falt4 cms rc4 10.9.2007 Multiple Vulnerabilities

No description provided by source. H - Security Labs Falt4 CMS RC4 10.9.2007 Security Report /Advisory ID : HSEC20071012 General Information -------------------------- Name : Falt4Extreme CMS RC4 10.9.2007 Vendor HomePage :http://sourceforge.net/projects/falt4/ Platforms : PHP && MySQL...

cyclades alterpath manager 1.1 - Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/12649/info Cyclades AlterPath Manager is a network device designed to facilitate remote administration of all network-accessible infrastructure resources. Multiple remote vulnerabilities affect Cyclades AlterPath Manager...

NPDS 4.8 /5.0 Modules.php Lettre Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

deV!Lz Clanportal [DZCP] <= 1.3.6 - Arbitrary File Upload Vulnerability

No description provided by source. S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload PHP code and execute it,...

OpenSSL ASN1 BIO Memory Corruption Vulnerability

No description provided by source. Incorrect integer conversions in OpenSSL can result in memory corruption. -------------------------------------------------------------------------- CVE-2012-2110 This advisory is intended for system administrators and developers exposing OpenSSL in production...

NPDS 4.8 /5.0 reviews.php title Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

PHP 5.5.x < 5.5.14 Multiple Vulnerabilities

According to its banner, the version of PHP 5.5.x installed on the remote host is a version prior to 5.5.14. It is, therefore, affected by the following vulnerabilities : - Boundary checking errors exist related to the Fileinfo extension, Composite Document Format CDF handling and the functions...

Scientific Linux Security Update : tzdata enhancement update on SL5.x, SL6.x i386/x86_64 (20140623)

This update adds the following enhancements : - Based on the official government announcement, Egypt's 2014 Ramadan-based transitions were updated to June 26 and July 31 at 24:00. - Morocco's Ramadan transitions were also updated to June 28 at 03:00 and August 2 at 02:00. This update has been...

Debian DSA-2960-1 : icedove - security update

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

[SECURITY] [DSA 2960-1] icedove security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2960-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 16, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2960-1 (icedove - security update)

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. OpenVAS Vulnerability Test $Id: deb2960.nasl 6724 2017-07-14...

PHP 5.x < 5.4.29, 5.5.x < 5.5.13 Multiple DoS Vulnerabilities (Jun 2014)

PHP is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php";...

DSA-2960-1 icedove - security update

Bulletin has no description...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:0645-1)

This php5 update fixes : - CVE-2011-0421: CVSS v2 Base Score: 2.6 AV:N/AC:H/Au:N/C:N/I:N/A:P: Input Validation CWE-20 - CVE-2011-1092: CVSS v2 Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P: Numeric Errors CWE-189 - CVE-2011-1148: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P: Resource Managemen...

openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)

This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...

openSUSE Security Update : libwebkit (openSUSE-SU-2011:0482-1)

This version upgrade of webkit to 1.2.7 fixes the following bugs : - CVE-2010-2441: CVSS v2 Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N: Permissions, Privileges, and Access Control CWE-264 - CVE-2010-2901: CVSS v2 Base Score: 3.7 AV:L/AC:H/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 - CVE-2010-4042:...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)

This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...

openSUSE Security Update : libreoffice (openSUSE-SU-2012:0428-1)

updated to libreoffice-3.4.5.5 SUSE 3.4.5-rc3 : - extras - add SUSE color palette fate312645 - filters - crash when loading embedded elements bnc693238 - crash when importing an empty paragraph rh667082 - writer - do not use an invalidated iterator fdo46337 - updated to libreoffice-3.4.5.4 SUSE...

openSUSE Security Update : flash-player (openSUSE-SU-2012:0331-1)

flash-player 11.1.102.63 fixes two security issues : - memory corruption vulnerability in Matrix3D could lead to code executionn CVE-2012-0768 - integer errors that could lead to information disclosure CVE-2012-0769 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

openSUSE Security Update : samba (openSUSE-SU-2012:0507-1)

" - Add the ldapsmb sources as else patches against them have no chance to apply. - Samba pre-3.6.4 are affected by a vulnerability that allows remote code exe- cution as the 'root' user; PIDL based autogenerated code allows overwriting beyond of allocated array; CVE-2012-1182; bso8815...