Secunia Security Advisory - A vulnerability has been reported in YABSoft Mega File Hosting Script, which can be exploited by malicious people to compromise a vulnerable system.
e0ab112fb953dc8e4b8d22544b77f3f57ed7849673b7721deeb35aa8df5327b7iDefense Security Advisory 03.17.09 - Remote exploitation of a stack-based buffer overflow in Autonomy Inc's KeyView SDK allows attackers to execute arbitrary code with the privileges of the current user. This vulnerability exists within the "wp6sr.dll" which implements the processing of Word Perfect Documents. When processing certain records, data is copied from the file into a fixed-size stack buffer without ensuring that enough space is available. By overflowing the buffer, an attacker can overwrite control flow structures stored on the stack. iDefense confirmed that this vulnerability exists within Lotus Notes 8 installed on a Windows XP SP3 machine. All applications which utilize the Autonomy KeyView SDK to process Word Perfect Documents are suspected to be vulnerable.
b937ed5f21b2e4393b8c522f7c8752591ab0f7291ae5ffefd1340932bb43c9c1Gentoo Linux Security Advisory GLSA 200903-31 - A vulnerability in libcdaudio might allow for the remote execution of arbitrary code. A heap-based buffer overflow has been reported in the cddb_read_disc_data() function in cddb.c when processing overly long CDDB data. Versions less than 0.99.12-r1 are affected.
a3a8c31aeb59cd4c415c9380463abc1d37339199f86674332465a060c8b51555FubarForums versions 1.6 and below suffer from a critical file disclosure vulnerability.
1ca8ea032d5342e71fb58f2640ef03059e3b8a75dd3f53e6188e3d080d63a5b2FireAnt versions 1.3 and below suffer from a critical file disclosure vulnerability.
e36803ad299e50093e36b4c4b8f1765e50f0c1d759e12ed87c496a61002cf2e1chaozzDB versions 1.2 and below suffer from a critical file disclosure vulnerability.
27f1f1f5b6da1e75ba3889e5330340981c20989251cd48c7fa08a70bbd2159a0The Wordpress fMoblog plugin version 2.1 suffers from a remote SQL injection vulnerability.
222989819229eac2238d467aef6ceb288bddab7793a1b17d882210878ba094a6The Mega File Hosting Script version 1.2 suffers from local and remote file inclusion vulnerabilities in cross.php.
92eb2aeaf6c1c925324cea83963af697357f08f2890e69ebb192e5a570a08cd6Ubuntu Security Notice USN-740-1 - The MD5 algorithm is known not to be collision resistant. This update blacklists the proof of concept rogue certificate authority as discussed in http://www.win.tue.nl/hashclash/rogue-ca/.
eb367d093282e2aea29c25b42f290e84f8b6811f89c1340744adea36f034a6b3Ubuntu Security Notice USN-739-1 - It was discovered that Amarok did not correctly handle certain malformed tags in Audible Audio (.aa) files. If a user were tricked into opening a crafted Audible Audio file, an attacker could execute arbitrary code with the privileges of the user invoking the program.
136b88006950f873fe8ef3669adbc936dbf4292ef36abd6a0343af73f774ec23The Cpanel file manager in version 11.24.4-CURRENT suffers from multiple cross site scripting vulnerabilities.
3cb9b9e490ecf0caa4e07b03f6a0c8a3b9f005a459d46096dd04acb34cadc31dThe HP LaserJet web management interface suffers from cross site request forgery and insecure default configuration vulnerabilities.
57f014c142d2ed6d34415ced0e89ebbe42259af4291756e1337c57f0ff359dc5GDL version 4.x suffers from a remote SQL injection vulnerability.
c9ee69a33d17f6fba5b12ec8fecf9f4ab3887f8da011359be6a781607b67c99b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed