Section: .. / 0707-advisories /
| /// File Name: |
sa25992.txt |
Description:
|
Secunia Security Advisory - Ubuntu has issued an update for imagemagick. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25992/ | | File Size: | 15616 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 718eca5c71323d5ec931990ef2650a9e |
|
| /// File Name: |
sa25990.txt |
Description:
|
Secunia Security Advisory - Michal Zalewski has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to disclose sensitive information and conduct spoofing attacks.
| | Homepage: | http://secunia.com/advisories/25990/ | | File Size: | 2355 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 44ad08abe16073c149947344a9f43d3f |
|
| /// File Name: |
sa25989.txt |
Description:
|
Secunia Security Advisory - OpenBSD has issued an update for file. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/25989/ | | File Size: | 2056 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 55511700ee67f2aa29af5e28f603b95c |
|
| /// File Name: |
sa25988.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Office Publisher 2007, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25988/ | | File Size: | 2516 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | c9cad8f1ccc2b1a896db5d11f1028f6d |
|
| /// File Name: |
sa25986.txt |
Description:
|
Secunia Security Advisory - t0pP8uZz and xprog have reported a vulnerability in RPG Inferno, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25986/ | | File Size: | 2295 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 541cfa2d1a83e7d2a14e44963b9b46da |
|
| /// File Name: |
sa25985.txt |
Description:
|
Secunia Security Advisory - sullo has reported some vulnerabilities in Unobtrusive Ajax Star Rating Bar, which can be exploited by malicious people to bypass certain security restrictions or conduct cross-site scripting and SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25985/ | | File Size: | 2843 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 4c08c1424e5b2fd11ab4abe5af59de4d |
|
| /// File Name: |
sa25984.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been discovered in Firefox, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25984/ | | File Size: | 2785 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | f1e4b04102e66d2de83cd497f11b7a6c |
|
| /// File Name: |
sa25982.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in WinPcap, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/25982/ | | File Size: | 2538 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | c4a91b745b7db8c08951725e0c20c1e1 |
|
| /// File Name: |
sa25981.txt |
Description:
|
Secunia Security Advisory - Daniel Soeder has reported a vulnerability in Sun Java JRE, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25981/ | | File Size: | 2777 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 83f749b85e8d8be91f44c8fe5a8a89dd |
|
| /// File Name: |
sa25980.txt |
Description:
|
Secunia Security Advisory - Debian has issued an update for vlc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25980/ | | File Size: | 55093 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | fe7778547fd82e43d94acaad42ca5eae |
|
| /// File Name: |
sa25971.txt |
Description:
|
Secunia Security Advisory - PsychoGun has reported a vulnerability in DotClear, which can be exploited by malicious people to conduct cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/25971/ | | File Size: | 2447 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 8328e3499712f6299607c8fdd77683a6 |
|
| /// File Name: |
sa25970.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to gain escalated privileges.
| | Homepage: | http://secunia.com/advisories/25970/ | | File Size: | 2509 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 4032c999da6064027432c286bde73ad0 |
|
| /// File Name: |
sa25963.txt |
Description:
|
Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/25963/ | | File Size: | 2300 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 5c36a49874eb673d9d1eea5c7252506a |
|
| /// File Name: |
sa25940.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for mplayer. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25940/ | | File Size: | 2896 | | Last Modified: | Jul 11 06:37:19 2007 |
| MD5 Checksum: | 13604e37a7df8c8d28eff6ba4bc232d5 |
|
| /// File Name: |
07.09.07-2.txt |
Description:
|
iDefense Security Advisory 07.09.07 - Remote exploitation of multiple integer overflow vulnerabilities in several of the image loader plug-ins included with distributions of 'The GIMP' allow attackers to crash The GIMP or potentially execute arbitrary code with the privileges of the user. iDefense has confirmed that version 2.2.15 of The GIMP is vulnerable on both Linux and Windows platforms. It is suspected that all previous versions of the GIMP are also affected.
| | Author: | Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 4913 | | Related CVE(s): | CVE-2006-4519 | | Last Modified: | Jul 10 05:13:12 2007 |
| MD5 Checksum: | 0bed7c854f7e51ca02e6f60a08783965 |
|
| /// File Name: |
EEYE-Java.txt |
Description:
|
eEye Digital Security has discovered a stack buffer overflow in Java WebStart, a utility installed with Java Runtime Environment for the purpose of managing the download of Java applications. By opening a malicious JNLP file, a user's system may be compromised by arbitrary code within the file, which executes with the privileges of that user. Systems affected are Java Runtime Environment 6 update 1 and below and Java Runtime Environment 5 update 11 and below.
| | Author: | Daniel Soeder | | Homepage: | http://www.eeye.com/ | | File Size: | 4623 | | Last Modified: | Jul 10 05:10:09 2007 |
| MD5 Checksum: | 3e976378e3500569323acb831bebdede |
|
| /// File Name: |
07.09.07-1.txt |
Description:
|
iDefense Security Advisory 07.09.07 - Local exploitation of an input validation vulnerability within the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context. The vulnerability specifically exists due to insufficient input validation when handling the Interrupt Request Packet (Irp) parameters passed to IOCTL 9031 (BIOCGSTATS). By passing carefully chosen parameters to this IOCTL, an attacker can overwrite arbitrary kernel memory. iDefense has confirmed the existence of this vulnerability in version 4.0 of WinPcap as included in Wireshark 0.99.5. The version of NPF.SYS tested was 4.0.0.755. Older versions are suspected to be vulnerable.
| | Author: | Mario Ballano | | Homepage: | http://www.idefense.com/ | | File Size: | 3670 | | Last Modified: | Jul 10 05:07:58 2007 |
| MD5 Checksum: | f82d75712873da8e8192b774dda27d9f |
|
| /// File Name: |
dsa-1332-1.txt |
Description:
|
Debian Security Advisory 1332-1 - Several remote vulnerabilities have been discovered in the VideoLan multimedia player and streamer, which may lead to the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 60023 | | Related CVE(s): | CVE-2007-3316, CVE-2007-3467 | | Last Modified: | Jul 10 05:06:10 2007 |
| MD5 Checksum: | 6f23ba24753c08132b3b0efa48c000a4 |
|
| /// File Name: |
wyciwyg.txt |
Description:
|
A vulnerability exists in how Mozilla Firefox handles internal wyciwyg:// pseudo-URIs.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 1435 | | Last Modified: | Jul 10 05:04:59 2007 |
| MD5 Checksum: | abfc62b40701ed2d0de2a1efeaf77641 |
|
| /// File Name: |
dsa-1331-1.txt |
Description:
|
Debian Security Advisory 1331-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. Stefan Esser discovered HTTP response splitting vulnerabilities in the session extension. This only affects Debian 3.1 (Sarge). Stefan Esser discovered that an integer overflow in memory allocation routines allows the bypass of memory limit restrictions. This only affects Debian 3.1 (Sarge) on 64 bit architectures. It was discovered that a buffer overflow in the xmlrpc extension allows the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 66494 | | Related CVE(s): | CVE-2006-0207, CVE-2006-4486, CVE-2007-1864 | | Last Modified: | Jul 10 02:51:21 2007 |
| MD5 Checksum: | 7da389efe8f7c6225ce535d725b591d5 |
|
| /// File Name: |
dsa-1330-1.txt |
Description:
|
Debian Security Advisory 1330-1 - Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language, which may lead to the execution of arbitrary code. Stefan Esser discovered that a buffer overflow in the zip extension allows the execution of arbitrary code. It was discovered that a buffer overflow in the xmlrpc extension allows the execution of arbitrary code.
| | Homepage: | http://www.debian.org/security | | File Size: | 40420 | | Related CVE(s): | CVE-2007-1864, CVE-2007-1399 | | Last Modified: | Jul 10 02:49:35 2007 |
| MD5 Checksum: | 9cf0c0cd8ed25af5fed88d4f4798e07a |
|
| /// File Name: |
adv-2-mid.txt |
Description:
|
YouTube suffers from a cross site request forgery arbitrary code injection vulnerability.
| | Author: | Pepepistola | | File Size: | 2411 | | Last Modified: | Jul 10 02:47:04 2007 |
| MD5 Checksum: | 929ed33148b2c70976b0a0bada8a31a7 |
|
| /// File Name: |
sa25983.txt |
Description:
|
Secunia Security Advisory - Xenduer77 has reported a vulnerability in GameSiteScript, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/25983/ | | File Size: | 2269 | | Last Modified: | Jul 10 02:45:30 2007 |
| MD5 Checksum: | 0f3196a5b4a8a930eaf4f3ef5ba5b9bd |
|
| /// File Name: |
sa25977.txt |
Description:
|
Secunia Security Advisory - Krystian Kloskowski has discovered a vulnerability in Visual IRC, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/25977/ | | File Size: | 2466 | | Last Modified: | Jul 10 02:45:30 2007 |
| MD5 Checksum: | 60dfebc467249decfbf5a92085dbbb97 |
|
| /// File Name: |
sa25976.txt |
Description:
|
Secunia Security Advisory - CorryL has discovered a vulnerability in phpTrafficA, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/25976/ | | File Size: | 2466 | | Last Modified: | Jul 10 02:45:30 2007 |
| MD5 Checksum: | 3dbe77ff6acb08afca34ac0b70460e1a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
