Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series Advisory ID: cisco-sa-20110601-phone Revision 1.0 For Public Release 2011 June 1 1600 UTC GMT +----------------------------------------------------------------...

[CVE-REQUEST] Plone XSS and permission errors

Hello all, As a member of the Plone security response team I hereby notify you that we have been made aware of three distinct security holes in Plone and are requesting CVE identifiers. 1. Reflected XSS attack A crafted URL can display arbitrary HTML output 2. Persistent XSS attack Certain valid...

CVE-2011-1717

Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of birth, instant message logs, and other private information...

CVE-2011-0609

creationtimestamp| type| source ---|---|--- 2011-03-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/17027 2013-10-16 13:56:10+00:00| seen| MISP/525e9a4a-4e64-4799-86e6-3f83ac1d4fa4 2013-10-17 09:11:56+00:00| seen| MISP/525fa9a2-4ae0-434d-9b01-61a8950d2109 2018-05-29...

CVE-2010-4542

Stack-based buffer overflow in the gfigreadparametergimprgb function in plug-ins/gfig/gfig-style.c in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a long Foreground field in a plugin...

RHEL 4 / 5 : php (RHSA-2010:0919)

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Security updates available for Adobe Reader and Acrobat

Security updates available for Adobe Reader and Acrobat Release date: October 5, 2010 Vulnerability identifier: APSB10-21 CVE Numbers: CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2888, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-362...

CentOS Update for samba CESA-2010:0697 centos4 i386

Check for the Version of samba OpenVAS Vulnerability Test CentOS Update for samba CESA-2010:0697 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CVE-2008-4385

creationtimestamp| type| source ---|---|--- 2010-09-20 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16552 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/systemrequirementslabunsafe.rb 2025-02-06...

libsmbclient, samba security update

CentOS Errata and Security Advisory CESA-2010:0697 Updated samba packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 3, 4, and 5, and Red Hat Enterprise Linux 4.7, 5.3, and 5.4 Extended Update Support. The Red Hat Security Response Team has rated this...

openSUSE Security Update : acroread (openSUSE-SU-2010:0137-1)

Specially crafted PDF documents could crash acroread or even lead to execution of arbitrary code CVE-2010-0190, CVE-2010-0191, CVE-2010-0192, CVE-2010-0193 CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197 CVE-2010-0198, CVE-2010-0199, CVE-2010-0201, CVE-2010-0202 CVE-2010-0203,...

CVE-2010-0806

creationtimestamp| type| source ---|---|--- 2010-03-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/11683 2010-12-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16590 2018-05-29 15:50:33+00:00| seen|...

Hackers used a variety of free kill technology induction-vulnerability warning-the black bar safety net

One, you want to make a Trojan horsefree kill The first thing to prepare one without the shell of the Trojan Horse, this point is very important, otherwise free killoperation can not be performed indefinitely. Then we want to Trojan the memory offree to kill, from the above analysis it can be see...

PT-2009-4918 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to an integer overflow in the CryptoAPI component when parsing X.509 certificates with malformed ASN.1 Object Identifiers. This allows man-in-the-middle...

Microsoft CryptoAPI Object Identifiers Integer Overflow (MS09-056; CVE-2009-2511)

The CryptoAPI provide services that enable application developers to add encryption/decryption of data, authentication using digital certificates, and encoding to and decoding from Abstract Syntax Notation One ASN.1 to their Windows-based applications. A spoofing vulnerability has been reported i...

openSUSE 10 Security Update : ruby (ruby-6339)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

openSUSE Security Update : ruby (ruby-1070)

This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...

CVE-2009-2165

SerendipityNZ aka SimpleBoxes Serene Bach 2.20R and earlier, and 3.00 beta023 and earlier 3.x versions, uses a predictable session id, which makes it easier for remote attackers to hijack sessions via a modified id...

CVE-2009-0927

creationtimestamp| type| source ---|---|--- 2009-05-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8595 2009-09-03 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9579 2010-04-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16606 2010-09-25...