Zero Day Initiative Advisory 12-020 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the SaveDoc and PrintFile functions exposed by the VsVIEW6.ocx ActiveX control. The SaveDoc function causes a file to be created at an arbitrary path specified by the first argument (FileName). The file contents can be controlled by setting the 'Header' member and calling PrintFile() with the same path argument. These behaviors can be exploited by a remote attacker to execute arbitrary code on the target system.
0e61a6e226350f291abb2c1d035a02dd7b420e246ac20734c7e602223f151f77
Zero Day Initiative Advisory 12-019 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM SPSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within SetLicenseInfoEx() method exposed by the mraboutb.dll ActiveX Control. String data supplied to the first parameter (strInstallDir) of SetLicenseInfoEx() is copied into a 256 byte global buffer without first checking the string length. This overflow can be exploited to remotely execute arbitrary code on the target system.
854bc2e262fff88ef741e78bf82fffb4832ad1b7eb87f4f13c662b94e8d6c14e
Mandriva Linux Security Advisory 2012-011 - OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108. The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue.
35b11032bcc6ae21446636fb990652ffe9762c98d3d9d0030aaed125ce61a84d
Debian Linux Security Advisory 2398-1 - Several vulnerabilities have been discovered in Curl, an URL transfer library.
affc00b6775ce7bca3c3607be8f46595ea437e93d99e80f5874d29cbbc9e4d89
Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.
baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515
Gentoo Linux Security Advisory 201201-18 - Multiple vulnerabilities in bip might allow remote unauthenticated attackers to cause a Denial of Service or possibly execute arbitrary code. Versions less than 0.8.8-r1 are affected.
e549809610bc17b343128bb8db5c084ec972795ac311e48c37fed0d3767d72fc
Red Hat Security Advisory 2012-0071-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000.
5aa584ae8e2538b311608383e29e10b03cfc35f4dda508f886e8a55f83326c25
Red Hat Security Advisory 2012-0070-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
03b3e4cae76347af80bc92c207769ad0a2a84889ef025d717522605f2284e476
Red Hat Security Advisory 2012-0069-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A denial of service flaw was found in the implementation of associative arrays in Ruby. An attacker able to supply a large number of inputs to a Ruby application that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions.
f7e42c50959c0fb32cbaa649ddc8262f37b293afa41649f8324f881d14fac350
Debian Linux Security Advisory 2397-1 - It was discovered that a buffer overflow in the Unicode library ICU could lead to the execution of arbitrary code.
33155ab7e9a7b17b4c88cdcfe061b9ce02b5b72b86507f4eee3765acdc720f58
Gentoo Linux Security Advisory 201201-17 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 16.0.912.77 are affected.
eaa004838721d039091f8548c7c6641f0341f17b63e976316bbc9668c5791b8d
Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to compromise a vulnerable system.
7836e9780a7d6743119d29fe5fe1e565dc52a9fcf68665b4caa4637656092824
Secunia Security Advisory - Two vulnerabilities have been reported in IBM SPSS SamplePower, which can be exploited by malicious people to compromise a user's system.
29beac5953b698d745bb01103c874092886d220acd5c8cbc3f833e81273cb725
Secunia Security Advisory - Multiple vulnerabilities have been reported in Postfix Admin, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting and script insertion attacks.
0fcd50f64699587ecbea6b580ae7675a38fec1cf457ebf05b22ea36c0f0a6e13
Secunia Security Advisory - A vulnerability has been reported in the Search Autocomplete module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks.
dfb17ecb6f275da69b81b80de74b13ae64fbf1632d84d9b14984910561c4ab51
Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in DClassifieds, which can be exploited by malicious people to conduct cross-site request forgery attacks.
6ce2fbe994fab9b7edd8d23a393ffd074bdcb336e4c753e2d980a7a1070b3fc9
Secunia Security Advisory - Some vulnerabilities have been reported in Apache HTTP Server, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).
d5416919a14910653e520de295c93869bd39f9c94975208b811584c384e3254b
Secunia Security Advisory - Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to potentially gain escalated privileges.
7a85b19a07004b670561a7a7a9160e7c55855754504afd0668b19e3ce77c2093
Secunia Security Advisory - A vulnerability has been reported in Samba, which can be exploited by malicious people to cause a DoS (Denial of Service).
14309a8acef624203641ff15d5959a7c02824e8c82f87fffd14e0b01197992e3
Secunia Security Advisory - Some vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
66971616d229ba8cc44f9a624df34c67061a43a0f2c89c678fee140536146f6a
Secunia Security Advisory - Ogro has reported a vulnerability in Ada Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
dd4e97d5184145da9ef2b8af50f4ac56a608de85746d57a9489efe65af5a5f11
Secunia Security Advisory - Debian has issued an update for icu. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.
d1cfd72e14abd163f84a6d362d3e0f0d464624e8de190b9fef81311545244569
Secunia Security Advisory - Gentoo has issued an update for xkeyboard-config. This fixes a weakness, which can be exploited by malicious people with physical access to bypass certain security restrictions.
c26cc52558610ab67469174fb26818f83360bd1a5964fdf9484773e54fa57567
Secunia Security Advisory - Debian has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.
419259e25f26b4bc35b66b6640f283b8dc9c742b5ce663c9316b213638164710
Secunia Security Advisory - Gentoo has issued an update for chromium. This fixes some vulnerabilities, which potentially can be exploited by malicious people to compromise a user's system.
2c7ef6501c218e169b5a5f20f9901832dde8dd4520c0c7fe48e01589c50bf59e