Section: .. / 1001-advisories /
| /// File Name: |
sa38374.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for maildrop. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
| | Homepage: | http://secunia.com/ | | File Size: | 6310 | | Last Modified: | Jan 29 08:55:00 2010 |
| MD5 Checksum: | 5d1cd0ad4abe760c35d3a09b16232fa8 |
|
| /// File Name: |
sa38375.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for lintian. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system, disclose system information, and manipulate certain data.
| | Homepage: | http://secunia.com/ | | File Size: | 2789 | | Last Modified: | Jan 29 08:55:12 2010 |
| MD5 Checksum: | b573a0bd027bf3ba85e19fc54f3d948b |
|
| /// File Name: |
sa38376.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in TantumWeb PhpCatalog, which can be exploited by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/ | | File Size: | 1880 | | Last Modified: | Jan 29 08:55:46 2010 |
| MD5 Checksum: | e8a0bcf8e4efb0ec24d100f3cd0dcfb0 |
|
| /// File Name: |
sa38378.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been discovered in the ccNewsletter component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.
| | Homepage: | http://secunia.com/ | | File Size: | 2130 | | Last Modified: | Jan 29 10:24:39 2010 |
| MD5 Checksum: | 9203c7aa152939e999b1fa1e4a6b7bef |
|
| /// File Name: |
sa38379.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for lintian. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system, disclose system information, and manipulate certain data.
| | Homepage: | http://secunia.com/ | | File Size: | 4107 | | Last Modified: | Jan 29 08:55:25 2010 |
| MD5 Checksum: | a5318fb1f249421f044907b55a75a8bb |
|
| /// File Name: |
sa38380.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in the Author Contact module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
| | Homepage: | http://secunia.com/ | | File Size: | 2194 | | Last Modified: | Jan 29 08:55:33 2010 |
| MD5 Checksum: | 084edae1caebf0954661298b26d6502c |
|
| /// File Name: |
sa38381.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in IRCD-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/ | | File Size: | 1984 | | Last Modified: | Jan 31 05:11:30 2010 |
| MD5 Checksum: | 9214f166371c60c61837edaff4f69d24 |
|
| /// File Name: |
sa38382.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in oftc-hybrid, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/ | | File Size: | 2046 | | Last Modified: | Jan 31 05:11:27 2010 |
| MD5 Checksum: | 8e9d4a6329d261eacce9a5ca907e7072 |
|
| /// File Name: |
sa38383.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for ircd-hybrid and ircd-ratbox. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/ | | File Size: | 9076 | | Last Modified: | Jan 31 05:11:32 2010 |
| MD5 Checksum: | e9eb85d9d5e6096dbc7730569a3c081e |
|
| /// File Name: |
secunia-asp3d2io.txt |
Description:
|
Secunia Research has discovered two vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by two integer overflow errors when processing Shockwave 3D models. These can be exploited to corrupt heap memory via specially crafted Shockwave files. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4368 | | Related CVE(s): | CVE-2009-4003 | | Last Modified: | Jan 20 17:56:59 2010 |
| MD5 Checksum: | c87678f4fd5a9fd5e2d494b035243dbd |
|
| /// File Name: |
secunia-asp3dbo.txt |
Description:
|
Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when processing Shockwave 3D models. This can be exploited to cause a heap-based buffer overflow via a specially crafted Shockwave file. Successful exploitation allows execution of arbitrary code. Version 11.5.2.602 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4356 | | Related CVE(s): | CVE-2009-4002 | | Last Modified: | Jan 20 17:53:00 2010 |
| MD5 Checksum: | 11711899acfa02f232a9f319a3646ece |
|
| /// File Name: |
secunia-asp4io.txt |
Description:
|
Secunia Research has discovered four vulnerabilities in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused by four integer overflow errors when processing a certain block type. These can be exploited to cause heap-based buffer overflows via specially crafted Shockwave files. Successful exploitation allows execution of arbitrary code. Version 11.5.2.602 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4383 | | Related CVE(s): | CVE-2009-4003 | | Last Modified: | Jan 20 19:01:12 2010 |
| MD5 Checksum: | c0c76e75fa09b5e9d9a9bd9c92ee7bf7 |
|
| /// File Name: |
secunia-aspoverflow.txt |
Description:
|
Secunia Research has discovered a vulnerability in Adobe Shockwave Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an integer overflow error when processing a certain Shockwave 3D block. This can be exploited to corrupt memory via a specially crafted Shockwave file. Successful exploitation may allow execution of arbitrary code. Version 11.5.2.602 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4368 | | Related CVE(s): | CVE-2009-4003 | | Last Modified: | Jan 20 17:47:58 2010 |
| MD5 Checksum: | 49f0dd3b30918154136872d1d23b07bc |
|
| /// File Name: |
secunia-gcpopup.txt |
Description:
|
Secunia Research has discovered a vulnerability in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a use-after-free error when trying to display a blocked pop-up window while navigating away from the current site. Successful exploitation may allow execution of arbitrary code. Version 3.0.195.38 is affected.
