[SECURITY] Fedora 19 Update: ksnakeduel-4.10.4-1.fc19

KSnakeDuel is a simple snake duel game. You can play KSnakeDuel against the computer or a friend. The aim of the game is to live longer than your opponent. To do that, avoid running into a wall, your own tail and that of your opponent...

PT-2013-2141 · Ruby · Ruby Parser

Name of the Vulnerable Software and Affected Versions: ruby parser gem versions 3.1.1 and earlier Description: The issue allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. This is due to the diff pp function in lib/gauntlet...

PT-2013-2069 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 9 Description: The issue is related to a use-after-free condition that allows remote attackers to execute arbitrary code via a crafted web site, triggering access to a deleted object. This may corrupt memor...

PT-2012-2039 · Whmcs · Whmcs

Name of the Vulnerable Software and Affected Versions: WHMCS versions 4.0.x through 5.0.x Description: The issue is related to improper handling of characters in the subject field of a crafted ticket, which can trigger arbitrary code execution in the Smarty templating system. This allows remote...

Fedora 15 : viewvc-1.1.11-1.fc15 (2011-7185)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

PT-2011-2039 · Microsoft · Windows Media Player +2

Name of the Vulnerable Software and Affected Versions: Windows Media Player and Windows Media Center versions prior to the fixed version Description: A remote code execution issue exists in the way Windows Media Player and Windows Media Center handle Digital Video Recording .dvr-ms files. This...

New Trojan Targets User Credentials on Popular Sites

A new information-stealing Trojan, believed to be of Chinese origin, has been identified by Avira researchers. This malware targets usernames and passwords for a variety of popular websites, including YouTube, Google, and PayPal, as well as Chinese sites like Youku, Tudou, Sogou, and Soho. The...

MTDesing SQL Login Authentication by pass Vulnerability

Exploit for php platform in category web applications ======================================================= MTDesing SQL Login Authentication by pass Vulnerability ======================================================= +: MTDesing SQL Login by pas vuln. Date: 07.57 10.07.210 Author: Curly...

Latest MS Patches Seek to Avoid BSoD

Microsoft took steps Tuesday to avoid repeating the debacle two months ago that left Windows XP users staring at the notorious “Blue Screen of Death” error message after they applied a patch. Read the full article. Computerworld...

PT-2010-2062 · Microsoft · Producer +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Movie Maker versions 2.1 through 6.0 Microsoft Producer version 2003 Description: A buffer overflow issue allows remote attackers to execute arbitrary code via a crafted project .MSWMM file. Recommendations: For Microsoft...

PT-2009-2912

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel versions 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 Excel Viewer 2003 Gold and SP3 Excel Viewer Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 Microsoft Office 2004 and 2008 for Mac Description ...

PT-2008-5548 · Microsoft · Windows Server 2008 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: A remote code execution issue exists due to improper memory handling during the saving of a search file. This allows attackers to execute arbitrary code via a crafted...

Winny buffer overflow vulnerability

Overview Winny, P2P file-sharing exchange software, contains a buffer overflow vulnerability. As of May 25, 2006, exploit information is publicly available. Currently we are not aware of any attacks. It is recommended that users avoid using Winny. Impact If a remote attacker sends a malicious...

Input validation

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified 1 computer...

CVE-2008-1118

Timbuktu Pro 8.6.5 for Windows, and possibly 8.7 for Mac OS X, does not perform input validation before logging information fields taken from packets from a remote peer, which allows remote attackers to generate crafted log entries, and possibly avoid detection of attacks, via modified 1 computer...

hacker Start-vulnerability warning-the black bar safety net

Don't know the name of the article. As far as I know, a lot of people to learn hacking techniques from how to get into others system start, the Processor collects a variety of exploits, backdoors, Trojans, etc. However,my earliest learning was not these,but this time I want to talk about:hacking,...

PT-2007-4039 · Mpc Hc Team · Media Player Classic

Name of the Vulnerable Software and Affected Versions: Media Player Classic version 6.4.9.0 Description: The issue allows remote attackers to cause a denial of service, resulting in a web browser crash, by utilizing an "empty" .MPA file. This triggers a divide-by-zero error. Recommendations: For...

Embedded Malicious Code

Overview johnpbloch/wordpress-core is a malicious package. Version 2.1.1 of WordPress was injected with malicious code that supplied attackers with backdoor access to WordPress sites. Remediation Avoid using all malicious instances of the johnpbloch/wordpress-core package. References - Blog Post ...

PT-2006-7024 · Phpadsnew · Phpadsnew

Name of the Vulnerable Software and Affected Versions: phpAdsNew version 2.0.4-pr2 Description: A remote file inclusion issue exists, allowing remote attackers to execute arbitrary PHP code via a URL in the phpAds path parameter. This issue is disputed, as phpAds path is used as a constant...

PT-2006-6665 · My-Bic · My-Bic

Name of the Vulnerable Software and Affected Versions: My-BIC version 0.6.5 Description: A remote file inclusion issue in mybic server.php allows remote attackers to execute arbitrary PHP code via a URL in the INC PATH parameter. This issue is disputed by third-party researchers because INC PATH ...