sudo versions 1.8.0 through 1.8.3p1 suffer from a format string vulnerability that allows for privilege escalation.
81fb04538af951a21c660e19f143b2d360f83aa70ff21c86befc1fc8af952094OSClass version 2.3.4 suffers from cross site scripting, remote file inclusion and remote SQL injection vulnerabilities.
6961ecec1291ed82c08ed138f70b351bb7b06cabde1aec1d2b62eb96c14593fbPostfixadmin version 2.3. 4 suffers from cross site scripting and remote SQL injection vulnerabilities.
792946daa68d21da19823d935d226aff83199c4a69cc33fe6dfa3dcbd4a11618Snort Report versions 1.3.2 and below suffer from a remote SQL injection vulnerability.
7ac11a9eb9c4af7ae958f9e6572c3363d054e93d2c7c025644e592843827575fThe Joomla Propertylab component suffers from a remote SQL injection vulnerability.
a3daef246c503bc8547f849b2aed3b44984344f9ecdc3e77c4c0bb237510ca66DPI version 1.0 suffers from a cross site scripting vulnerability.
d8cd5e55214550fc0a341eefb3545a7f8deabb3b7d422347a02fbf65f060e75dMibew Messenger version 1.6.4 suffers from multiple cross site scripting vulnerabilities.
70ca4b16e1bd521b1858f4631f536db54e0cb770544aff6b395c926a0f05eef9The Joomla BBS component suffers from a remote SQL injection vulnerability.
6f0b8c419e5e825a1c8825cf7a430c175e04de600ae4369c1e50886fbe48d296Phux Download Manager suffers from a remote blind SQL injection vulnerability.
04856c2e105c35adc10d68427ec4e8e9a4262fc82b5e01eee835f8a9d50f9cadRed Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
5aa584ae8e2538b311608383e29e10b03cfc35f4dda508f886e8a55f83326c25Red Hat Security Advisory 2012-0070-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
03b3e4cae76347af80bc92c207769ad0a2a84889ef025d717522605f2284e476Red Hat Security Advisory 2012-0069-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
f7e42c50959c0fb32cbaa649ddc8262f37b293afa41649f8324f881d14fac350Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.
33155ab7e9a7b17b4c88cdcfe061b9ce02b5b72b86507f4eee3765acdc720f58Gentoo Linux Security Advisory 201201-17 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 16.0.912.77 are affected.
eaa004838721d039091f8548c7c6641f0341f17b63e976316bbc9668c5791b8dThe Joomla Firmy component suffers from a remote SQL injection vulnerability.
2c0f2c4d9d41df496067e05cfd85ac66ab857fdc7140e5684666b37bd49c645bTracker Software pdfSaver ActiveX control (pdfxctrl.dll) version 3.60.0128 suffers from stack buffer overflow vulnerability.
1f74a1a4ce723616f317b2c385cfb28c0333209fe68e3f334202488fee4929f5Gforge.org suffers from multiple cross site scripting vulnerabilities.
279b2c178e7b00319918db7557e39bdfd4d565690af7fe6af6e58a1d007d5819HP Security Bulletin HPSBUX02724 SSRT100650 3 - A potential security vulnerability has been identified with HP-UX running SAM. This vulnerability could be locally exploited to create an increase in privilege. Revision 3 of this advisory.
5777efa4796c8cc839fc68219e072197a8bbf19ac8b947c09bddc34c1d8d7f0aHP Security Bulletin HPSBUX02697 SSRT100591 2 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. Revision 2 of this advisory.
de66b3926d31636b6f15745b63854f4b379835d2bfec3205e6172854398823134Images version 1.7.6 suffers from a cross site request forgery vulnerability.
0e8c3124fa4870d03bc83a4c8cc303d480430e0bc48c0c72e6ff897aa2634d37VMware Security Advisory 2012-0001 - VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.
e35a8f609b986bb8b2fc490b895224847eba088cf1f87974f9bc5820e0c3c589Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system.
7836e9780a7d6743119d29fe5fe1e565dc52a9fcf68665b4caa4637656092824Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system.
29beac5953b698d745bb01103c874092886d220acd5c8cbc3f833e81273cb725Secunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.
0fcd50f64699587ecbea6b580ae7675a38fec1cf457ebf05b22ea36c0f0a6e13Secunia Security Advisory - A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.
dfb17ecb6f275da69b81b80de74b13ae64fbf1632d84d9b14984910561c4ab51
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed