8 matches found
libsndfile -- multiple vulnerabilities
Secunia reports: Two vulnerabilities have been reported in libsndfile, which can be exploited by malicious people to compromise an application using the library. A boundary error exists within the "vocreadheader" function in src/voc.c. This can be exploited to cause a heap-based buffer overflow v...
Secunia Research: OpenX Multiple Vulnerabilities
====================================================================== Secunia Research 27/01/2009 - OpenX Multiple Vulnerabilities - ====================================================================== Table of Contents Affected Software....................................................1...
Nagios -- Cross Site Scripting Vulnerability
Secunia reports: A vulnerability has been reported in Nagios, which can be exploited by malicious people to conduct cross-site scripting attacks...
[SA18576] Tor Hidden Service Disclosure Weakness
TITLE: Tor Hidden Service Disclosure Weakness SECUNIA ADVISORY ID: SA18576 VERIFY ADVISORY: http://secunia.com/advisories/18576/ CRITICAL: Less critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: Tor 0.x http://secunia.com/product/5269/ DESCRIPTION: Lasse Overlier and...
trac -- search module SQL injection vulnerability
Secunia reports: A vulnerability has been reported in Trac, which can be exploited by malicious people to conduct SQL injection attacks. Some unspecified input passed in the search module isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by...
[SA17779] Ampache Snoopy "_httpsrequest()" Command Injection Vulnerability
TITLE: Ampache Snoopy "httpsrequest" Command Injection Vulnerability SECUNIA ADVISORY ID: SA17779 VERIFY ADVISORY: http://secunia.com/advisories/17779/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Ampache 3.x http://secunia.com/product/5347/ DESCRIPTION: A...
flyspray -- cross-site scripting vulnerabilities
A Secunia Advisory reports: Lostmon has reported some vulnerabilities in Flyspray, which can be exploited by malicious people to conduct cross-site scripting attacks. Some input isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script...
FreeBSD : opera -- download dialog spoofing vulnerability (a2aa24fd-00d4-11da-bc08-0001020eed82)
A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...