7618 matches found
Design/Logic Flaw
Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading...
Slackware 13.0 / 13.1 / 13.37 / current : mozilla-thunderbird (SSA:2011-249-02)
New mozilla-thunderbird packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-249-02. The text...
Slackware 13.37 / current : seamonkey (SSA:2011-249-03)
New seamonkey packages are available for Slackware 13.37 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-249-03. The text itself is copyright C...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/mozilla-thunderbird-3.1.13-i486-1slack13.37.txz: Upgraded. This release contains security fixes and...
PT-2011-1768 · Gtk+ Team · Gtk+
Name of the Vulnerable Software and Affected Versions: GTK+ versions prior to 2.24.0 Description: The issue is related to an untrusted search path vulnerability in the modules/engines/ms-windows/xp theme.c module. This allows local users to gain privileges via a Trojan horse uxtheme.dll file in t...
WordPress Plugin yolink Search 1.1.4 - SQL Injection
WordPress Plugin yolink Search 1.1.4 - SQL Injection Exploit Title: WordPress yolink Search plugin getresults $wpdb-prepare "SELECT ID,GUID FROM $wpdb-posts WHERE poststatus='publish' AND posttype IN $posttypein AND ID $idfrom order by ID asc LIMIT $batchsize" ; //misusage of $wpdb-prepare :...
Call for Papers from DefCon Chennai (DC602028)
Call for Papers from DefCon Chennai DC602028 Background: We are the Official DEF-CON Chennai Group DC602028 The Event is taking place on 11th September 2011 at a resort in ECR Road Chennai,India. We will be having a Private conference room for the meet. Regarding Paper Submission We require...
Apple QuickTime STTS atom Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktim...
[slackware-security] dhcpcd (SSA:2011-210-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security dhcpcd SSA:2011-210-02 New dhcpcd packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...
Slackware 13.37 / current : seamonkey (SSA:2011-195-01)
New seamonkey packages are available for Slackware 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-195-01. The text itself is copyright C...
rgmanager: insecure library loading vulnerability
The 1 SAPDatabase and 2 SAPInstance scripts in OCF Resource Agents aka resource-agents or cluster-agents 1.0.3 in Linux-HA place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/seamonkey-2.2-i486-1slack13.37.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / 13.37 / 8.1 / 9.0 / 9.1 / current : fetchmail (SSA:2011-171-01)
New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
The path separator"\"with"/"in the Web of induced vulnerability-vulnerability warning-the black bar safety net
Whether is under windows the path separator""or linux"/", this is not a serious problem, but in the web of the upper surface of the opening will appear a lot of"bugs", if the web Developer did not consider this issue, then may appear very serious bug. In the VC code\ \ \is an escape character,...
Slackware 13.1 / current : mozilla-thunderbird (SSA:2010-202-02)
New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-202-02. The text itself is...
Slackware current : 64-bit kernel (SSA:2010-265-01)
New kernel packages are available for Slackware x8664 13.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-265-01. The text itself is copyright C...
Slackware 13.0 / 13.1 / 13.37 / current : mozilla-firefox (SSA:2011-122-01)
New mozilla-firefox packages are available for Slackware 13.0, 13.1, 13.37, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2011-122-01. The text itself...
Slackware 13.0 / 13.1 / current : mozilla-firefox (SSA:2010-204-01)
New mozilla-firefox packages are available for Slackware 13.0, 13.1, and -current to fix a regression. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2010-204-01. The text itself is...
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 8.1 / 9.0 / 9.1 / current : bind (SSA:2008-191-02)
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to address a security problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory...
Slackware 8.1 / current : Sendmail buffer overflow fixed
The sendmail packages in Slackware 8.1 and -current have been patched to fix a security problem. All sites running sendmail should upgrade. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the associated Slackware Security Advisory. The...