| | Author: | Carsten Eiram,Jakob Balle | | Homepage: | http://secunia.com/ | | File Size: | 4282 | | Last Modified: | Jan 26 21:39:39 2010 |
| MD5 Checksum: | b74d29bda38070c3c8a0cb1cb1a18127 |
|
| /// File Name: |
secunia-hppmfedl.txt |
Description:
|
Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing parameters sent to the /goform/formExportDataLogs URL. This can be exploited to cause a stack-based buffer overflow via an overly long "fileName" parameter. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4419 | | Related CVE(s): | CVE-2009-3999 | | Last Modified: | Jan 20 19:03:04 2010 |
| MD5 Checksum: | 852eb73b58dd806892c4832c76cdadf4 |
|
| /// File Name: |
secunia-hppmtraversal.txt |
Description:
|
Secunia Research has discovered a vulnerability in HP Power Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error when handling "fileName" parameters passed to /goform/formExportDataLogs. This can be exploited to overwrite arbitrary files with almost arbitrary data via directory traversal attacks. Successful exploitation allows execution of arbitrary code. Version 4.2.9 is affected.
| | Author: | Alin Rad Pop | | Homepage: | http://secunia.com/ | | File Size: | 4440 | | Related CVE(s): | CVE-2009-4000 | | Last Modified: | Jan 20 19:05:00 2010 |
| MD5 Checksum: | c7cfa3a5fcb4d7fbb8ac84fbb4a8e808 |
|
| /// File Name: |
secunia-illustrator.txt |
Description:
|
Adobe Illustrator version 14.0.0 suffers from an encapsulated postscript parsing vulnerability.
| | Author: | Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 4315 | | Related CVE(s): | CVE-2009-3952 | | Last Modified: | Jan 8 20:20:31 2010 |
| MD5 Checksum: | 293d49197d5efa12149d3e989f5714fe |
|
| /// File Name: |
secunia-mswfpm.txt |
Description:
|
Secunia Research has discovered a vulnerability in Flash Player distributed with certain versions of Windows XP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a use-after-free error in the bundled version of Flash Player when unloading Flash objects while these are still being accessed using script code. This can be exploited to corrupt memory via a specially crafted web page. Successful exploitation allows execution of arbitrary code.
| | Author: | Carsten Eiram ,Dyon Balding | | Homepage: | http://secunia.com/ | | File Size: | 5860 | | Last Modified: | Jan 13 21:18:04 2010 |
| MD5 Checksum: | e7dde67fdb9970f2ed46bcb93df512c9 |
|
| /// File Name: |
secunia-pdfxchange.txt |
Description:
|
Secunia Research has discovered a vulnerability in PDF-XChange Viewer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error in PDFXCview.exe when parsing certain content and can be exploited to corrupt memory via a specially crafted PDF file. Successful exploitation allows execution of arbitrary code when a user views a malicious PDF document. Version 2.0.42.9 is affected.
| | Author: | Carsten Eiram | | Homepage: | http://secunia.com/ | | File Size: | 4694 | | Last Modified: | Jan 4 19:47:15 2010 |
| MD5 Checksum: | 4819385acc9d90de5006e257416121dc |
|
| /// File Name: |
SOS-10-001.txt |
Description:
|
TheGreenBow VPN Client is vulnerable to a local stack based buffer overflow which can lead to the compromise of a vulnerable system. The vulnerability is caused due to a boundary error when processing certain sections of tgb (policy) files. Passing an overly long string to "OpenScriptAfterUp" will trigger the overflow. Successful exploitation results in the execution of arbitrary code.
| | Author: | Brett Gervasoni | | File Size: | 2139 | | Last Modified: | Jan 22 02:34:51 2010 |
| MD5 Checksum: | d2cd93673ef72d4c0b11143aae528c87 |
|
| /// File Name: |
TA10-012A.txt |
Description:
|
Technical Cyber Security Alert 2010-12A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
| | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 4820 | | Last Modified: | Jan 12 17:41:17 2010 |
| MD5 Checksum: | c0b9455faba3da718ac355bf075afb14 |
|
| /// File Name: |
TA10-012B.txt |
Description:
|
Technical Cyber Security Alert 2010-12B - Microsoft has released updates to address a vulnerability in the Windows Embedded Open Type (EOT) font engine. Microsoft has also published an Advisory about multiple vulnerabilities in Adobe (Macromedia) Flash Player 6 that is included with Windows XP.
| | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 4999 | | Related CVE(s): | CVE-2010-0018 | | Last Modified: | Jan 12 18:46:47 2010 |
| MD5 Checksum: | d9a522110eac29f174a5b5c54bf4dad5 |
|
| /// File Name: |
TA10-013A.txt |
Description:
|
Technical Cyber Security Alert 2010-13A - Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
| | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 4956 | | Last Modified: | Jan 13 21:46:00 2010 |
| MD5 Checksum: | e653062ed9e90c5f3247c192497b92ac |
|
| /// File Name: |
TA10-021A.txt |
Description:
|
Technical Cyber Security Alert 2010-21A - Microsoft has released out-of-band updates to address critical vulnerabilities in Internet Explorer.
| | Author: | US-CERT | | Homepage: | http://www.us-cert.gov/ | | File Size: | 2901 | | Last Modified: | Jan 22 03:03:21 2010 |
| MD5 Checksum: | 1b2dba68b2f554519cc43454a337a4e6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
