Section: .. / 0710-advisories /
| /// File Name: |
glsa-200710-29.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-29 - Ulf Harnhammar from Secunia Research discovered a format string error in the inc_put_error() function in file src/inc.c. Versions less than 2.4.5 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 3068 | | Related CVE(s): | CVE-2007-2958 | | Last Modified: | Oct 26 11:07:37 2007 |
| MD5 Checksum: | a96192db45a4eaca277d2b1ddd5a34fc |
|
| /// File Name: |
glsa-200710-28.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-28 - Dirk Mueller from the KDE development team discovered a boundary error in file qutfcodec.cpp when processing Unicode strings. Versions less than 3.3.8-r4 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2635 | | Related CVE(s): | CVE-2007-4137 | | Last Modified: | Oct 26 11:07:07 2007 |
| MD5 Checksum: | 90c0608010e086117078f9ec4d76e6d9 |
|
| /// File Name: |
realplayer-heap-corruption-adv.txt |
Description:
|
RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
| | Author: | Piotr Bania | | Homepage: | http://piotrbania.com/ | | File Size: | 5213 | | Last Modified: | Oct 26 11:06:03 2007 |
| MD5 Checksum: | e2ef19fcac9143f960d0e4730c0cc729 |
|
| /// File Name: |
realplayer-memory-corruption-adv.tx..> |
Description:
|
RealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
| | Author: | Piotr Bania | | Homepage: | http://piotrbania.com/ | | File Size: | 4159 | | Last Modified: | Oct 26 11:02:22 2007 |
| MD5 Checksum: | d5f7cd811f442f4d147649a824c696fc |
|
| /// File Name: |
USN-538-1.txt |
Description:
|
Ubuntu Security Notice 538-1 - It was discovered that libpng did not properly perform bounds checking and comparisons in certain operations. An attacker could send a specially crafted PNG image and cause a denial of service in applications linked against libpng.
| | Homepage: | http://security.ubuntu.com/ | | File Size: | 12789 | | Related CVE(s): | CVE-2007-5268, CVE-2007-5269 | | Last Modified: | Oct 26 10:52:33 2007 |
| MD5 Checksum: | 4b4af6499f69b4b2a1ffcc8a68acadd9 |
|
| /// File Name: |
sa27366.txt |
Description:
|
Secunia Security Advisory - A security issue has been reported in Gentoo, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27366/ | | File Size: | 2646 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | 9698a023d41c67105d57533dfce853b1 |
|
| /// File Name: |
sa27373.txt |
Description:
|
Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in BosMarket, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/advisories/27373/ | | File Size: | 2490 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | ee8b2b809fab17e96b90b7e61a78a10f |
|
| /// File Name: |
sa27386.txt |
Description:
|
Secunia Security Advisory - Avaya has acknowledged a vulnerability in Avaya CMS and IR, which can be exploited by malicious, local users and malicious users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27386/ | | File Size: | 2675 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | 3b02aed76aecf430e8c744ce8d14fcdd |
|
| /// File Name: |
sa27390.txt |
Description:
|
Secunia Security Advisory - morin.josh has reported a vulnerability in SWAMP, which can be exploited by malicious people to conduct cross-site scripting attacks.
| | Homepage: | http://secunia.com/advisories/27390/ | | File Size: | 2313 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | e0a6c7c4a64add82d2660d5800434744 |
|
| /// File Name: |
sa27393.txt |
Description:
|
Secunia Security Advisory - Hiroshi Ukai has reported some vulnerabilities in Ichitaro, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27393/ | | File Size: | 3524 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | cdb53bf1dfa6db68cc8514483c9488d0 |
|
| /// File Name: |
sa27396.txt |
Description:
|
Secunia Security Advisory - Joseph.Giron13 has reported a vulnerability in Aleris Web Publishing Server, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27396/ | | File Size: | 2392 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | b12b4898b158e65987d320296dfb6b94 |
|
| /// File Name: |
sa27397.txt |
Description:
|
Secunia Security Advisory - Gentoo has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/27397/ | | File Size: | 2171 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | 3ddb006f77a3c8a25cf85acd25a62812 |
|
| /// File Name: |
sa27398.txt |
Description:
|
Secunia Security Advisory - eliteb0y has reported a vulnerability in Apache Tomcat, which can be exploited by malicious users to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27398/ | | File Size: | 2787 | | Last Modified: | Oct 26 10:50:59 2007 |
| MD5 Checksum: | 1287a380fe2938f9970c758d1c4b1d68 |
|
| /// File Name: |
sa27358.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for blam. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27358/ | | File Size: | 2916 | | Last Modified: | Oct 25 17:09:54 2007 |
| MD5 Checksum: | b15cefddc08afab6eae3d8a074cd1397 |
|
| /// File Name: |
10.25.07-1.txt |
Description:
|
iDefense Security Advisory 10.25.07 - Local exploitation of a buffer overflow vulnerability within Tmxpflt.sys, as included with Trend Micro Inc.'s AntiVirus engine, could allow an attacker to execute arbitrary code in kernel context. iDefense Labs has confirmed the existence of this vulnerability in following Trend Micro Products: Trend Micro's PC-Cillin Internet Security 2007, Tmxpflt.sys version 8.320.1004 and 8.500.0.1002. All products using Trend Micro's scan engine such as Trend Micro ServerProtect, Trend Micro OfficeScan are also suspected to be vulnerable.
| | Author: | Ruben Santamarta | | Homepage: | http://www.idefense.com/ | | File Size: | 3889 | | Related CVE(s): | CVE-2007-4277 | | Last Modified: | Oct 25 17:04:15 2007 |
| MD5 Checksum: | 3a2e7ca08bb95b6c4445c1b9a6a75fbd |
|
| /// File Name: |
usd250-xss.txt |
Description:
|
The helpdesk utility called usd250 suffers from a cross site scripting vulnerability.
| | Author: | Joseph Giron | | File Size: | 414 | | Last Modified: | Oct 25 16:59:34 2007 |
| MD5 Checksum: | bf01b6b248e9d38683933c179061b35b |
|
| /// File Name: |
sa27256.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for epiphany-extensions. This package has been rebuilt against a new version of the firefox package. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to disclose sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
| | Homepage: | http://secunia.com/advisories/27256/ | | File Size: | 3203 | | Last Modified: | Oct 25 16:56:56 2007 |
| MD5 Checksum: | 1181039552035e66344215cece3207fd |
|
| /// File Name: |
sa27341.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in HP OpenView Configuration Management (CM) Infrastructure (Radia) and Client Configuration Manager (CCM), which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/advisories/27341/ | | File Size: | 2909 | | Last Modified: | Oct 25 16:56:56 2007 |
| MD5 Checksum: | 5222965ded05d0ce33a71d5c83951668 |
|
| /// File Name: |
sa27372.txt |
Description:
|
Secunia Security Advisory - A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/27372/ | | File Size: | 2316 | | Last Modified: | Oct 25 16:56:56 2007 |
| MD5 Checksum: | 71d7c80352641e2382b8b72360a9457e |
|
| /// File Name: |
sa27377.txt |
Description:
|
Secunia Security Advisory - rPath has issued an update for php, php-mysql and php-pgsql. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions or by malicious people to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/27377/ | | File Size: | 2593 | | Last Modified: | Oct 25 16:56:56 2007 |
| MD5 Checksum: | 885aa5ecbfaa846455f014ea7549340d |
|
| /// File Name: |
sa27375.txt |
Description:
|
Secunia Security Advisory - Aria-Security Team have reported some vulnerabilities in CodeWidgets.com Online Event Registration Template, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/27375/ | | File Size: | 2512 | | Last Modified: | Oct 25 11:13:24 2007 |
| MD5 Checksum: | a375fb049a672792c814251a1a95b633 |
|
| /// File Name: |
dsa-1395-1.txt |
Description:
|
Debian Security Advisory 1395-1 - Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files.
| | Homepage: | http://www.debian.org/security | | File Size: | 4350 | | Related CVE(s): | CVE-2007-3919 | | Last Modified: | Oct 25 11:13:12 2007 |
| MD5 Checksum: | 8e557897a1c591934305dea2915ee313 |
|
| /// File Name: |
glsa-200710-27.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-27 - regenrecht reported multiple infinite loops in functions ReadDCMImage() and ReadXCFImage(), multiple integer overflows when handling certain types of images, and an off-by-one error in the ReadBlobString() function. Versions less than 6.3.5.10 are affected.
| | Homepage: | http://security.gentoo.org/ | | File Size: | 3160 | | Related CVE(s): | CVE-2007-4985, CVE-2007-4986, CVE-2007-4987, CVE-2007-4988 | | Last Modified: | Oct 25 00:21:20 2007 |
| MD5 Checksum: | 99ed56bd4c8fd98a08f6009975938357 |
|
| /// File Name: |
glsa-200710-26.txt |
Description:
|
Gentoo Linux Security Advisory GLSA 200710-26 - Kees Cook from the Ubuntu Security team discovered that the hpssd daemon does not correctly validate user supplied data before passing it to a popen3() call. Versions less than 2.7.9-r1 are affected.
| | Homepage: | http://security.gentoo.org | | File Size: | 2801 | | Related CVE(s): | CVE-2007-5208 | | Last Modified: | Oct 25 00:20:07 2007 |
| MD5 Checksum: | e649666c7fb10ca0ea0add486ce22c3a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
