Debian Linux Security Advisory 2135-1 - Joel Voss of Leviathan Security Group discovered two vulnerabilities in xpdf rendering engine, which may lead to the execution of arbitrary code if a malformed PDF file is opened.
08e2892b20cf323e7d84e2a17b2b6793fa3d3356402e188b531beab256a6b2acCitrix Access Gateway Command Injection Enterprise Edition up to 9.2-49.8 and Standard and Advanced Editions prior to 5.0 suffer from a remote command injection vulnerability.
cc70050cfc786f1a1df78cc3270117077f714bea62b7947328a95fd0f7ef906aImpressCMS version 1.2.3 Final suffers from a cross site scripting vulnerability.
3f6769c4f60a6445f3f342cea364c1c0ebc7bff8bfbc5d31a7d383a81dbdd445Hycus CMS version 1.0.3 suffers from a local file inclusion vulnerability.
cc88bafc5432aac7c85feb23b6e65b3f7e75e83db1c316d023f4bf487ad94579Social Share version 2010-06-05 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9309a9ff6f089eea2aec86a542315d5265b1887bceaf13d020baa2d88a833b30Ziggurat CMS suffers from cross site scripting and remote SQL injection vulnerabilities.
6517d39d3e882ea3e91822ee9be8e06d8509a5d99add75cbc8e3b758a4fa9e0aHycus CMS version 1.0.3 suffers from a remote SQL injection vulnerability.
566c93cd86f8bef30612325b1d69636520fc45fbc3145aabad98582d47fdc784HTML-EDIT CMS version 3.1.8 suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.
f45be71abd3490ee29351bd8ec819290611e3665fd0324a9dc76623e772a59d5Habari version 0.6.5 suffers from cross site scripting and path disclosure vulnerabilities.
1b0095d90339378ae79534a78080f0a4f8982c7a2d0034a905a795a2e9b8925bGetSimple CMS version 2.03 suffers from a path disclosure vulnerability.
eb69c73005d7adfa1b79363531a78a7e2a51f9cc3729dd25d1219c3fc3f7c8f7Sybase Afaria version 6.0 suffers from cross site request forgery vulnerabilities.
0fdfab6c5149f5c8a24dc2ddf5111eb22b65af7ff7790df17a9f9cb42a592af4Mitel's AWC (Mitel Audio and Web Conferencing) suffers from an unauthenticated remote command execution vulnerability.
d8ebd53382f1971b52183a49644b0acc8ffacacf752faf70fcaba699b9613c61Ecava IntegraXor versions 3.6.4000.0 and below suffer from a directory traversal vulnerability.
307bd3de5b07f9cc3534f5b020bae6c51c595e3537568512c5d329f78adbb0b9Serendipity version 1.5.4 suffers from a shell upload vulnerability.
172701797dfa579d5437b8c509e3c26dcf87e1b360b382d2cfcd8a2bef3c8f9dThe Joomla XGallery component version 1.0 suffers from a local file inclusion vulnerability.
f22b06f5a2576e84f902c4e09c57cc048906c5d94e6563d4dd55a362ed9d8ca6Apple iPhone Safari decodeURI remote denial of service proof of concept exploit.
bc4130146f2131ce06626c02f3eba4f95821c02964b026ea7262cc3cb813c93aApple iPhone Safari decodeURIComponent remote denial of service proof of concept exploit.
9fe87f9c1607655d89dfbc39b0e9597404289c6c4082f9248276f64a63195b4fThe Joomla Classified component suffers from a remote SQL injection vulnerability.
b5eb8a6951806849b5cf399cc3f9c7c6979e4022ba991b0b6e045b0398e64c34HP Security Bulletin HPSBST02619 SSRT100281 - A potential security vulnerability has been identified with HP StorageWorks Storage Mirroring. This vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
cec4c8820cf4c738a1d43e7bc0b5915f08cf54c7bc3e78182d6fc0a4ca1e7f5fInjader CMS version 2.4.4 suffers from cross site scripting and remote SQL injection vulnerabilities.
0b5afef20d4440465cce5bec5686aa5ef4ddd71b3e98bcd573244fcf9ffae4c2Winamp version 5.581 suffers from an issue where a MIDI file format parsing vulnerability exists in the in_midi plugin and can be exploited with a specially crafted input file. The plugin suffers from an integer wrapping flaw which leads to a heap overflow. If an attacker is able to entice the user to open a malicious file, successful exploitation leads to code being executed in the context of the logged in user.
a8b8f3e3e25c067189ac39da517a2ec77d8b99282a4a9bfc5fe1ba596e26901dApache suffers from an insecure mod_rewrite PCRE resource exhaustion vulnerability.
7d492d273943f22315c2cb19f58a3dea3975e892b72a898b79db1d05e192fe87Secunia Research has discovered two vulnerabilities in Microsoft Office, which can be exploited by malicious people to compromise a user's system. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a data section buffer overflow via a specially crafted image. A boundary error in the FlashPix graphics filter when parsing certain tile data can be exploited to cause a stack-based buffer overflow via a specially crafted image. Successful exploitation of the vulnerabilities allows execution of arbitrary code.
b60f45ab7b6e2a2faa176e81b2106b9d5cd588df7175ba1241a68f372b354aacThis Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a recursive CSS import, a C++ object is deleted and later reused. This leads to arbitrary code execution.
12a12d587013ccc439d5dea27c029bf2ab86f019a399cc8e641060289dc1aa2fSecunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the FlashPix graphics filter when parsing certain property sets. This can be exploited to cause a stack-based buffer overflow via a specially crafted FlashPix image. Successful exploitation allows execution of arbitrary code.
da9db2c31643ad2ece4ad028a02978df527f30435b8d0a989495edb5b862b7cf
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed