Secunia Security Advisory - Fedora has issued an update for blam. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
d3beef3dc5fb16af43760a1add01266a9ff1e880919906c4c1ee2bbdbfd3fc16
TikiWiki versions 1.9.8.1 and below suffer from cross site scripting and local file inclusion vulnerabilities.
68726f8d13e39d891bbfd7200d0bf47bc2dafef0620f7b3b69d127005a1a3b33
shttp versions 0.0.4 and below suffer from a directory traversal vulnerability.
96dcb3185fdd805ccc84a3053fe448614dd1377269b4cbb46a38fe1835580bb2
iDefense Security Advisory 10.25.07 - Local exploitation of a buffer overflow vulnerability within Tmxpflt.sys, as included with Trend Micro Inc.'s AntiVirus engine, could allow an attacker to execute arbitrary code in kernel context. iDefense Labs has confirmed the existence of this vulnerability in following Trend Micro Products: Trend Micro's PC-Cillin Internet Security 2007, Tmxpflt.sys version 8.320.1004 and 8.500.0.1002. All products using Trend Micro's scan engine such as Trend Micro ServerProtect, Trend Micro OfficeScan are also suspected to be vulnerable.
b314be90bd52c861475b0bc304415f6bb6eefe9113b790ec7a615f586d84fc43
i-Gallery version 3.4 suffers from a direct database download vulnerability.
9f1e4859ed61dc7769548528789c55e3249f326bf19913d77a2c6ea8dffac8ca
The helpdesk utility called usd250 suffers from a cross site scripting vulnerability.
68208b8694df5e6a681f5078da14221c75ded411ff2a9c44084035c3577c90c5
Secunia Security Advisory - Fedora has issued an update for epiphany-extensions. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
6a88c1659be6ab6610825ca1d009e8a4a536c1defdbaeea2766f28fd638b7ba4
Secunia Security Advisory - A vulnerability has been reported in HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM), which can be exploited by malicious people to disclose potentially sensitive information.
410f3555675831091012476e6488932b8b919bbf048056bad16b298905466321
Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
b548449f5350373e73e84b13c632e114818a933a220e4ef993f9ec6ff9ae151c
Secunia Security Advisory - rPath has issued an update for php, php-mysql and php-pgsql. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
930338ddee1b8873509e8126305a88a7a10f6eb1f1e459091ab18579ca0a082a
Secunia Security Advisory - Aria-Security Team have reported some vulnerabilities in CodeWidgets.com Online Event Registration Template, which can be exploited by malicious people to conduct SQL injection attacks.
2decc31480700d4b5a29998937a2d34fa12c004e4a26f2fe2177554bc241f1c1
Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
83afc8ed5ef376653f86a0e2ee0defd06826a3f6d42ea4c540af4e0ffafe6b4a
Gentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.
eab1acd588148e6adf677900e62f05bdaf7074c1aa70850b6845ac89dbdd0b41
Gentoo Linux Security Advisory GLSA 200710-26 - Kees Cook from the Ubuntu Security team discovered that the hpssd daemon does not correctly validate user supplied data before passing it to a popen3() call. Versions less than 2.7.9-r1 are affected.
012b7d4d52e8e4e09de2bdfd2094c95d865d951d644213ac90d25fd0f76d71b8
Gentoo Linux Security Advisory GLSA 200710-25 - The Gentoo MLDonkey ebuild adds a user to the system named p2p so that the MLDonkey service can run under a user with low privileges. This user is created with a valid login shell and no password. Versions less than 2.9.0-r3 are affected.
a9cc2c13b2f25aae4cc6e67d85ce50710789974a348bb9ba2658c94d72f28faf
Debian Security Advisory 1389-2 - It was discovered that zoph, a web based photo management system, performs insufficient input sanitizing, which allows SQL injection. This is an updated advisory to make the update for oldstable (sarge) available, which had been uploaded to the wrong suite.
f8ca2fb7175e3642e21336e27e8c6c2a603a8d477089fb70cb2b30e87dddd8eb
Technical Cyber Security Alert TA07-297B - Adobe has released updates for the Adobe Reader and Adobe Acrobat product families. The update addresses a URI handling vulnerability in Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
cc3fbb5692b6ba90a94d59bd1b329f210cbcbfa34f116d9a4982522bd7c7cbe7
Technical Cyber Security Alert TA07-297A - RealNetworks RealPlayer client for Microsoft Windows contains a stack buffer overflow in the playlist parameter passed to the client by an ActiveX control. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code using a specially crafted web page or HTML email message.
59aff07fbc7cb248a79460c34338a09f4c05f561284997fab82a6468a04eb42b
iDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability within IBM Corp.'s Lotus Domino allows attackers to execute arbitrary code in the context of the IMAP service. iDefense has confirmed the existence of this vulnerability within version 7.0.2.2 of Lotus Domino running on Linux as well as Windows Server 2003. Previous versions, as well as builds for other platforms, are suspected to be vulnerable.
0304708cfc410b15aed0f23fd4996567832c37b86e490498dffe944a48c6632b
iDefense Security Advisory 10.23.07 - Remote exploitation of a buffer overflow vulnerability in IBM Corp.'s Lotus Notes mail user agent could allow attackers to execute arbitrary code in the context of the current user. iDefense confirmed the existence of this vulnerability in version 7.0.2 of IBM Corp.'s Lotus Notes. Additionally, versions 6.5.1, 6.5.3 and 7.0.1 were reported to be vulnerable. Other versions are suspected to be vulnerable.
767bfa82660c5dc3967cefdd0c2303cc5f98f866a5e4da72f0ffc96d87cc593a
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM) running httpd.tkd. The vulnerability could be exploited to allow remote unauthorized access to data.
61fbeffc4e9eabfcc5445b208a1bd69ee3ba35f93ef9f74c01f52c729344cd0a
CREApark Gold Key Portali suffers from a cross site scripting vulnerability.
81768f9c239124a3e7f918a10406ca909e8efc66733de3e90a2b2e46947591ac
The RSA KEON Registration Authority Web Interface suffers from multiple cross site scripting vulnerabilities. Version 1.0 is susceptible.
26c310be669771da1384f9cf1a2df0bcb062948b01a68a3476d898341ac35511
BosMarket and BosNews version 4 suffer from cross site scripting vulnerabilities.
dc4dc3f8a5baebbe1657bdcf31407c21d49b21ef89c35fc070879e3dcd92147e
The OpenSUSE Workflow Administration and Management Platform is vulnerable to cross site scripting attacks.
e35626f6c975599cf00e1370b81fa300425b54d2d5184fc6d6e2a02776ca97c8