Secunia Security Advisory - rPath has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
8671cdfba5a1d649a9245090c2fd2a6c2c9ffc2c65d09094ed268ee04fb00744Secunia Security Advisory - Some vulnerabilities have been reported in libXfont, which can be exploited by malicious, local users to gain escalated privileges.
2ce0d436ab1cfc0105249143db57a5088260f5c1bc175cd0e337a24320be8411Secunia Security Advisory - A security issue has been reported in AlphaMail, which can be exploited by malicious, local users to disclose certain sensitive information.
1b749dbde3c661a6e2bfff57f6616186838d41a365693773f39eed844b1c6dabSecunia Security Advisory - Ubuntu has issued an update for mailman. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and phishing attacks, and cause a DoS (Denial of Service).
8302385a700fa7cd9e434645dfd16f69cd3a7ba34a8d5affebe28d8cb28ca120Secunia Security Advisory - Some vulnerabilities have been discovered in webSPELL, which can be exploited to by malicious people to disclose certain sensitive information and conduct SQL injection attacks.
0184b355645a9be994055913c6bf2ba9f0e17d9f983599bbb57060e89e872837Secunia Security Advisory - CeNGiZ-HaN has reported a vulnerability in Vitrax Premodded, which can be exploited by malicious people to compromise a vulnerable system.
ed3aec8673ea554898a472fee515fa5214c3edc59b6efcbedd0f53147e900e96Secunia Security Advisory - Red Hat has issued an update for xorg-x11. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
f19ae906e38bbd2f9fe2b5ca2dbe5f58679a518769094b6bf520c4b45fe14517Secunia Security Advisory - Some vulnerabilities have been reported in XFree86, which can be exploited by malicious, local users to gain escalated privileges.
ca8d54b47f3d4d608b31a079a0c0dea8a487dcd372f7b9e3658f4088fd7ad028Secunia Security Advisory - SHiKaA has reported a vulnerability in p4CMS, which can be exploited by malicious people to compromise a vulnerable system.
176590fd4f4898ec486733f1662e911b026a7086d41f76d184a4f3fbc3bf295dSecunia Security Advisory - Multiple vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
ea1c441d4143aa10a8cea4ef9c5ea8db4ed4e985ac12634c0cbfa3738e7f0095Secunia Security Advisory - Ubuntu has issued updates for libxfont / xorg. These fix some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
7f2e835549c166cecde4ef5df890284301ef79d5380eea7c88b9107e5f5f03d7Secunia Security Advisory - NR Nandini has reported some vulnerabilities in PHP Event Calendar, which can be exploited by certain malicious users to conduct script insertion attacks.
49cc03799891d895030c211e1d36fc7f79ba60b287b3cbad104150ded23e7eaeSecunia Security Advisory - Some vulnerabilities have been reported in Moodle, which can be exploited by malicious people to disclose potentially sensitive information, and conduct cross-site scripting and SQL injection attacks.
05623b076a2c5b9c6bf0bb83c1f37343544d881409efefeaf49071806d6b779bSecunia Security Advisory - Red Hat has issued an update for XFree86. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
3786f4ef9e7a609a986182ce4dd791fb36e71d1592b09209a253f5087cc00153Secunia Security Advisory - Two vulnerabilities have been reported in ColdFusion, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).
bce0081e83f22a96f8cc04689f3c5ee21f7726c4b3f158cfb45dcf08e99aa8ceThis program exploits a design flaw in the Nokia mobile phones to remove the Phone Lock protection. The program was tested on the Nokia 6630 and the Nokia 6680. The program should work on any other Symbian based mobile phones (including Sony Ericsson and all modern Nokia phones amongst others). This tool does not remove the sim-lock.
c72774c2baaee67ee772961f2d4a822b6f50ba01987a154ae6eb67d5df242574eEye Digital Security has discovered a second heap overflow vulnerability in the MS06-042 cumulative Internet Explorer update that would allow an attacker to execute arbitrary code on the system of a victim who attempts to access a malicious URL. Windows 2000, Windows XP SP1, and Windows 2003 SP0 systems running Internet Explorer 5 SP4 or Internet Explorer 6 SP1, with the MS06-042 patch applied, are vulnerable; unpatched and more recent versions of Internet Explorer are not affected.
69775c157322e3ccfd4e271a49bc2f9a19813713532ec62e509a70315569839cSecunia Security Advisory - A vulnerability has been reported in ColdFusion, which can be exploited by malicious people to conduct cross-site scripting attacks.
a0e23465f6fc1c537a88d0b2f7411f18cb1a3d0dd7fac869842a57d22ff2daf2iDefense Security Advisory 09.12.06 - Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability specifically exists in the 'CIDAFM()' function of the code responsible for handling AFM (Adobe Font Metrics) files. The number of character metrics is obtained from the "StartCharMetrics" line of an AFM file and that value is then multiplied by the size of a single character metric record in order to calculate the space required to store the metrics. If the result of the multiplication is larger than the largest value that can be held in an integer, the amount actually allocated will be much smaller. Following this, the function attempts to read as many metric records as were specified on the line into that memory. As the contents of the file can be specified by a local user, and as the function will stop reading if an error is detected in the input, a controlled heap overflow may occur which may allow the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in the X.org server version 6.8.2. Analysis of the source code for the current versions of the X.org and XFree86 servers indicates that current versions of both are vulnerable. Previous versions may also be affected.
ccf0dcb5b2cc8f9cd3b72c293e18629f9e83a0828d271c1333b0a60f54d0c4f7iDefense Security Advisory 09.12.06 - Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability specifically exists in the handling of 'CMap' and 'CIDFont' font data. When parsing this information no checks are made that the count of items for the 'begincodespacerange', 'cidrange' and 'notdefrange' sections. In addition to a 'standard' integer overflow, the implementation of 'vm_alloc()' makes it possible to overwrite memory before the allocated region. iDefense has confirmed the existence of this vulnerability in the X.org server version 6.8.2. Analysis of the source code for the current versions of the X.org and XFree86 servers indicates that current versions of both are vulnerable. Previous versions may also be affected.
4d74767cdac26a116625a421d22fcff82253e08020f34d4b5b6bb44d5101c947iDefense Security Advisory 09.12.06 - Remote exploitation of a heap-based buffer overflow in Apple Computer's QuickTime Player could allow attackers to execute code under the privileges of the affected application. A FLIC file is an animation file consisting of a number of frames, each of which is made up of an image and may contain other information such as a palette or a label. The vulnerability specifically exists in the handling of the COLOR_64 chunk in FLIC format files. QuickTime does not validate that the data size allocated to store the palette is large enough, allowing a malformed file to cause controllable heap corruption. iDefense Labs confirmed that version 7.1 of the QuickTime player is vulnerable. It is suspected that all previous versions are also affected.
8bcabb0d8beb068b97d485b6166612603ed049aad375daf5647a8eed72680052Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
e58a2413da429eb2000ad56b2ae2e991399c730ac3aaa6967f6b7bdb7a8f48ecSecunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and potentially compromise a vulnerable system.
8efde8b7c11c74e2c1584912b1b642eab122e221e2ab0e31f9c1eefbe55c5c9eApple QuickTime versions 7.1.3 and below suffers from a flaw where a carefully crafted H.264 movie can trigger an integer overflow allowing for arbitrary code execution.
6c090024f18a7c46674718dc456d8725aec97dea0295516493942ab00ae11cefThe Apple QuickTime Player H.264 Codec suffers from a remote integer overflow.
5ea34f1a02017755ab163173409e709d33150801387d77325edd97397697b054
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed