|
Mailing List Archive For bugtraq@securityfocus.com By Subject- "run as" local denial-of-service enables administrative account processes to be killed
- [ GLSA 200706-08 ] emul-linux-x86-java: Multiple vulnerabilities
- [ GLSA 200706-09 ] libexif: Buffer overflow
- [ MDKSA-2007:132 ] - Updated madwifi-source, wpa_supplicant packages fix vulnerabilities
- [ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability
- [ MDKSA-2007:134 ] - Updated xfsdump packages fix unsafe temporary directory creation issue
- [ MDKSA-2007:135 ] - Updated webmin packages fix XSS vulnerability
- [ MDKSA-2007:136 ] - Updated evolution packages fix vulnerability
- [ MDKSA-2007:137 ] - Updated krb5 packages fix vulnerabilities
- [CAID 35450, 35451, 35452, 35453]: CA Products That Embed Ingres Multiple Vulnerabilities
- [Full-disclosure] Apple Safari: idn urlbar spoofing
- [GOODFELLAS - VULN ] Avaxswf.dll v.1.0.0.1 from Avax Vector software ActiveX Arbitrary Data Write
- [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control Remote Stack Buffer Overflow
- [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital Imaging Arbitary Data Write.
- [ISR] :: Infobyte Security Research :: release (ISR-sqlget.pl) v1.0.0
- [MajorSecurity Advisory #47]Simple Machines Forum (SMF) - Session fixation Issue
- [SecurInfos] PCSoft WinDEV .wdp Project File Handling Buffer Overflow
- [security bulletin] HPSBGN02199 SSRT071312 rev.3 - Mercury Quality Center ActiveX, Remote Unauthorized Arbitrary Code Executio
- [security bulletin] HPSBTU02232 SSRT071429 rev.1 - Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Service (DoS)
- [security bulletin] HPSBUX02225 SSRT071295 rev.1 - HP-UX Running Xserver, Local Denial of Service (DoS)
- [SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow
- [SECURITY] [DSA 1318-1] New ekg packages fix denial of service
- [SECURITY] [DSA 1319-1] New maradns packages fix denial of service
- [SECURITY] [DSA 1320-1] New clamav packages fix several vulnerabilities
- [SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution
- [SECURITY] [DSA 1322-1] New wireshark packages fix denial of service
- [SECURITY] [DSA 1323-1] New krb5 packages fix several vulnerabilities
- [SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
- [SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
- [USN-475-1] evolution-data-server vulnerability
- [USN-476-1] redhat-cluster-suite vulnerability
- [USN-477-1] krb5 vulnerabilities
- [USN-478-1] libexif vulnerability
- [USN-479-1] MadWifi vulnerabilities
- Airscanner Advisory #07062901: FlexiSPY Victim/User Database Exposure (Full world readable access to ALL SMS/Emails/Voice data from victims/users)
- akocomment SQL INJECTION (all version)
- All Of the Mambo & Joomla Script Remote File Inclussion Bugs..
- Apple Safari: idn urlbar spoofing
- Calendarix version 0.7. 20070307 Multiple Path Disclosure Vulnerabilities
- Calendarix version 0.7. 20070307 Multiple SQL Injection Vulnerabilities
- Calendarix version 0.7. 20070307 Multiple XSS Attacks
- Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe@Office Device
- CFP: ISOI III (a DA workshop)
- CheckPoint VPN-1 UTM Edge Cross Site Request Forgery vulnerability
- Contact request - nVidia
- Conti FTP Server v1.0 DoS
- eNdonesia 8.4 [multiple injection sql]
- eTicket version 1.5.5 Path Disclosure Vulnerability
- eTicket version 1.5.5 XSS Attack Vulnerability
- flac123 0.0.9 - Stack overflow in comment parsing
- FLEA-2007-0028-1: libexif
- FLEA-2007-0029-1: krb5 krb5-workstation
- FLEA-2007-0030-1: avahi avahi-glib avahi-sharp
- HPSBST02231 SSRT071438 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-030 to MS07-035
- HPSBTU02207 SSRT061239 rev.2 - HP Tru64 UNIX OpenSSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS)
- iDefense Security Advisory 06.21.07: Ingres Database Multiple Heap Corruption Vulnerabilities
- iDefense Security Advisory 06.26.07: Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability
- iDefense Security Advisory 06.26.07: RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability
- Ingres stack overflow in uuid_from_char function
- Ingres Unauthenticated Pointer Overwrite 1
- Ingres Unauthenticated Pointer Overwrite 2
- Ingres verifydb local stack overflow
- Ingres wakeup setuid(ingres) file truncation
- iPhone Security Settings
- Juniper SBR V 6.0.1 CRL-Checking problem
- KF Web Server 3.1.0 admin console XSS
- Light Blog 4.1 XSS Vulnerability
- LiteWEB 2.7 404 Denial of Services
- MITKRB5-SA-2007-004: kadmind multiple RPC lib vulnerabilities
- MITKRB5-SA-2007-005: kadmind vulnerable to buffer overflow
- MS07-034: Executing arbitrary script with mhtml: protocol handler
- MyNews version 0.10 SQL Injection Vulnerability
- NetClassifieds [multiple vulnerabilities]
- New Include Redirect Bug XSS All vBulletin v 3.x.x
- New Include Redirect Bug XSS All vBulletin(r) v 3.x.x
- Openedge _mprosrv buffer overflow
- Outpost Enforcing system reboot with 'outpost_ipc_hdr' mutex Vulnerability
- Papoo CMS 3.6 - Access Restriction Bypass
- Papoo CMS 3.6 - SQL Injection
- PHP 4/5 htaccess safemode and open_basedir Bypass
- PHPMyDesk Beta Release 1.0b ==> RFI
- phpreactor <===1.2.7 remote file include
- phpTrafficA < 1.4.2
- Pluxml 0.3.1 Remote Code Execution Exploit
- POWER PHLOGGER v.2.2.5 (username) SQL Injection
- Progress Webspeed exploit for all releases
- rPSA-2007-0131-1 libexif
- rPSA-2007-0133-1 emacs emacs-leim
- rPSA-2007-0135-1 krb5 krb5-server krb5-services krb5-test krb5-workstation
- rPSA-2007-0136-1 httpd mod_ssl
- Safari Bookmarks Buffer Overflow Vulnerability
- Safari XMLHttpRequest HTTP header injection
- SAP Internet Communication Framework (BC-MID-ICF) Vulnerability
- SAP Web Dynpro Java (BC-WD-JAV) Vulnerability
- Secunia Research: KVIrc irc:// URI Handler Command Execution Vulnerability
- Secunia Research: Symantec Mail Security for SMTP Boundary Errors
- SHTTPD V1.38 server source code disclosure
- SQL Injection In Script VBZooM V1.12
- SYMSA-2007-004: Multiple Vulnerabilities in Xythos Server Products
- TSLSA-2007-0021 - kerberos5
- WheatBlog 1.1 RFI/SQL Injection
- XEForum Cookie Modification Privilege Escalation Vulnerability
|
