicious, local users to gain knowledge of sensitive information.
2474a31ed9118459f8c7f823085dc304429a8b4947c654153b73d3da2f059ed2Secunia Security Advisory - A vulnerability has been reported in Fujitsu Internet Navigware products, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
83fe18fcb63d84f4b0b54f331212546118c19bf6c961bc48f0c2d99710baa9e2Debian Linux Security Advisory 2076-1 - It was discovered that GnuPG 2 uses a freed pointer when verify a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution.
791f0ef804a3c3e64ed5491c141bbc5664f78fd7be85e7e9b5037de9cc8f5f6aDebian Linux Security Advisory 2075-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.
092cd6fcae7be8a7336bf071b7e24a49ce0e54b973c54ce339cf692b2a748f70Mandriva Linux Security Advisory 2010-141 - The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to cause a denial of service via a Negotiate Protocol request with a certain 0x0003 field value followed by a Session Setup AndX request with a certain 0x8003 field value. The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to trigger an out-of-bounds read, and cause a denial of service (process crash), via a \\xff\\xff security blob length in a Session Setup AndX request. The updated packages provides samba 3.4.8 which is not vulnerable to these issues.
7ee6ee198ea7396983a1a87bc200592fcb2964ad00adfeb360b908b1b52b81e4Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.
263282a55164e1c13bdc2969faf4e31379a529b35efca4398c0ecb9b5e04c31aPunBB versions 1.3.x and below with Pun_PM versions 1.2.6 and below remote blind SQL injection exploit.
9ff6ffcaee243fedfd27fe9acfd20939ae8c73d2b9f5a8a337b7111a91f7b1f7Joomla TTVideo component version 1.0 suffers from a remote SQL injection vulnerability.
75200879a3bd5730366a523077e07e8ed34e61e4529878584f78e8c76dda9e10Microsoft Visual Studio version 6.0 VCMUTL.dll unicode Active-X buffer overflow exploit.
8bc15f5936594babeb3a856d2c1f4be963657b17322ca8a826e481ded8df5dceAdminLoginFnder is a perl script that scans webservers for administrative login / control panel sections.
c6352f572295348d638d3e75f43a032da8cb5d74c8e64a799be012aef074e564This is a simple Facebook bruteforcing script that makes use of the Python Mechanize module and a wordlist.
0ca36c97c9d96b5b5bc5d03574a420ab3e18f9fd869d9167d4517662c938c229Microsoft Internet Explorer versions 6 and 7 suffers from a denial of service vulnerability.
482425864ec290b53bf411b038cec6945fb29282b027f55a2cc19f295e8c9b55Call For Papers for the No cON Name 2010 Congress. This conference will be held in Barcelona, Spain, from October 18th through the 19th.
0315821a267d528d259b07a4d5d4dda217b2daf8dc8bd6774317ad2a3ce38d4eSocial Media version 2.0.0 suffers from a local file inclusion vulnerability.
f9fff05d731f40d512a1f7e45fa71eb675f3ec9200b1ef5c368261c5745bc5b5
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed