Photodex ProShow Producer 5.0.3297 Insecure Library Load

Photodex ProShow Producer version 5.0.3297 suffers from an insecure library loading vulnerability. Proof of concept code included. 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Uncontrolled Search Path Element CWE-427 Date...

Photodex ProShow Producer 5.0.3297 Insecure Library Load

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Uncontrolled Search Path Element CWE-427 Date found: 2013-02-23 Date published: 2013-02-23 CVSSv2 Score: 4,4...

RedHat Update for httpd RHSA-2013:0512-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 6 : gdb (RHSA-2013:0522)

Updated gdb packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Moderate: Red Hat Security Advisory: gdb security and bug fix update

Updated gdb packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Updated httpd packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which giv...

drupal7 -- Denial of service

Drupal Security Team reports: Drupal core's Image module allows for the on-demand generation of image derivatives. This capability can be abused by requesting a large number of new derivatives which can fill up the server disk space, and which can cause a very high CPU load. Either of these effec...

DEBIAN-CVE-2012-4530

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

VLC Player 2.0.4 <= Arbitrary Code Execution

Exploit for windows platform in category local exploits VLC Player 2.0.4 = Arbitrary Code Execution !/usr/bin/perl VLC Player 2.0.4 = ReadAV Arbitrary Code Execution Vendor URI: http://www.videolan.org/vlc/ Vendor Description: VLC is a free and open source cross-platform multimedia player and...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

kernel: stack disclosure in binfmt_script load_script()

The loadscript function in fs/binfmtscript.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application...

OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previou...

RHEL 5 / 6 : mod_cluster-native (RHSA-2012:0037)

An updated modcluster-native package that fixes one security issue is now available for JBoss Enterprise Application Platform 5.1.2 for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scorin...

[SECURITY] Fedora 18 Update: pl-6.0.2-5.fc18

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

[SECURITY] Fedora 17 Update: pl-6.0.2-4.fc17

ISO/Edinburgh-style Prolog compiler including modules, auto-load, libraries, Garbage-collector, stack-expandor, C/C++-interface, GNU-readline interface, very fast compiler. Including packages clib Unix process control and sockets, cpp C++ interface, sgml reading XML/SGML, sgml/RDF reading RDF int...

Fedora Update for pl FEDORA-2013-0211

Check for the Version of pl OpenVAS Vulnerability Test Fedora Update for pl FEDORA-2013-0211 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...

[SECURITY] Fedora 17 Update: drupal7-context-3.0-0.3.beta6.fc17

Context allows you to manage contextual conditions and reactions for differ ent portions of your site. You can think of each context as representing a "sec tion" of your site. For each context, you can choose the conditions that trigger this context to be active and choose different aspects of...

UBUNTU-CVE-2013-0722

Stack-based buffer overflow in the scanloadhosts function in ecscan.c in Ettercap 0.7.5.1 and earlier might allow local users to gain privileges via a Trojan horse hosts list containing a long line...

Enterpriser16 LoadBalancer v7.1 - Multiple Web Vulnerabilities

Title: ====== Enterpriser16 LB v7.1 - Multiple Web Vulnerabilities Date: ===== 2012-12-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=785 VL-ID: ===== 785 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ============= Load...

Enterpriser16 Load Balancer 7.1 - Multiple Cross-Site Scripting Vulnerabilities

Title: ====== Enterpriser16 Load Balancer v7.1 - Multiple Web Vulnerabilities Date: ===== 2012-12-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=785 VL-ID: ===== 785 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...