AeroMail version 2.80 suffers from cross site request forgery and cross site scripting vulnerabilities.
7d8348ae426db7749bce33b433bb0507a0f5501f057b7a688857e2ebaf601f48
Zero Day Initiative Advisory 11-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a Matrix structure within a particular opcode embedded within a .pict file. When using this Matrix structure to transform image data, the application will miscalculate an index to represent a row of an object. This will cause the application to write outside the bounds of the array of objects which can lead to code execution under the context of the application.
93fa8a497789de659332c2262fd9a29a4c4a50320b59ebd628b329dde7d74b9c
Ubuntu Security Notice 1149-2 - USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem.
b0030ac11bbbf369d43ec84e244c221f725cfc7e87e72a43fe5febc8c991e4f7
Zero Day Initiative Advisory 11-230 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles Apple Lossless Audio Codec streams. While parsing the sample description for the 'alac' codec an integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When Quicktime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.
d8034660e6963425225158849ca792e846c8746451dad4749976d745f85b8dd1
Zero Day Initiative Advisory 11-229 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specially formatted RIFF WAV file. When parsing a fmt chunk within the file, the application will use a 32-bit field to calculate the size of a buffer to allocate. Before the allocation, the application will add 0x14 bytes to the result. Due to restrictions imposed on the implementation of this component by the language and it's platform, an integer overflow can be made to occur. This can lead to code execution under the context of the application.
cc0afeb7e583655aea518f9cb5b7f91713d652a00274049f8893af656f0739f7
Debian Linux Security Advisory 2266-1 - Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code.
40ee0fdcf0a402b4e148929bf52520da5205fe15c50c8dae5bbc534b47bdd4b6
SmallFTPd versions 1.0.3-fix and below suffer from a denial of service vulnerability.
357d42dc0e210b67dc4190a596afff45fb42d94b2bb60535a42f73a07134267c
Zero Day Initiative Advisory 11-228 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on Windows and multiple applications on OSX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ColorSync component which is used when handling image files containing embedded ICC data. When handling the ncl2 tag the process miscalculates an integer value used in a memory allocation. This buffer is later used as a destination when copying user controlled data. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running the application.
28f0c86a7153f8ab01da15469d3e82484598e321f5062bb00f5e5d3205b4d7be
Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system.
4ffb77f3ab1f840fe32aa20e5965a64c20f6f4c30f495c2f6e02f642a6f1f57c
Secunia Security Advisory - Debian has issued an update for php5. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.
3a3fbac5cc5c6f1c77c0b45ef33359815c9bc9af5acc80a0a61d4d6faf84a236
Secunia Security Advisory - Fedora has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
76da70b29460b6fb2d0831a5a018a86b72d5cab378e315123716e520add40816
Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.
9c5f28fe3cae6804eadc073868c6d8fc7a2c8a11627c6c67822ddac717840b1b
Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal and IBM Lotus Web Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks.
b52f9d1a2e59ace269deba03497414c879f53101c95bcde21f8adb3f84f5dc0f
Secunia Security Advisory - Two vulnerabilities have been reported in the Newsletter Subscriber plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks.
c97e1bd25d46b947d35c107fa85db174ef8681199926bdba3bd89a2062001070
Secunia Security Advisory - Brendan Coles has reported multiple vulnerabilities in Cachelogic Expired Domains Script, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks.
a23bfac6f3797b4e4338f6ce2f2d1e8c66ad5bd18474e34e0ac9fbdc314489f7
Secunia Security Advisory - A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service).
6dd9a4f3eb3e77cbc2cf5659708e961f44c3e806ffb32965adfc2b5ee361f781
Secunia Security Advisory - A vulnerability has been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions.
50b145d41657209f1fcec76c05f4ecb9aa936d9955d93e5ad358bc25cd0b80ac
Secunia Security Advisory - A weakness has been reported in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data.
061ba9949fc239bdaea16db8adad892642f594152a4a9bf5e23b521d819c7687
Secunia Security Advisory - A vulnerability has been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions.
9120129f383fd98854bdde2ba8d98aa706eb801e192e9ad8c21275c4c93bbe99
Apple Security Advisory 2011-06-28-1 - Multiple vulnerabilities exist in Java 1.6.0_24, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_26.
0cbd37e1f00e4df6e9895014ed523a4c02dbce839c04d6b2f4228337951bdb22
Secunia Security Advisory - Secunia Research has discovered a vulnerability in RSLinx, which can be exploited by malicious people to compromise a user's system.
bafa3952dd8e9a61adf5307770f48954a672e98135f1a439f3d2956dfd5fc3ef
Secunia Security Advisory - A vulnerability has been reported in ALZip, which can be exploited by malicious people to compromise a user's system.
f4207c736a8d589bb181e39b28fdb7ce5dea6f32597bfe611ae06c716d0043c2
Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in FlatPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
efd72253451bcc3bb14e7955a767a5e570431820b166b5464b0ddd02044af3dc
Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.
0223fda1f2756c3d94f45c48a429784ba56d2c0d4ab10b1e56750cbbdac21234
Secunia Security Advisory - SUSE has issued an update for Xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).
8d787f015b2a383cb803266388429460bfc86baf3b04315e7b705d424a977db5