Secunia Research has discovered vulnerabilities in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system. HP OpenView Network Node Manager 7.51 with NNM_01168 is affected.
fa7a9736766557f2c0ed917d85e79169437fe85ee69db841ac493df2a1024843Secunia Research has discovered two vulnerabilities in Adobe PageMaker, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors when processing certain structures in a .PMD file. These can be exploited to cause stack-based and heap-based buffer overflows via e.g. a .PMD file with a specially crafted font structure. Successful exploitation allows execution of arbitrary code. Adobe PageMaker version 7.0.1 is affected.
ca5c436539810787d11d095e28a6c31cc163ff119138bc4d2d425b9c91693b1dSecunia Research has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to disclose certain information. It is possible to download or view arbitrary files by sending a HTTP request to the OpenView5.exe CGI application and passing strings containing directory traversal sequences to the "Action" parameter. HP OpenView Network Node Manager version 7.51 is affected.
89506b7bc5f0f04449d38ee3ec537351b31f34f87178691928c01cbfcd33ae72Secunia Research has discovered some vulnerabilities in Symantec Backup Exec for Windows Servers, which can be exploited by malicious people to cause a DoS (Denial of Service). Affected software includes Symantec Backup Exec for Windows Servers version 11d (11.0 rev 7170).
d1321743e30d06255bc3f4a66e51dcf9f7cc713fe0cd1a7460771ec6c3ab5e80Secunia Research has discovered some vulnerabilities in ACDSee products, which can be exploited by malicious people to compromise a user's system. The flaws reside in PSP image file processing and LHA archive processing. Affected are ACDSee Photo Manager version 9.0 build 108, ACDSee Pro Photo Manager version 8.1 build 99, and ACDSee Photo Editor version 4.0 build 195.
a09fab6771ab4c77c07655ac429fd6ddcbc1ba95ed14be47746813f35ac6b357Secunia Research has discovered a vulnerability in Internet Explorer 7, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of HTML objects as a CMarkup object is used in certain cases after it has been freed. This can be exploited to corrupt memory via a specially crafted web page. Successful exploitation allows execution of arbitrary code.
bd9fbc1b569234a863aa82f6487b629aac76b61d799bbed6b1f29904dafd3d50Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Microsoft Agent (agentsvr.exe) when processing specially crafted URLs passed as arguments to certain methods. Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website with Internet Explorer.
bdde87351842554b64a7f572e06a8bf191f711e8287cec7413c92c3510614663Secunia Research has discovered some vulnerabilities in MailEnable Web Mail Client, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks. MailEnable Professional Edition 2.351 is affected. Other versions may also be affected.
fb4fcc8670e75296e9a154f415cc4bef6be8cace7506203c92a9bec17712698cSecunia Research has discovered a vulnerability in MailEnable Professional Edition version 2.35, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing data sent to the IMAP server. This can be exploited to cause a stack-based buffer overflow by first sending a command in the "Not Authenticated" state (e.g. "login" command) with a specially crafted parameter to make the IMAP service wait for more incoming data and then sending an overly long string (greater than 512 bytes).
50845d9664d4795bef5673fb158d9b6f36ae9ac4b5a0fc08c947afcdd0f0ba55Secunia Research has discovered two vulnerabilities in MailEnable, which can be exploited by malicious users to cause a DoS (Denial of service) or compromise a vulnerable system. MailEnable Professional Edition version 2.32 is affected.
35a02dd382af8339dd40e9bc9902acf6fcc605c86f10a866278e33e52c596382Secunia Research has discovered a vulnerability in Borland products, which can be exploited by malicious people to compromise a vulnerable system. Borland idsql32.dll versions 5.1.0.4 (as used by RevilloC MailServer) and 5.2.0.2 as included with Borland Developer Studio 2006 are affected. Other versions may also be affected. The vulnerability is caused due to a boundary error in idsql32.dll when processing SQL statements using the "DbiQExec()" function. This can be exploited to cause a heap-based buffer overflow via an overly long SQL statement (more than 4000 bytes).
09e6cf310cbb76af6a9fbf44ffae2569a37d8536a0df6dab6db3e695bd0abee8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed