Software and Script Bug Exploits
Main
Software Alerts
Software and Script Bug ExploitsSoftware Vulnerability
Random Feeds
Archives
| Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 | Feb 2008 | Jan 2008 | Dec 2007 | Nov 2007 |Sat, 29 Dec 07
RunCms Multiple Vulnerabilities
http://secunia.com/advisories/28204/
Some vulnerabilities have been reported in RunCms, two of which have unknown impact and others, which can be exploited by malicious users to conduct script insertion attacks and to compromise a vulnerable system, and by malicious people to conduct cross-site scripting attacks and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
ZeusCMS SQL Injection and Information Disclosure
http://secunia.com/advisories/28194/
EgiX has discovered two vulnerabilities in ZeusCMS, which can be exploited by malicious people to disclose sensitive information or to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
Joovili "picture" Local File Inclusion Vulnerability
http://secunia.com/advisories/28231/
EcHoLL has reported a vulnerability in Joovili, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
Netembryo "Url_init()" Denial of Service Vulnerability
http://secunia.com/advisories/28253/
Luigi Auriemma has reported a vulnerability in Netembryo, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
FAQMasterFlexPlus Cross-Site Scripting and SQL Injection
http://secunia.com/advisories/28248/
Juan Galiana has reported some vulnerabilities in FAQMasterFlexPlus, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
Feng Multiple Vulnerabilities
http://secunia.com/advisories/28229/
Luigi Auriemma has reported some vulnerabilities in Feng, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
MySpace Content Zone "uploadgames.php" File Upload Vulnerability
http://secunia.com/advisories/28159/
Don & breaker_unit have reported a vulnerability in MySpace Content Zone, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
Extended Module Player Multiple Buffer Overflow Vulnerabilities
http://secunia.com/advisories/28223/
Luigi Auriemma has discovered some vulnerabilities in Extended Module Player, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 29 Dec 07
March Networks 3204 DVR Logfile Information Disclosure
http://secunia.com/advisories/28211/
Alex Hernandez has reported a security issue in March Networks 3204 DVR, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
Mantis "Upload File" Script Insertion Vulnerability
http://secunia.com/advisories/28185/
seiji has discovered a vulnerability in Mantis, which can be exploited by malicious users to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
XZero Community Classifieds "subcatid" SQL Injection
http://secunia.com/advisories/28250/
Kw3rLn has reported a vulnerability in XZero Community Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
Mambo Multiple Vulnerabilities
http://secunia.com/advisories/28251/
Some vulnerabilities have been reported in Mambo, one with an unknown impact and others, which can be exploited by malicious people to conduct cross-site scripting attacks or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
IPortalX Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28252/
Doz has reported some vulnerabilities in IPortalX, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
Debian update for cupsys
http://secunia.com/advisories/28200/
Debian has issued an update for cupsys. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges, and by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 28 Dec 07
Bitflu StorageFarabDb Security Bypass Vulnerability
http://secunia.com/advisories/28238/
A vulnerability has been reported in Bitflu, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Shadowed Portal File Inclusion and PHP Code Execution
http://secunia.com/advisories/28240/
The:Paradox has discovered two vulnerabilities in Shadowed Portal, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
PMOS Help Desk PHP Code Execution and Security Bypass
http://secunia.com/advisories/28201/
EgiX has discovered a vulnerability in PMOS Help Desk, which can be exploited by malicious people to bypass certain security restrictions and to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Total Player M3U Playlist Parsing Buffer Overflow
http://secunia.com/advisories/28236/
David G.M. has discovered a vulnerability in Total Player, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Mercury LoadRunner XUpload ActiveX Control Buffer Overflow
http://secunia.com/advisories/28218/
A vulnerability has been discovered in HP Mercury LoadRunner, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
MailMachinePRO "id" SQL Injection Vulnerability
http://secunia.com/advisories/28232/
MhZ91 has reported a vulnerability in MailMachinePRO, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Groove Virtual Office XUpload ActiveX Control Buffer Overflow
http://secunia.com/advisories/28205/
A vulnerability has been discovered in Groove Virtual Office, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Novell Identity Manager asampsp Denial of Service
http://secunia.com/advisories/28237/
A vulnerability has been reported in Novell Identity Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
GreaseKit / Creammonkey GM API Vulnerability
http://secunia.com/advisories/28241/
A vulnerability was reported in GreaseKit / Creammonkey, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Persits Software XUpload "AddFolder()" Method Buffer Overflow
http://secunia.com/advisories/28145/
Elazar Broad has discovered a vulnerability in Persits Software XUpload, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Fedora update for gallery2
http://secunia.com/advisories/28246/
Fedora has issued an update for gallery2. This fixes some vulnerabilities and a weakness, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Gallery Multiple Vulnerabilities
http://secunia.com/advisories/28163/
Some vulnerabilities and a weakness have been reported in Gallery, where some have unspecified impacts and others can be exploited by malicious users or malicious people to disclose sensitive information, conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Web Sihirbazi "default.asp" SQL Injection
http://secunia.com/advisories/28206/
bypas has reported two vulnerabilities in Web Sihirbazi, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
Limbo "com_option" Cross-Site Scripting
http://secunia.com/advisories/28190/
Omer Singer has discovered a vulnerability in Limbo, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 27 Dec 07
NmnNewsletter "output" File Inclusion Vulnerability
http://secunia.com/advisories/28245/
CraCkEr has discovered a vulnerability in NmnNewsletter, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
mBlog "page" Local File Inclusion Vulnerability
http://secunia.com/advisories/28242/
irk4z has discovered a vulnerability in mBlog, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
TCPreen FD_SET Buffer Overflow Vulnerability
http://secunia.com/advisories/28217/
A vulnerability has been reported in TCPreen, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
SimpleForum "searchkey" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28235/
Jose Luis Góngora Fernández has reported a vulnerability in SimpleForum Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
Zoom Player Error Message Buffer Overflow Vulnerability
http://secunia.com/advisories/28214/
Luigi Auriemma has discovered a vulnerability in Zoom Player, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
AdultScript "id" Two SQL Injection Vulnerabilities
http://secunia.com/advisories/28165/
MhZ91 has reported two vulnerabilities in AdultScript, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
VLC Media Player Multiple Vulnerabilities
http://secunia.com/advisories/28233/
Some vulnerabilities have been discovered in VLC Media Player, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
PDFlib "pdc_fsearch_fopen()" Buffer Overflow Vulnerability
http://secunia.com/advisories/28239/
poplix has discovered a vulnerability in PDFlib, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
phpAutoVideo Two File Inclusion Vulnerabilities
http://secunia.com/advisories/28230/
MhZ91 has reported two vulnerabilities in phpAutoVideo, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
Ada Image Server Multiple Vulnerabilities
http://secunia.com/advisories/28234/
Some vulnerabilities have been discovered in Ada Image Server, which can be exploited by malicious people to conduct cross-site scripting attacks or gain knowledge of sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 26 Dec 07
WinAce UUE File Decompression Buffer Overflow
http://secunia.com/advisories/28215/
A vulnerability has been reported in WinAce, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
TikiWiki Multiple Vulnerabilities
http://secunia.com/advisories/28225/
Some vulnerabilities have been reported in TikiWiki, where some have unknown impacts and others can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
Sun Java System Web Server / Web Proxy Server Cross-Site Scripting
http://secunia.com/advisories/28216/
Some vulnerabilities have been reported in Sun Java System Web Server / Web Proxy Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
WinUAE Floppy Disk Image File Loading Buffer Overflow
http://secunia.com/advisories/28208/
Luigi Auriemma has discovered a vulnerability in WinUAE, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
Moodle MRBS Module "id" SQL Injection
http://secunia.com/advisories/28198/
root at hanicker.it has reported a vulnerability in the MRBS Module for Moodle, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
Sun Solaris Apache Cross-Site Scripting and Denial of Service
http://secunia.com/advisories/28224/
Sun has acknowledged some vulnerabilities in Apache for Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
SUSE update for flash-player
http://secunia.com/advisories/28213/
SUSE has issued an update for flash-player. This fixes some vulnerabilities, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Tue, 25 Dec 07
CuteNews "search.php" Information Disclosure
http://secunia.com/advisories/28202/
Janek Vind has reported some vulnerabilities in CuteNews, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
Fedora update for autofs
http://secunia.com/advisories/28168/
Fedora has issued an update for autofs. This fixes a vulnerability, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 25 Dec 07
SiteScape Forum dispatcher.cgi TCL Command Injection
http://secunia.com/advisories/28182/
niekt0_at_hysteria.sk has reported a vulnerability in SiteScape Forum, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Google Toolbar Custom Button Installer Dialog Spoofing Weakness
http://secunia.com/advisories/28166/
Aviv Raffon has discovered a weakness in Google Toolbar, which can be exploited by malicious people to conduct spoofing attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Sun Java System Web Proxy Server Multiple Vulnerabilities
http://secunia.com/advisories/28186/
Some vulnerabilities have been reported in Sun Java System Web Proxy Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
IBM HTTP Server Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28196/
IBM has acknowledged two vulnerabilities in IBM HTTP Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
IBM Lotus Domino Web Access Control ActiveX Control Buffer Overflow
http://secunia.com/advisories/28184/
Elazar Broad has reported a vulnerability in IBM Lotus Domino Web Access, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Aeries Browser Interface "EmailAddress" SQL Injection
http://secunia.com/advisories/28193/
Aria-Security Team have reported a vulnerability in Aeries Browser Interface (ABI), which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Woltlab Burning Board Lite "search.php" SQL Injection Vulnerabilities
http://secunia.com/advisories/28188/
nbbn has discovered some vulnerabilities in Wotlab Burning Board Lite, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Fedora BIND "/etc/rndc.key" Insecure File Permissions
http://secunia.com/advisories/28180/
A security issue has been reported in Fedora, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Fedora update for libexif
http://secunia.com/advisories/28195/
Fedora has issued an update for libexif. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Fedora update for wireshark
http://secunia.com/advisories/28197/
Fedora has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Fedora update for exiv2
http://secunia.com/advisories/28178/
Fedora has issued an update for exiv2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Red Hat autofs "nodev" Security Bypass Vulnerability
http://secunia.com/advisories/28156/
Red Hat has acknowledged a vulnerability in autofs, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
IBM z/OS eClient Unspecified Scripting Vulnerability
http://secunia.com/advisories/28174/
A vulnerability with an unknown impact has been reported in z/OS.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
HP Tru64 UNIX FFM Unspecified Denial of Service Vulnerability
http://secunia.com/advisories/28192/
A vulnerability has been reported in HP Tru64 UNIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Ubuntu update for mysql
http://secunia.com/advisories/28128/
Ubuntu has issued an update for mysql. This fixes some security issues and vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, gain escalated privileges, and cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Debian update for kernel
http://secunia.com/advisories/28141/
Debian has issued an update for the kernel. This fixes a security issue and some vulnerabilities, where the security issue can be exploited by malicious, local users to disclose potentially sensitive information, some of the vulnerabilities have unknown impacts, and another can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 22 Dec 07
Fedora update for ganglia
http://secunia.com/advisories/28125/
Fedora has issued an update for ganglia. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
libexif Integer Overflow and Denial of Service
http://secunia.com/advisories/28076/
Two vulnerabilities have been reported in libexif, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Red Hat update for libexif
http://secunia.com/advisories/28127/
Red Hat has issued an update for libexif. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Appian Enterprise BPM Suite Denial of Service Vulnerability
http://secunia.com/advisories/28121/
Chris Castaldo has reported a vulnerability in Appian Enterprise Business Process Management (BPM) Suite, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Novell GroupWise Client HTML E-Mail Processing Buffer Overflow
http://secunia.com/advisories/28102/
Francisco Amato has reported a vulnerability in Novell GroupWise Client, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Red Hat update for thunderbird
http://secunia.com/advisories/28171/
Red Hat has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
CA Products Ingres User Authentication Security Issue
http://secunia.com/advisories/28183/
A vulnerability has been reported in CA products, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
ProWizard 4 PC File Processing Buffer Overflows
http://secunia.com/advisories/28173/
Luigi Auriemma has reported some vulnerabilities in ProWizard 4 PC, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Ingres User Authentication Security Issue
http://secunia.com/advisories/28187/
A security issue has been reported in Ingres, which potentially can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Perforce Web Client HTTP Request Processing Denial of Service
http://secunia.com/advisories/28158/
A vulnerability has been reported in Perforce Web Client (P4Web), which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Debian update for clamav
http://secunia.com/advisories/28176/
Debian has issued an update for clamav. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Serendipity My Calendar Plugin Cross-Site Request Forgery
http://secunia.com/advisories/28152/
Hanno Böck has reported a vulnerability in the My Calendar plugin for Serendipity, which can be exploited by malicious people to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/28179/
Some vulnerabilities have been reported in Thunderbird, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Red Hat update for kernel
http://secunia.com/advisories/28162/
Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Ubuntu update for kernel
http://secunia.com/advisories/28170/
Ubuntu has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
HP Software Update ContentCollection Class ActiveX Control Insecure Method
http://secunia.com/advisories/28177/
porkythepig has reported a vulnerability in HP Software Update, which can be exploited by malicious people to overwrite arbitrary files on a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
Cisco Firewall Services Module Denial of Service Vulnerability
http://secunia.com/advisories/28175/
A vulnerability has been reported in the Cisco Firewall Services Module (FWSM), which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 21 Dec 07
rPath update for kdebase
http://secunia.com/advisories/28181/
rPath has issued an update for kdebase. This fixes a weakness, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
KDE KDM Local Denial of Service Weakness
http://secunia.com/advisories/28104/
A weakness has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Sun Management Center Default Account Security Issue
http://secunia.com/advisories/28151/
A security issue has been reported in Sun Management Center, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Sun Ray Device Manager Daemon Data Manipulation and DoS
http://secunia.com/advisories/28148/
Some vulnerabilities have been reported in Sun Ray Server Software, which can be exploited by malicious, local users or malicious people to manipulate certain data or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Dokeos "My productions" Multiple Extensions File Upload Vulnerability
http://secunia.com/advisories/28154/
A vulnerability has been discovered in Dokeos, which can be exploited by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
WordPress Draft Information Disclosure
http://secunia.com/advisories/28130/
Michael Brooks has discovered a vulnerability in WordPress, which can be exploited by malicious people to bypass certain security restrictions and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Mambo Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28133/
Beenu Arora has discovered two vulnerabilities in Mambo, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Opera Multiple Vulnerabilities
http://secunia.com/advisories/28169/
Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Red Hat update for flash-plugin
http://secunia.com/advisories/28157/
Red Hat has issued an update for flash-plugin. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
GF-3XPLORER Cross-Site Scripting and Information Disclosure
http://secunia.com/advisories/28164/
MhZ91 has discovered a vulnerability and a security issue in GF-3XPLORER, which can be exploited by malicious people to conduct cross-site scripting attacks or to disclose system information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
phpMyRealty Two SQL Injection Vulnerabilities
http://secunia.com/advisories/28155/
Koller has reported two vulnerabilities in phpMyRealty (PMR), which can be exploited by malicious people and malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Adobe Flash Player Multiple Vulnerabilities
http://secunia.com/advisories/28161/
Some vulnerabilities have been reported in Adobe Flash Player, where one vulnerability has an unknown impact and others can be exploited by malicious, local users to gain escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP request splitting attacks, disclose sensitive information, cause a Denial of Service (DoS), or to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/
Thu, 20 Dec 07
WFTPD Explorer LIST Reply Buffer Overflow Vulnerability
http://secunia.com/advisories/28160/
r4x has reported a vulnerability in WFTPD Explorer, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Asterisk Registration Database Security Bypass
http://secunia.com/advisories/28149/
A security issue has been reported in Asterisk, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Ubuntu update for libgd2
http://secunia.com/advisories/28147/
Ubuntu has issued an update for libgd2. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Red Hat update for squid
http://secunia.com/advisories/28109/
Red Hat has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
IBM AIX Perl Regular Expressions Unicode Data Buffer Overflow
http://secunia.com/advisories/28167/
IBM has acknowledged a vulnerability in AIX, which potentially can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Sun Solaris Firefox / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/28135/
Sun has acknowledged some vulnerabilities in Sun Solaris, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, to disclose sensitive information, and potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
ClamAV "cli_scanpe()" MEW Handling Integer Overflow
http://secunia.com/advisories/28117/
A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Citrix Web Interface Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28150/
A vulnerability has been reported in Citrix Web Interface, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Rosoft Media Player File Processing Buffer Overflow Vulnerability
http://secunia.com/advisories/28144/
Juan Pablo Lopez Yacubian has discovered a vulnerability in Rosoft Media Player, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Red Hat update for mysql
http://secunia.com/advisories/28099/
Red Hat has issued an update for mysql. This fixes some vulnerabilities, which can be exploited by malicious, local users to manipulate certain data and by malicious users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Gentoo update for cups
http://secunia.com/advisories/28113/
Gentoo has issued an update for cups. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Ubuntu update for samba
http://secunia.com/advisories/28037/
Ubuntu has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
Gentoo update for e2fsprogs
http://secunia.com/advisories/28009/
Gentoo has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 20 Dec 07
rPath update for kernel
http://secunia.com/advisories/28088/
rPath has issued an update for the kernel. This fixes a vulnerability with an unknown impact.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
PHP Real Estate Classifieds "id" SQL Injection
http://secunia.com/advisories/28119/
t0pP8uZz & xprog have reported a vulnerability in PHP Real Estate Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
PunBB Automatic Image Upload with Thumbnails Module File Upload
http://secunia.com/advisories/28138/
Peter Österberg has discovered a vulnerability in the Automatic Image Upload with Thumbnails module for PunBB, which can be exploited by malicious users to conduct cross-site scripting attacks and to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
syslog-ng Timestamps Denial of Service Vulnerability
http://secunia.com/advisories/28118/
A vulnerability has been reported in syslog-ng, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Centreon "fileOreonConf" File Inclusion Vulnerabilities
http://secunia.com/advisories/28112/
Michael Brooks has reported some vulnerabilities in Centreon, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Meridian Prolog Manager Password Brute Force Weakness
http://secunia.com/advisories/28065/
A weakness has been reported in Meridian Prolog Manager, which can be exploited by malicious people to brute force user passwords.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
PeerCast "handshakeHTTP()" Buffer Overflow Vulnerability
http://secunia.com/advisories/28120/
Luigi Auriemma has reported a vulnerability in PeerCast, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Exiv2 EXIF Parsing Integer Overflow Vulnerability
http://secunia.com/advisories/28132/
A vulnerability has been reported in Exiv2, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
RaidenHTTPD "ulang" Local File Inclusion Vulnerability
http://secunia.com/advisories/28143/
rgod has discovered a vulnerability in RaidenHTTPD, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
SurgeMail Webmail "Host" Header Processing Denial of Service
http://secunia.com/advisories/28142/
rgod has discovered a vulnerability in SurgeMail, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Alternate pdftops Filter for CUPS Insecure Temporary Files
http://secunia.com/advisories/28139/
A security issue has been reported in the Alternate pdftops Filter for CUPS, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
CUPS SNMP Backend "asn1_get_string()" Signedness Vulnerability
http://secunia.com/advisories/28129/
A vulnerability has been reported in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Sun Solaris Gimp Multiple Vulnerabilities
http://secunia.com/advisories/28114/
Sun has acknowledged some vulnerabilities in Gimp, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
iMesh IMWebControl Class ActiveX Control Code Execution
http://secunia.com/advisories/28134/
rgod has discovered a vulnerability in iMesh, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities
http://secunia.com/advisories/28136/
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Debian update for link-grammar
http://secunia.com/advisories/28101/
Debian has issued an update for link-grammar. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
rPath update for tetex
http://secunia.com/advisories/28107/
rPath has issued an update for tetex. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
LineShout Two Script Insertion Vulnerabilities
http://secunia.com/advisories/28137/
David Sopas has reported two vulnerabilities in LineShout, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
St. Bernard Open File Manager Buffer Overflow Vulnerability
http://secunia.com/advisories/28131/
A vulnerability has been reported in St. Bernard Open File Manager, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 19 Dec 07
Google Web Toolkit Benchmark Reporting System Cross-Site Scripting
http://secunia.com/advisories/28122/
A vulnerability has been reported in Google Web Toolkit, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
FreeWebshop.org Admin Credentials Information Disclosure
http://secunia.com/advisories/28126/
k1tk4t has discovered a vulnerability in FreeWebshop.org, which can be exploited by malicious people to bypass certain security restrictions and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
phpRPG SQL Injection and Information Disclosure
http://secunia.com/advisories/27968/
Michael Brooks has discovered some vulnerabilities in phpRPG, which can be exploited by malicious people to conduct SQL injection attacks and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Mac OS X Java Multiple Vulnerabilities
http://secunia.com/advisories/28115/
Some vulnerabilities have been reported and acknowledged in Mac OS X, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, to cause a DoS (Denial of Service), or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
scponly Command Passthrough Security Bypass
http://secunia.com/advisories/28123/
A security issue has been reported in scponly, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Linux Kernel "hrtimer_start()" Integer Overflow Vulnerability
http://secunia.com/advisories/28105/
A vulnerability with an unknown impact has been reported in the Linux Kernel.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Hammer of Thyrion "HuffDecode()" Buffer Overflow Vulnerability
http://secunia.com/advisories/28124/
A vulnerability has been reported in Hammer of Thyrion, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Ganglia Web Interface Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28116/
Some vulnerabilities have been reported in Ganglia, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
phPay Local File Inclusion Vulnerability
http://secunia.com/advisories/28111/
Michael Brooks has discovered a vulnerability in phPay, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
exiftags Multiple Vulnerabilities
http://secunia.com/advisories/28110/
Some vulnerabilities have been reported in exiftags, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Juniper JUNOS BGP UPDATE Message Processing Denial of Service
http://secunia.com/advisories/28100/
A vulnerability has been reported in Juniper JUNOS, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Gesytec Easylon OPC Server Handle Validation Vulnerability
http://secunia.com/advisories/28079/
A vulnerability has been reported in Gesytec Easylon OPC Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Debian update for centericq
http://secunia.com/advisories/28103/
Debian has issued an update for centericq. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 18 Dec 07
Debian update for mydns
http://secunia.com/advisories/28086/
Debian has issued an update for mydns. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 17 Dec 07
Fedora update for squid
http://secunia.com/advisories/28091/
Fedora has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 17 Dec 07
Fedora update for mysql
http://secunia.com/advisories/28025/
Fedora has issued an update for mysql. This fixes two vulnerabilities and a security issue, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 17 Dec 07
Flyspray Two Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28106/
Two vulnerabilities have been reported in Flyspray, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 17 Dec 07
Fedora update for autofs
http://secunia.com/advisories/28097/
Fedora has issued an update for autofs. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 17 Dec 07
Slackware update for mysql
http://secunia.com/advisories/28108/
Slackware has issued an update for mysql. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to manipulate certain data and by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
WebGUI Create Admin Security Bypass
http://secunia.com/advisories/28059/
A vulnerability has been reported in WebGUI, which can be exploited by malicious users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
CourseMill Learning Management System "user" SQL Injection
http://secunia.com/advisories/28098/
sasquatch has reported a vulnerability in CourseMill Learning Management System, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
SquirrelMail Package Compromise
http://secunia.com/advisories/28095/
A package compromise with unknown impact has been reported in SquirrelMail.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
TYPO3 "indexed_search" SQL Injection Vulnerability
http://secunia.com/advisories/27969/
A vulnerability has been reported in TYPO3, which can be exploited by malicious users to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Sun Solaris 10 NFS "netgroups" Security Bypass Vulnerability
http://secunia.com/advisories/28096/
Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
AdultScript administrator.php Security Bypass
http://secunia.com/advisories/28064/
Liz0ziM has reported a vulnerability in AdultScript, which can be exploited by malicious people to bypass certain security restrictions and to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
NeoOffice Unspecified OpenOffice.org Vulnerability
http://secunia.com/advisories/28093/
A vulnerability with an unknown impact has been reported in NeoOffice.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
HP-UX DCE Unspecified Denial of Service Vulnerability
http://secunia.com/advisories/28087/
A vulnerability has been reported in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Gentoo Portage "etc-update" Information Disclosure
http://secunia.com/advisories/28094/
Gentoo has acknowledged a security issue in Portage, which can be exploited by malicious, local users to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Avaya Products Samba "send_mailslot()" Buffer Overflow
http://secunia.com/advisories/28089/
Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Apple QuickTime Multiple Vulnerabilities
http://secunia.com/advisories/28092/
Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Gentoo update for ircservices
http://secunia.com/advisories/28090/
Gentoo has issued an update for ircservices. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
HP-UX update for OpenSSL
http://secunia.com/advisories/28084/
HP has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 15 Dec 07
Mandriva update for mozilla-firefox
http://secunia.com/advisories/28016/
Mandriva has issued an update for mozilla-firefox. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
JustSystems Ichitaro Document Processing Buffer Overflow
http://secunia.com/advisories/27992/
A vulnerability has been reported in JustSystems Ichitaro, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
MMS Gallery PHP "id" File Inclusion Vulnerabilities
http://secunia.com/advisories/28075/
GoLd_M has reported some vulnerabilities in MMS Gallery PHP, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
xml2owl "file" Information Disclosure Vulnerability
http://secunia.com/advisories/28071/
GoLd_M has discovered a vulnerability in xml2owl, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Mac OS X "cs_validate_page()" Local Denial of Service
http://secunia.com/advisories/28048/
mu-b has reported a vulnerability in Mac OS X, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
CityWriter "path" File Inclusion Vulnerability
http://secunia.com/advisories/28058/
RoMaNcYxHaCkEr has discovered a vulnerability in CityWriter, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Hitachi Web Server Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28082/
Hitachi has acknowledged some vulnerabilities in the Hitachi Web Server, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
JBoss Seam "order" EJBQL Injection Vulnerability
http://secunia.com/advisories/28077/
A vulnerability has been reported in JBoss Seam, which potentially can be exploited by malicious people to conduct SQL injection attacks against applications using the framework.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Robocode Arbitrary Java Code Execution Security Issue
http://secunia.com/advisories/28080/
A security issue has been reported in Robocode, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Avaya Products PCRE Multiple Vulnerabilities
http://secunia.com/advisories/28041/
Avaya has acknowledged some vulnerabilities in various Avaya products, which can be exploited by malicious people to disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Kerio WinRoute Firewall Proxy Server Unspecified Security Bypass
http://secunia.com/advisories/28072/
A weakness has been reported in Kerio WinRoute Firewall, which potentially can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Websense User-Agent Filtering Bypass Security Issue
http://secunia.com/advisories/28026/
mrhinkydink has reported a security issue in Websense, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
Fastpublish CMS designconfig.php File Inclusion
http://secunia.com/advisories/28054/
RoMaNcYxHaCkEr has discovered a vulnerability in Fastpublish CMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 14 Dec 07
BEA WebLogic Mobility Server Image Converter Security Bypass
http://secunia.com/advisories/28078/
A vulnerability has been reported in the BEA WebLogic Mobility Server, which can be exploited by malicious people to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Red Hat autofs "/net" Privilege Escalation Vulnerability
http://secunia.com/advisories/28052/
A vulnerability has been reported in Red Hat Enterprise Linux, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Symantec Mail Security Lotus 1-2-3 File Viewer Buffer Overflows
http://secunia.com/advisories/27871/
Some vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Apache mod_imap Module Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28073/
A vulnerability has been reported in the mod_imap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Apache mod_imagemap Module Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28046/
A vulnerability has been reported in the mod_imagemap module for Apache, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
IBM AIX Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/28044/
Multiple vulnerabilities have been reported in IBM AIX, which have unknown impacts.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Red Hat update for java-1.4.2-bea
http://secunia.com/advisories/28056/
Red Hat has issued an update for java-1.4.2-bea. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
ViArt CMS/HelpDesk/Shop "root_folder_path" File Inclusion
http://secunia.com/advisories/28066/
RoMaNcYxHaCkEr has discovered a vulnerability in various ViArt products, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Avaya CMS / IR Solaris Remote Procedure Call Module Denial of Service
http://secunia.com/advisories/28057/
Avaya has acknowledged a vulnerability in Avaya CMS / IR, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Linux Kernel "mmap_min_addr" Security Bypass
http://secunia.com/advisories/28070/
A security issue has been reported in the Linux Kernel, which can be exploited by malicious, local users to bypass certain security restrictions.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
SUSE update for samba
http://secunia.com/advisories/28003/
SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
MySQL Security Issue and Two Vulnerabilities
http://secunia.com/advisories/28063/
A security issue and two vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges, manipulate certain data, or to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Rainboard Unspecified Cross-Site Scripting
http://secunia.com/advisories/28069/
A vulnerability has been reported in Rainboard, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
aurora framework "pack_var()" SQL Injection Vulnerability
http://secunia.com/advisories/28014/
A vulnerability has been reported in aurora framework, which can be exploited by malicious people to conduct SQL injection attacks against applications using the framework.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Debian update for ruby-gnome2
http://secunia.com/advisories/28060/
Debian has issued an update for ruby-gnome2. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Debian update for libnss-ldap
http://secunia.com/advisories/28061/
Debian has issued an update for nss-ldap. This fixes a security issue, which can be exploited by malicious persons to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Debian update for htdig
http://secunia.com/advisories/28062/
Debian has issued an update for htdig. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
rPath update for e2fsprogs
http://secunia.com/advisories/28030/
rPath has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
HP Info Center HPInfo Class ActiveX Control Insecure Methods
http://secunia.com/advisories/28055/
porkythepig has reported some vulnerabilities in HP Info Center, which can be exploited by malicious people to gain knowledge of certain system information, manipulate registry data, and to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Mcms Easy Web Make "template" Local File Inclusion
http://secunia.com/advisories/28053/
MhZ91 has discovered a vulnerability in Mcms Easy Web Make, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Sun Solaris update for Adobe Flash Player
http://secunia.com/advisories/28068/
Sun has issued an update for Adobe Flash Player. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Thu, 13 Dec 07
Mandriva update for samba
http://secunia.com/advisories/28067/
Mandriva has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Trend Micro Products UUE File Parsing Buffer Overflow
http://secunia.com/advisories/28038/
Sowhat has reported a vulnerability in some Trend Micro products, which potentially can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Websense "username" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/28019/
Dave Lewis has reported a vulnerability in Websense Enterprise and Websense Web Security Suite, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Falt4 CMS Cross-Site Scripting and SQL Injection Vulnerabilities
http://secunia.com/advisories/28045/
Mesut Timur has reported some vulnerabilities in Falt4 CMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
WebSPELL Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28006/
Brainhead has discovered some vulnerabilities in WebSPELL, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Intuit Products AnswerWorks ActiveX Control Buffer Overflow
http://secunia.com/advisories/26670/
Parvez Anwar has discovered a vulnerability in various Intuit products, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Internet Explorer Multiple Code Execution Vulnerabilities
http://secunia.com/advisories/28036/
Some vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Vantage Linguistics AnswerWorks 4 API ActiveX Control Buffer Overflow
http://secunia.com/advisories/26566/
Parvez Anwar has discovered a vulnerability in Vantage Linguistics AnswerWorks, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Microsoft Windows Vista SMBv2 Signing Vulnerability
http://secunia.com/advisories/27997/
A vulnerability has been reported in Microsoft Windows Vista, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Microsoft Windows Message Queuing Buffer Overflow
http://secunia.com/advisories/28051/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Microsoft Windows Message Queuing Privilege Escalation
http://secunia.com/advisories/28011/
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Windows Vista Kernel Legacy Reply Path Validation Privilege Escalation
http://secunia.com/advisories/28015/
A vulnerability has been reported in Microsoft Windows Vista, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Windows Media Format Runtime ASF Parsing Vulnerability
http://secunia.com/advisories/28034/
A vulnerability has been reported in Windows Media Format Runtime / Windows Media Services, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Microsoft DirectX SAMI/WAV/AVI File Parsing Vulnerabilities
http://secunia.com/advisories/28010/
Two vulnerabilities have been reported in Microsoft DirectX, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Falcon Series One Multiple Vulnerabilities
http://secunia.com/advisories/28047/
MhZ91 has reported some vulnerabilities in Falcon Series One, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks and to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
SUSE update for OpenOffice_org
http://secunia.com/advisories/28039/
