Red Hat Security Advisory 2011-1385-01 - The kdelibs and kdelibs3 packages provide libraries for the K Desktop Environment. An input sanitization flaw was found in the KSSL API. An attacker could supply a specially-crafted SSL certificate to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted for this update to take effect.
93d3a041d26b448ebf9aa48719ed1b488137fda9ab4c9f89b9db8e97b49be46dRed Hat Security Advisory 2011-1384-01 - The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch page, listed in the References section.
92b8ac740cef2bf537691b79ae8a4d05a1eddc3ab51cce80b523407ef3b45b1aInnovate Portal suffers from a cross site scripting vulnerability.
c22074c325aeb15c37ca4f5817b771e46b72c691ba9e1f8b7e6fa94deaaf3133Ubuntu Security Notice 1192-3 - USN-1192-1 provided Firefox 6 as a security upgrade. Unfortunately, this caused a regression in libvoikko which caused Firefox to crash while spell checking words with hyphens. This update corrects the issue.
2fb0addc79aa8d35d352958fe324b9c2ee51ef880c65f0404080c128b0d2c989Ubuntu Security Notice 1232-2 - USN-1232-1 fixed vulnerabilities in the X.Org X server. A regression was found on Ubuntu 10.04 LTS that affected GLX support. This update temporarily disables the fix for CVE-2010-4818 that introduced the regression.
5502fbdbb0fed96f08a70ba5f6600455a027ada81be5373f73f0064996e51f42Free Way osCommerce suffers from backup related, file disclosure, and shell upload vulnerabilities.
deb392a1a7903348d0167f0991e8ddecec1f405715d0e637549f413ad5ea4b4aSplunk suffers from cross site scripting and denial of service vulnerabilities.
ddfc14ed113370c19fa721dd478402ae1860dca25d896e9d9263eea9a41993eeCisco Security Advisory - CiscoWorks Common Services for Microsoft Windows contains a vulnerability that could allow an authenticated, remote attacker to execute arbitrary commands on the affected system with the privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.
ccc9e012bcd8f6b0bed315b0dc87401e74a02c8bd62a27a8fa6e99c2c3793094Cisco Security Advisory - The Cisco Show and Share webcasting and video sharing application contains two vulnerabilities. The first vulnerability allows an unauthenticated user to access several administrative web pages. The second vulnerability permits an authenticated user to execute arbitrary code on the device under the privileges of the web server user account. Cisco has released free software updates that address these vulnerabilities. There are no workarounds available for these vulnerabilities.
7a113c31041d3d58ec473ebb51b8d36780a4cb34684a43b54312d1855a2a387fWHMCompleteSolution suffers from a local file disclosure vulnerability in cart.php.
bfd292d45169e284bde0b8ece7b60d1bb5440aa1f6200db240005f7bda953b72Openemr version 4.1.0 suffers from a remote SQL injection vulnerability.
da54a40ca9e2c46e698a4cb7a9c5ca2be8bb855d4386688f8350dbfcd224cf93Yet Another CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
969a390927b6bb601dd3dcd96acdfeb55431ddbc9cfb876784386309b6077aca1024 CMS version 1.1.0 Beta suffers from a local file inclusion vulnerability in force_download.php.
c5ee1836f34737277d9dda98295f796a10de494c307edcbf334527f5915761b2Simple Free PHP Forum Script versions 1 and below suffer from multiple remote SQL injection vulnerabilities.
cfc43fc9e4e6d7837cfb56eea10a2a41183c5a9c1c7b0a374599091486bc34fdSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious users and malicious people to manipulate certain data.
b394f93a52ac154b40da3af3f055f1364a7746d194e00a2ea3ad727931ee0c74Secunia Security Advisory - A vulnerability has been reported in Oracle WebLogic Portal, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).
054c6e3a32b8a5c35d574f230822ac41c3ea7afd17065fcad100d101ca70da16Secunia Security Advisory - A vulnerability has been reported in Oracle Business Intelligence, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
51aefa38a7390e057250f08aa1e1ebeced6de7ed2909b26837fde5f769018397Secunia Security Advisory - Oracle has acknowledged two vulnerabilities in Oracle Communications Unified, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to manipulate certain data.
e7f15cd87c83a94170c355895f57554157935f5f847f9016b99b0f05ee7938d1Secunia Security Advisory - Oracle has acknowledged a vulnerability in Sun Integrated Lights Out Manager, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information.
50a89e6e5cf5c8e30ae5eb9623aa8e93f01d6e6225453b2e4682dfc75a38e8ebSecunia Security Advisory - Red Hat has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
d481c1a41662bae708519f49fa9cc6b97846666859674625d74fa154cc62703cSecunia Security Advisory - Oracle has acknowledged a vulnerability in Glassfish Communications Server and Glassfish Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
7bbd40224a8a2e999458b6875b9f5dc208194d7f3ecb375c8ab750ab2f162dfbFile Management System versions 1.2.1a and below suffer from a remote SQL injection vulnerability that allows for arbitrary file download.
7c4cb1797a2b650b8cff85ee6118f70d40a098c823336136403197ed33f928bcSecunia Security Advisory - Oracle has acknowledged a vulnerability in Sun Java System Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
4895536b68ff564e1b7828d23216dacc0bec548624264df87480485aed87d2c3Secunia Security Advisory - Yuri Goltsev has discovered a vulnerability in Dolphin, which can be exploited by malicious people to conduct SQL injection attacks.
1aea40946cbef3971520a1e73ba1f9725a73d94b70604d2f0acd7da0d858cd2bSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service), by malicious users to cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system.
9ccf55cd985ad06ad25da518b96a282a9fb8212f3f9505b4e6cc779f3a84cfc6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed