Secunia Security Advisory - Ubuntu has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
6cff898370b2c5ddea61437bed514c5023f53c48b2db3ed82ead775d60452ad7Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in ACDSee Photo Editor 2008, which can be exploited by malicious people to compromise a user's system.
f8871c2c5bcf1fc9c115aa6090a169da061439385a2dc00e270e47fd86cb81efSecunia Security Advisory - Parvez Anwar has discovered a vulnerability in ACDSee FotoSlate, which can be exploited by malicious people to compromise a user's system.
4c85f3e25b33b29f15620ce1b857ad85890099469f7e0e164f04bdaaef9c53baSecunia Security Advisory - SUSE has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
a5dcd7b6064cdf502c333c9852c35fd453dd2200da83b060c84f3f112a03fb9bSecunia Security Advisory - Parvez Anwar has discovered a vulnerability in ACDSee Picture Frame Manager, which can be exploited by malicious people to compromise a user's system.
f1b33e11afb4c190ddce05a35cdf7c0ee8b4a81bf3719b945a13181b50cc4d5eFetchmail suffers from a denial of service vulnerability in the STARTTLS protocol phases. Versions 5.9.9 up to and including 6.3.19 are affected.
1489e4cc4ce52c41a58894cd8f7579dfc567612fec359ebe3eb13209676c068fZero Day Initiative Advisory 11-177 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the core-package parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
ac1efaf5779eeb72f56f7491fcc3d526815a0390b13d4749ed832449cf22ee2cZero Day Initiative Advisory 11-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the driver-version parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
d45f7d6368fec8e56ca1c84b3746499b68d60c04754388900ad430e4dcc0ed50Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
9584997febad95cd2d8b0e720d1fa39deb130b51696db56b3b3a2ada95d5f395Red Hat Security Advisory 2011-0850 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed on the Adobe security page APSB11-13, listed in the References section. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 10.3.181.22 Various other issues were also addressed.
e5afb1964db7a7622f8ac4cc1d5b4a77ce81a757e659c5d943363a3aef1d5309Squiz Matrix versions 4.0.6 and 4.2.2 and below suffer from a cross site scripting vulnerability.
435a3d8dfec7c3f21c7056390d4582ce63e6f475f3e84918594da65d8d50299bUbuntu Security Notice 1144-1 - Joe Schaefer discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain baselined WebDAV resource requests. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service. Ivan Zhakov discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests. A remote attacker could use this flaw to cause the service to consume all available resources, leading to a denial of service. Various other issues were also addressed.
dc4f540e7ee2341aac8668b2ed2bf1bf6b9d56d947a475c7968ae45cb6f86b67PopScript suffers from local file inclusion and remote SQL injection vulnerabilities.
489d3d1ade7bb34145e2d5b1c85ce37973700738e2f839b885ebcd37a379dd95iDefense Security Advisory 05.03.11 - Remote exploitation of a memory corruption vulnerability in Tom Sawyer Software's GET Extension Factory could allow an attacker to execute arbitrary code with the privileges of the affected user. The vulnerability exists within the way that Internet Explorer instantiates GET Extension Factory COM objects, which is not intended to be created inside of the browser. The object does not initialize properly, and this leads to a memory corruption vulnerability that an attacker can exploit to execute arbitrary code. iDefense has confirmed Tom Sawyer's Default GET Extension Factory 5.5.2.237, tsgetxu71ex552.dll and tsgetx71ex552.dll to be vulnerable. VMWare VirtualCenter 2.5 Update 6, VirtualCenter 2.5 Update 6a is vulnerable.
89e761d3006064aa0cb7047c51e258a8fb835fa7074ae8fa3a7bc2617ae3788aZero Day Initiative Advisory 11-175 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the file-date-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
b6cb5abb6a7836d36ebdacb59edab2ec56ed12b7a1c4cda0594cd08b3de61de9Zero Day Initiative Advisory 11-174 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-name parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
391d941cb7c01a87b45b4ed3b8241392cada1729c9da357c02e067eb7810fc4fZero Day Initiative Advisory 11-173 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the profile-time parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
dcf111bdf57ff890992aa66a9d218515a80d32d588c6a618e43708c8cc8b43f8Zero Day Initiative Advisory 11-172 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the uri parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
631493c59c0625b36a02bbc87da0aeaa288888ee2c3ef992acee4d4a997a7383
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed