Gwyn's Imagemap Selector Security Vulnerabilities

language-selector privilege escalation

Privilege escalation via D-Bus...

Gesytec ElonFmt ActiveX 1.1.14 - 'ElonFmt.ocx' pid Item Buffer Overflow (SEH)

...

Gesytec ElonFmt Active-X 1.1.14 Buffer Overflow

...

[USN-1115-1] language-selector vulnerability

========================================================================== Ubuntu Security Notice USN-1115-1 April 19, 2011 language-selector vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 10.10 Summary: Local users could gain root access via the...

CVE-2011-1842

dbus_backend/lsd.py in the D-Bus backend in language-selector before 0.6.7 does not validate the arguments to the (1) SetSystemDefaultLangEnv and (2) SetSystemDefaultLanguageEnv functions, which allows local users to gain privileges via shell metacharacters in a string argument, a different...

language-selector vulnerability

Releases Ubuntu 10.10 Packages language-selector - Language selector for Ubuntu Linux Details Romain Perier discovered that the language-selector D-Bus backend did not correctly check for Policy Kit authorizations. A local attacker could exploit this to inject shell commands into the...

CVE-2011-0729

dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a (1) SetSystemDefaultLangEnv or (2)...

WordPress Conduit Banner 0.2 Cross Site Scripting

...

kvm security and bug fix update

[kvm-83-224.0.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-224.el5] - kvm-kernel-KVM-x86-zero-kvm_vcpu_events-interrupt.pad.patch [bz#665407] - Resolves: bz#665407 (kvm_vcpu_events.interrupt.pad must be zeroed) - CVE:...

CVE-2010-4392

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap...

CVE-2010-4392

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap...

Heap overflow

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap...

CVE-2010-4392

Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to execute arbitrary code via crafted ImageMap...

RealNetworks RealPlayer ImageMap Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

kvm security update

[kvm-83-164.0.1.el5_5.25] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-add-oracle-workaround-for-libvirt-bug.patch [kvm-83-164.el5_5.25] - Adding load_gs_index to kmod symbol greylist - Related: bz#639886 (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic...

SuSE 11 / 11.1 Security Update : Mozilla Firefox (SAT Patch Numbers 2780 / 2781)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

Oracle Secure Backup Administration selector parameter command injection

Added: 11/19/2010 CVE: CVE-2010-0906 BID: 41597 OSVDB: 67128 Background Oracle Secure Backup is a centralized tape backup management solution for Oracle Database. Problem A command injection vulnerability allows remote, authenticated attackers to execute arbitrary commands specified in the...

RHEL 6 : kernel (RHSA-2010:0842)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0842 advisory. kernel: drm ioctls infoleak (CVE-2010-2803) kernel: wireless: fix 64K kernel heap content leak via ioctl (CVE-2010-2955) kernel:...

RealPlayer RealMedia文件ImageMap解析堆溢出漏洞

BUGTRAQ ID: 44847 RealPlayer是一款流行的多媒体播放器。 RealPlayer在解析RealMedia（.rm）文件中的ImageMap元素时存在整数截尾错误，用户受骗打开了恶意的媒体文件就可能触发堆溢出，导致执行任意代码。 Real Networks RealPlayer 1.1.5 Build 12.0.0.879 厂商补丁： Real Networks 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Real Networks RealPlayer < 14.0.1.609 (Build 12.0.1.609) Multiple Vulnerabilities

The remote host is running RealPlayer, a multi-media application. RealPlayer builds earlier than 12.0.1.609 are potentially affected by vulnerabilities : An uncontrolled array index vulnerability exists in RealMedia media properties. (CVE-2010-4384) A heap overflow vulnerability exists in...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7101)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security issues : Several memory safety bugs in habe been identified in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs show evidence of memory corruption...

Twitter Closes Web Hole After Attack Hits Up to 500,000

UPDATE: Engineers at social network Twitter.com plugged a vulnerability in the company’s main Web page after attacks that exploited the hole may have hit more than 500,000 users. The security hole was patched at about 9:45 AM ET, according to a post by Del Harvey (@delbius), the head of Twitter’s.....

Oracle Secure Backup Administration selector Variable Command Injection (CVE-2010-0906)

Oracle Secure Backup is a backup solution allowing for single point of management of data present on network attached storage (NAS) devices and distributed hosts. A command execution vulnerability exists in Oracle Secure Backup server. The vulnerability is due to an insufficient sanitizing when...

Mambo / Joomla HeXimage 2.1.2 SQL Injection

...

Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Advisory ID: cisco-sa-20100811-ace Revision 1.0 For Public Release 2010 August 11 1600 UTC (GMT)...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

openSUSE Security Update : MozillaFirefox (openSUSE-SU-2010:0430-3)

This update brings Mozilla Firefox to the 3.5.11 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

openSUSE Security Update : MozillaThunderbird (openSUSE-SU-2010:0430-2)

This update brings Mozilla Thunderbird to the 3.0.6 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed....

openSUSE Security Update : seamonkey (openSUSE-SU-2010:0430-1)

This update brings Mozilla SeaMonkey to the 2.0.6 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed...

Mozilla Products Multiple Vulnerabilities jul-10 (Windows)

The host is installed with Mozilla Firefox/Seamonkey/Thunderbird that are prone to multiple...

Mozilla Products Multiple Vulnerabilities (MFSA2010-34, MFSA2010-39, MFSA2010-40, MFSA2010-42, MFSA2010-46, MFSA2010-47) - Windows

Mozilla Firefox/Seamonkey/Thunderbird are prone to multiple...

Mozilla Foundation Security Advisory 2010-46

Mozilla Foundation Security Advisory 2010-46 Title: Cross-domain data theft using CSS Impact: Moderate Announced: July 20, 2010 Reporter: Chris Evans Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.7 Firefox 3.5.11 Thunderbird 3.1.1 Thunderbird 3.0.6 SeaMonkey 2.0.6...

Cross-domain data theft using CSS — Mozilla

Google security researcher Chris Evans reported that data can be read across domains by injecting bogus CSS selectors into a target site and then retrieving the data using JavaScript APIs. If an attacker can inject opening and closing portions of a CSS selector into points A and B of a target...

ZDI-10-121: Command Injection Remote Code Execution Vulnerability

ZDI-10-121: Command Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-121 July 13, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- Vulnerability Details: This vulnerability...

Oracle Secure Backup Administration selector Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'selector[0]' variable to the script index.php.....

Core Security Technologies Advisory 2010.0316

...

Novell iManager Multiple Vulnerabilities

No description provided by...

CORE-2010-0316 - Novell iManager Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Novell iManager Multiple Vulnerabilities Advisory Information Title: Novell iManager Multiple Vulnerabilities Advisory Id: CORE-2010-0316 Advisory URL:...

Novell iManager Multiple Vulnerabilities

Exploit for novell platform in category dos /...

Novell iManager - Multiple Vulnerabilities

...

Novell iManager - Multiple Vulnerabilities

Novell iManager - Multiple...

Novell iManager Multiple Vulnerabilities

Novell iManager Multiple Vulnerabilities 1. Advisory Information Title: Novell iManager Multiple Vulnerabilities Advisory Id: CORE-2010-0316 Advisory URL: http://www.coresecurity.com/content/novell-imanager-buffer-overflow-off-by-one-vulnerabilities Date published: 2010-06-23 Date of last update:.....

Fedora Update for kdeutils FEDORA-2010-8544

Check for the Version of...

Fedora Update for kdeutils FEDORA-2010-8547

Check for the Version of...

[SECURITY] Fedora 11 Update: kdeutils-4.4.3-1.fc11.1

Utilities for KDE 4. Includes: * ark: tar/gzip archive manager * kcalc: scientific calculator * kcharselect: character selector * kdelirc: Linux Infrared Remote Control frontend * kdf: view disk usage * kfloppy: floppy formatting tool * kgpg: gpg gui * ktimer: task scheduler *...

[SECURITY] Fedora 13 Update: kdeutils-4.4.3-1.fc13.1

Utilities for KDE 4. Includes: * ark: tar/gzip archive manager * kcalc: scientific calculator * kcharselect: character selector * kdelirc: Linux Infrared Remote Control frontend * kdf: view disk usage * kfloppy: floppy formatting tool * kgpg: gpg gui * ktimer: task scheduler *...

[SECURITY] Fedora 12 Update: kdeutils-4.4.3-1.fc12.1

Utilities for KDE 4. Includes: * ark: tar/gzip archive manager * kcalc: scientific calculator * kcharselect: character selector * kdelirc: Linux Infrared Remote Control frontend * kdf: view disk usage * kfloppy: floppy formatting tool * kgpg: gpg gui * ktimer: task scheduler *...