Section: .. / 0801-advisories /
| /// File Name: |
sa28489.txt |
Description:
|
Secunia Security Advisory - Fedora has issued an update for xine-lib. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28489/ | | File Size: | 3670 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | dba387286c372c2dbef428c6a95de8b3 |
|
| /// File Name: |
sa28490.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been discovered in TIBCO SmartSockets, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28490/ | | File Size: | 3635 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 1ec782dcfc49dcfac9918b2438cbb906 |
|
| /// File Name: |
sa28494.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Qvod Player, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28494/ | | File Size: | 2268 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | b7e44872650ac78c3a47ee3bc3e895d7 |
|
| /// File Name: |
sa28495.txt |
Description:
|
Secunia Security Advisory - Xcross87 has discovered a vulnerability in Article Dashboard, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28495/ | | File Size: | 2237 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 332f830d0f56ded43fefb95a9e356e7b |
|
| /// File Name: |
sa28497.txt |
Description:
|
Secunia Security Advisory - Two vulnerabilities and a security issue have been reported in Apple iPhone and iPod touch, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, or to compromise a vulnerable device.
| | Homepage: | http://secunia.com/advisories/28497/ | | File Size: | 2943 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 2714095b8bb0cb1cb13d561ad49874db |
|
| /// File Name: |
sa28502.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Apple QuickTime, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28502/ | | File Size: | 3448 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 8ab3cd95a2a362b9c99ae96e3ef6e36a |
|
| /// File Name: |
sa28506.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28506/ | | File Size: | 3395 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 4c32019849efb665e675972a22ea1976 |
|
| /// File Name: |
sa28512.txt |
Description:
|
Secunia Security Advisory - Hamid Ebadi has discovered two vulnerabilities in MiniWeb HTTP Server, which can be exploited by malicious people to disclose sensitive information, to cause a DoS (Denial of Service), or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28512/ | | File Size: | 2814 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | d4cde09bf760d78d6cd41b19f16aa3fd |
|
| /// File Name: |
sa28514.txt |
Description:
|
Secunia Security Advisory - HP has issued an update for xfs. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28514/ | | File Size: | 2257 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 14b105b22c9f71612d575b9733256efb |
|
| /// File Name: |
sa28518.txt |
Description:
|
Secunia Security Advisory - Multiple vulnerabilities with unknown impacts have been reported for various Oracle products, which can be exploited by malicious users and malicious people.
| | Homepage: | http://secunia.com/advisories/28518/ | | File Size: | 3628 | | Last Modified: | Jan 16 23:45:41 2008 |
| MD5 Checksum: | 02f8f16807e73d4d650c525b1fb1379d |
|
| /// File Name: |
dsa-1464-1.txt |
Description:
|
Debian Security Advisory 1464-1 - Oriol Carreras discovered that syslog-ng, a next generation logging daemon can be tricked into dereferencing a NULL pointer through malformed timestamps, which can lead to denial of service and the disguise of an subsequent attack, which would otherwise be logged.
| | Homepage: | http://www.debian.org/security | | File Size: | 5160 | | Related CVE(s): | CVE-2007-6437 | | Last Modified: | Jan 16 00:53:14 2008 |
| MD5 Checksum: | d677d82ca889737546048691665795cc |
|
| /// File Name: |
TPTI-08-01.txt |
Description:
|
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of malformed Image Descriptor (IDSC) atoms. Specifying a malicious atom size can result in an under allocated heap chunk and subsequently an exploitable heap corruption situation. QuickTime Player version 7.3 and QuickTime PictureViewer version 7.3 are affected.
| | Author: | Cody Pierce | | Homepage: | http://www.tippingpoint.com/ | | File Size: | 1263 | | Related CVE(s): | CVE-2008-0033 | | Last Modified: | Jan 16 00:52:04 2008 |
| MD5 Checksum: | bd2cf318c00dbca727c2bc86358aceb2 |
|
| /// File Name: |
01.15.08-5.txt |
Description:
|
iDefense Security Advisory 01.15.08 - Remote exploitation of a heap corruption vulnerability in Apple Computer Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in the handling of Macintosh Resources embedded in QuickTime movies. When processing these records, a length value stored in the resource header is not properly validated. When a length value larger than the actual buffer size is supplied, potentially exploitable memory corruption occurs. iDefense Labs confirmed this vulnerability exists in QuickTime Player version 7.3.1. Previous versions are suspected to be vulnerable.
| | Author: | Jun Mao | | Homepage: | http://www.idefense.com/ | | File Size: | 3266 | | Related CVE(s): | CVE-2008-0032 | | Last Modified: | Jan 16 00:38:32 2008 |
| MD5 Checksum: | 9e6e90cfa4d64a44ebf691fac2f1f239 |
|
| /// File Name: |
01.15.08-4.txt |
Description:
|
iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted loop bounds vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests to control the number of iterations of several loops. Inside these loops, various memory operations are performed. Since attackers can control these values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.
| | Author: | McSlibin, Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3350 | | Related CVE(s): | CVE-2007-5656 | | Last Modified: | Jan 16 00:36:59 2008 |
| MD5 Checksum: | 0ea32d532b898054a6944d733fdfa008 |
|
| /// File Name: |
01.15.08-3.txt |
Description:
|
iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted pointer offset vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests as offsets added to valid pointers. The resulting pointer values are then used in various memory operations. Since attackers can control these offset values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.
| | Author: | McSlibin, Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3366 | | Related CVE(s): | CVE-2007-5657 | | Last Modified: | Jan 16 00:36:04 2008 |
| MD5 Checksum: | 5c6a4da086edd62deb07e6ab599235a5 |
|
| /// File Name: |
01.15.08-2.txt |
Description:
|
iDefense Security Advisory 01.15.08 - Remote exploitation of multiple untrusted pointer vulnerabilities in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. When processing requests, SmartSockets uses values from the requests as pointers. These pointer values are then used in various memory operations. Since attackers can control these values, potentially exploitable conditions arise. iDefense has confirmed the existence of these vulnerabilities in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.
| | Author: | McSlibin, Sean Larsson | | Homepage: | http://www.idefense.com/ | | File Size: | 3321 | | Related CVE(s): | CVE-2007-5655 | | Last Modified: | Jan 16 00:35:19 2008 |
| MD5 Checksum: | cb39535d499d31a340f99f3591932ea3 |
|
| /// File Name: |
01.15.08-1.txt |
Description:
|
iDefense Security Advisory 01.15.08 - Remote exploitation of a heap overflow vulnerability in TIBCO Software Inc.'s SmartSockets RTserver may allow an attacker to crash the service or execute arbitrary code with SYSTEM privileges. A heap overflow vulnerability exists within the code responsible for processing requests. Two distinct values from the request are used for the allocation size and the amount of data copied. Since both values are attacker controlled, this can lead to a heap overflow, potentially resulting in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in TIBCO SmartSockets version 6.8.0. Previous versions may also be affected.
| | Author: | McSlibin | | Homepage: | http://www.idefense.com/ | | File Size: | 3257 | | Related CVE(s): | CVE-2007-5658 | | Last Modified: | Jan 16 00:34:14 2008 |
| MD5 Checksum: | a8dbf1e1da5a2a7f6a24e4e845e4d23c |
|
| /// File Name: |
sa28428.txt |
Description:
|
Secunia Security Advisory - hadihadi has discovered a vulnerability in MTCMS, which can be exploited by malicious people to conduct SQL injection attacks.
| | Homepage: | http://secunia.com/advisories/28428/ | | File Size: | 2247 | | Last Modified: | Jan 16 00:29:01 2008 |
| MD5 Checksum: | 597ae5686d12e31460d6ffd175bc3779 |
|
| /// File Name: |
sa28367.txt |
Description:
|
Secunia Security Advisory - A vulnerability has been reported in FreeBSD, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28367/ | | File Size: | 2699 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 366a4e51ed9fdf4f9ff3ef0171a6c6e0 |
|
| /// File Name: |
sa28397.txt |
Description:
|
Secunia Security Advisory - Anastasios Monachos has reported a security issue in LevelOne WBR-3560A, which can be exploited by malicious people to compromise a vulnerably device.
| | Homepage: | http://secunia.com/advisories/28397/ | | File Size: | 2376 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 5ac3adc10d09f8010b780cc2949cd3db |
|
| /// File Name: |
sa28422.txt |
Description:
|
Secunia Security Advisory - Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and cross-site request forgery attacks.
| | Homepage: | http://secunia.com/advisories/28422/ | | File Size: | 3348 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 01f677aad190e41baf9317a236db6761 |
|
| /// File Name: |
sa28423.txt |
Description:
|
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in Apple QuickTime, which potentially can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/28423/ | | File Size: | 2577 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 399854b2c644b7f68f05a8e528433f85 |
|
| /// File Name: |
sa28424.txt |
Description:
|
Secunia Security Advisory - k1n9k0ng has reported two vulnerabilities in vcart, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
| | Homepage: | http://secunia.com/advisories/28424/ | | File Size: | 2343 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 2433c92754fbd9963a01b28ea22287f9 |
|
| /// File Name: |
sa28427.txt |
Description:
|
Secunia Security Advisory - BlackHawk has reported a vulnerability in Evilsentinel, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/28427/ | | File Size: | 2376 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | 104ff34b6bf29bb4fb9e3187e700aa0c |
|
| /// File Name: |
sa28431.txt |
Description:
|
Secunia Security Advisory - Mandriva has issued an update for madwifi-source. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
| | Homepage: | http://secunia.com/advisories/28431/ | | File Size: | 2942 | | Last Modified: | Jan 16 00:28:37 2008 |
| MD5 Checksum: | e182ce67f77b6fc5ef87c3608c7955bb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
