Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 29-07-2010
WebKit ‘font-face’ and ‘use’ Elements Use-After-Free Remote Code Execution Vulnerability
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 29-07-2010
WebKit ‘foreignObject’ Elements Use-After-Free Remote Code Execution Vulnerability
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 29-07-2010
Whizzy CMS ‘whizzycms1001.php’ Local File Include Vulnerability
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 29-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the \\ls keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 28-07-2010
Mandriva Linux Security Advisory 2010-142 – The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
OpenLDAP ‘modrdn’ Request Multiple Vulnerabilities
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
RETIRED: Apple Safari Prior to 5.0.1 and 4.1.1 Multiple Security Vulnerabilities
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
ZABBIX ‘formatQuery()’ Cross Site Scripting Vulnerability
Posted by LinuxSecurity.com - Security Advisories | Posted in Advisories | Posted on 28-07-2010
LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in openldap:
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not
check the return value of a call to the smr_normalize function, which
allows remote attackers to cause a denial of service (segmentation
[More...]
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
Pointdev IDEAL Migration & IDEAL Administration ‘.ipj’ File Stack Buffer Overflow Vulnerability
Posted by SecurityFocus Vulnerabilities | Posted in Advisories | Posted on 28-07-2010
Autonomy KeyView Filter Module Multiple Memory Corruption Vulnerabilities
Posted by LinuxSecurity.com - Security Advisories | Posted in Advisories | Posted on 28-07-2010
LinuxSecurity.com: An updated lvm2-cluster package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]
Posted by Packet Storm Security Advisories | Posted in Advisories | Posted on 27-07-2010
Mandriva Linux Security Advisory 2010-140 – This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.