SUSE has issued an update for OpenOffice_org. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Fedora update for poppler
http://secunia.com/advisories/28043/
Fedora has issued an update for poppler. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
BadBlue Multiple Vulnerabilities
http://secunia.com/advisories/28031/
Luigi Auriemma has reported some vulnerabilities in BadBlue, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Red Hat update for python
http://secunia.com/advisories/28027/
Red Hat has issued an update for python. This fixes some security issues and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Red Hat update for python
http://secunia.com/advisories/28050/
Red Hat has issued an update for python. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Fedora update for eggdrop
http://secunia.com/advisories/27989/
Fedora has issued an update for eggdrop. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Fedora update for samba
http://secunia.com/advisories/27977/
Fedora has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Cybozu Office Multiple Vulnerabilities
http://secunia.com/advisories/28035/
Some vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks, HTTP header injection attacks, or cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
BarracudaDrive Web Server Multiple Vulnerabilities
http://secunia.com/advisories/28032/
Luigi Auriemma has reported some vulnerabilities in BarracudaDrive Web Server, which can be exploited by malicious users to manipulate certain data and cause a DoS (Denial of Service), and by malicious people to conduct script insertion attacks and disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
Cybozu Products Cross-Site Scripting and HTTP Header Injection
http://secunia.com/advisories/28049/
Some vulnerabilities have been reported in Cybozu products, which can be exploited by malicious people to conduct cross-site scripting and HTTP header injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Wed, 12 Dec 07
WordPress GBK/Big5 Character Set "s" SQL Injection
http://secunia.com/advisories/28005/
Abel Cheung has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Content Injector "id" SQL Injection Vulnerability
http://secunia.com/advisories/27986/
S.W.A.T. has discovered a vulnerability in Content Injector, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Samba "send_mailslot()" Buffer Overflow Vulnerability
http://secunia.com/advisories/27760/
Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
HttpLogger Cross-Site Scripting Vulnerability
http://secunia.com/advisories/27960/
A vulnerability has been reported in HttpLogger, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
wwwstats "link" Script Insertion Vulnerability
http://secunia.com/advisories/28002/
Jesus Olmos Gonzalez has reported a vulnerability in wwwstats, which can be exploited by malicious people to conduct script insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
bitweaver Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/28024/
DoZ has discovered some vulnerabilities in bitweaver, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
3ivx MPEG-4 MP4 File Processing Buffer Overflows
http://secunia.com/advisories/27998/
SYS 49152 has discovered some vulnerabilities in 3ivx MPEG-4, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Ace Image Hosting Script "id" SQL Injection Vulnerability
http://secunia.com/advisories/27988/
t0pP8uZz & xprog have reported a vulnerability in Ace Image Hosting Script, which can be exploited by malicious people to conduct SQL injections attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
DWdirectory "search" SQL Injection Vulnerability
http://secunia.com/advisories/27990/
t0pP8uZz & xprog have reported a vulnerability in DWdirectory, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Gentoo update for emul-linux-x86-qtlibs
http://secunia.com/advisories/28021/
Gentoo has issued an update for emul-linux-x86-qtlibs. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Gentoo update for ruby-gtk2
http://secunia.com/advisories/28022/
Gentoo has issued an update for ruby-gtk2. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
PolDoc Document Management System "filename" Information Disclosure
http://secunia.com/advisories/28013/
GoLd_M has discovered a vulnerability in PolDoc Document Management System (PDDMS), which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Easy File Sharing Web Server Multiple Vulnerabilities
http://secunia.com/advisories/28007/
Luigi Auriemma has reported some vulnerabilities in Easy File Sharing Web Server, which can be exploited by malicious people to disclose sensitive information and by malicious users to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Serendipity Remote RSS Sidebar Plugin Script Insertion
http://secunia.com/advisories/28012/
A vulnerability has been reported in Serendipity, which can be exploited by malicious people to conduct script-insertion attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Gentoo update for lookup
http://secunia.com/advisories/28023/
Gentoo has issued an update for lookup. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
MySQL System Table Information Overwrite Vulnerability
http://secunia.com/advisories/27981/
A vulnerability has been reported in MySQL, which can be exploited by malicious, local users to manipulate certain data.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Fedora update for xorg-x11-xfs
http://secunia.com/advisories/27946/
Fedora has issued an update for xorg-x11-xfs. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Debian update for sitebar
http://secunia.com/advisories/28008/
Debian has issued an update for sitebar. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, and by malicious users to disclose potentially sensitive information and compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Debian update for iceweasel
http://secunia.com/advisories/28001/
Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks or potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Sun StarOffice/StarSuite Database Document Processing Arbitrary Java Method Execution
http://secunia.com/advisories/28018/
Sun has acknowledged a vulnerability in Sun StarOffice and StarSuite, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Debian update for qt-x11-free
http://secunia.com/advisories/27996/
Debian has issued an update for qt-x11-free. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Fedora update for drupal
http://secunia.com/advisories/27973/
Fedora has issued an update for drupal. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Debian update for e2fsprogs
http://secunia.com/advisories/27987/
Debian has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Ubuntu update for e2fsprogs
http://secunia.com/advisories/28000/
Ubuntu has issued an update for e2fsprogs. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Fedora update for seamonkey
http://secunia.com/advisories/27979/
Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Tue, 11 Dec 07
Gentoo update for cairo
http://secunia.com/advisories/27985/
Gentoo has issued an update for cairo. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Gentoo update for emacs
http://secunia.com/advisories/27984/
Gentoo has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Fedora update for nagios
http://secunia.com/advisories/27980/
Fedora has issued an update for nagios. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Fedora update for zabbix
http://secunia.com/advisories/27978/
Fedora has issued an update for zabbix. This fixes a weakness, which can be exploited by malicious users to perform certain actions with escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Debian update for xulrunner
http://secunia.com/advisories/27957/
Debian has issued an update for xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting or cross-site request forgery attacks, and to potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Fedora update for openoffice.org
http://secunia.com/advisories/27972/
Fedora has issued an update for openoffice.org. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Gentoo update for firebird
http://secunia.com/advisories/27982/
Gentoo has issued an update for firebird. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Fedora update for ruby-gnome
http://secunia.com/advisories/27975/
Fedora has issued an update for ruby-gnome. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Mon, 10 Dec 07
Gentoo update for PEAR-MDB2
http://secunia.com/advisories/27983/
Gentoo has issued an update for PEAR-MDB2. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
Mac OS X vpnd Denial of Service Vulnerability
http://secunia.com/advisories/27938/
mu-b has reported a vulnerability in Apple Mac OS X, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
MyTV/x Privilege Escalation Security Issue
http://secunia.com/advisories/27802/
David Wharton has reported a security issue in MyTV/x, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
IBM HMC Multiple Vulnerabilities
http://secunia.com/advisories/27961/
Some vulnerabilities have been reported in IBM HMC, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
IBM HMC Version 3 Privilege Escalation Vulnerabilities
http://secunia.com/advisories/27970/
Some vulnerabilities have been reported in IBM HMC, which can be exploited by malicious, local users to gain escalated privileges.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
WordPress PictPress Plugin "path" Disclosure of Sensitive Information
http://secunia.com/advisories/27962/
GoLd_M has discovered a vulnerability in the PictPress plugin for WordPress, which can be exploited by malicious people to disclose sensitive information.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
OpenNewsletter "type" Cross-Site Scripting
http://secunia.com/advisories/27966/
Manuel Fernandez has discovered a vulnerability in OpenNewsletter, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
Absolute Banner Manager .NET "z" SQL Injection
http://secunia.com/advisories/27958/
Joseph Pierini has reported a vulnerability in Absolute Banner Manager .NET, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
MWOpen "id" SQL Injection Vulnerability
http://secunia.com/advisories/27956/
KiNgOfThEwOrLd has discovered a vulnerability in MWOpen, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
PenPal Three SQL Injection Vulnerabilities
http://secunia.com/advisories/27976/
Aria-Security Team have reported some vulnerabilities in PenPal, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
Novell NetMail Unspecified Code Execution Vulnerability
http://secunia.com/advisories/27974/
A vulnerability has been reported in Novell NetMail, which can potentially be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
TCExam Multiple SQL Injection Vulnerabilities
http://secunia.com/advisories/27940/
Some vulnerabilities have been reported in TCExam, which can be exploited by malicious people to conduct SQL injection attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Sat, 8 Dec 07
JFreeChart Multiple Cross-Site Scripting Vulnerabilities
http://secunia.com/advisories/27959/
Some vulnerabilities have been reported in JFreeChart, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
HP OpenView Network Node Manager Multiple Vulnerabilities
http://secunia.com/advisories/27964/
Some vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
rPath update for firefox
http://secunia.com/advisories/27955/
rPath has issued an update for firefox. This fixes a security issue and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and potentially compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Ubuntu update for tetex-bin and texlive-bin
http://secunia.com/advisories/27967/
Ubuntu has issued an update for tetex-bin and texlive-bin. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
HyperVM "frm_emessage" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/27893/
Sascha has reported a vulnerability in HyperVM, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Avaya Products Apache mod_proxy "date" Denial of Service
http://secunia.com/advisories/27971/
Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Skype skype4com URI Handler Heap Corruption Vulnerability
http://secunia.com/advisories/27934/
A vulnerability has been reported in Skype, which can be exploited by malicious people to compromise a user's system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Cisco Security Agent Unspecified System Driver Buffer Overflow Vulnerability
http://secunia.com/advisories/27947/
A vulnerability has been reported in Cisco Security Agent for Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
IBM Lotus Sametime Meeting WebRunMenuFrame Page Cross-Site Scripting
http://secunia.com/advisories/27941/
A vulnerability has been reported in IBM Lotus Sametime, which can be exploited by malicious people to conduct cross-site scripting attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Fusion News Cross-Site Request Forgery
http://secunia.com/advisories/27918/
A vulnerability has been reported in Fusion News, which can be exploited by malicious users to conduct cross-site request forgery attacks.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Nokia N95 SIP Message Processing Denial of Service Weakness
http://secunia.com/advisories/27945/
Humberto J. Abdelnur, Radu State, and Olivier Festor have reported a weakness in Nokia N95, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
Cisco IP Phone 7940 SIP INVITE Denial of Service Vulnerability
http://secunia.com/advisories/27898/
The Madynes research team has reported a vulnerability in Cisco IP Phone 7940, which can be exploited by malicious people to cause a DoS (Denial of Service).
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
e2fsprogs libext2fs Integer Overflow Vulnerabilities
http://secunia.com/advisories/27889/
Some vulnerabilities have been reported in the libext2fs library of e2fsprogs, which potentially can be exploited by malicious people to compromise an application using the library.
Be sure to check if your system is missing security updates or have insecure applications installed:http://secunia.com/software_inspector/
Fri, 7 Dec 07
SUSE Update for Multiple Packages
http://secunia.com/advisories/27965/