January 2011
[4/5] Red Hat update for openoffice.org
Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43118/
[2/5] Debian update for exim4
Debian has issued an update for exim4. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges.
http://secunia.com/advisories/43128/
[2/5] Exim "open_log()" Privilege Escalation...
A security issue has been reported in Exim, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
http://secunia.com/advisories/43101/
[2/5] web@all Cross-Site Scripting and SQL...
Russ McRee has discovered some vulnerabilities in web@all, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43046/
[3/5] Debian update for freetype
Debian has issued an update for freetype. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service) or potentially compromise an application using the library.
http://secunia.com/advisories/43138/
[2/5] Fedora update for perl-CGI-Simple
Fedora has issued an update for perl-CGI-Simple. This fixes two vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library.
http://secunia.com/advisories/43147/
[3/5] Virtuosa ASX Playlist Processing Buffer...
A vulnerability has been discovered in Virtuosa, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43108/
[3/5] Debian update for linux-2.6
Debian has issued an update for linux-2.6. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS.
http://secunia.com/advisories/43127/
[2/5] Polycom SoundPoint IP Phones HTTP Denial of...
Pawel Gawinek has reported a vulnerability in Polycom SoundPoint IP Phones, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/43061/
[2/5] Hitachi JP1/NETM/DM Products Two...
Two vulnerabilities have been reported in various Hitachi products, which can be exploited by malicious, local users to potentially gain knowledge of sensitive information and malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/43140/
[4/5] VLC Media Player MKV Demuxer "MKV_IS_ID"...
A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43131/
[2/5] Microsoft Windows MHTML Cross-Site Scripting...
A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43093/
[3/5] IBM DB2 Administration Server Buffer...
A vulnerability has been reported in IBM DB2, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43059/
[4/5] Red Hat update for openoffice.org
Red Hat has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user’s system.
http://secunia.com/advisories/42999/
[3/5] Red Hat update for pango and...
Red Hat has issued an update for pango and evolution28-pango. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
http://secunia.com/advisories/43100/
[2/5] Debian update for hplip
Debian has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43083/
[3/5] IBM Tivoli Common Reporting Unspecified...
IBM has acknowledged some vulnerabilities with unknown impact in IBM Tivoli Common Reporting.
http://secunia.com/advisories/43030/
[1/5] Fedora update for chm2pdf
Fedora has issued an update for chm2pdf. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges or to cause a DoS (Denial of Service).
http://secunia.com/advisories/43109/
[4/5] RealPlayer AVI Header Parsing Buffer...
A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43098/
[2/5] EMC NetWorker RPC Library "nsrexecd" Daemon...
A vulnerability has been reported in EMC NetWorker, which can be exploited by malicious people to bypass certain security restrictions.
http://secunia.com/advisories/43113/
[2/5] Puppet Missing "auth.conf" Security Issue
A security issue has been reported in Puppet, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data.
http://secunia.com/advisories/43090/
[2/5] Vanilla Forums "Target" Cross-Site Scripting...
A vulnerability has been discovered in Vanilla Forums, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43074/
[2/5] PRTG Network Monitor Cross-Site Scripting...
Some vulnerabilities have been reported in PRTG Network Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43076/
[4/5] Debian update for openoffice.org
Debian has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user’s system.
http://secunia.com/advisories/43065/
[4/5] Ubuntu update for openjdk-6
Ubuntu has issued an update for openjdk-6. This fixes a vulnerability, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43078/
[2/5] Fedora update for hplip
Fedora has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43102/
[3/5] Oracle PDF Import Extension Xpdf...
Some vulnerabilities have been reported in the Oracle PDF Import Extension for OpenOffice.org / Oracle Open Office, which can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43079/
[3/5] Symantec Quarantine Server Intel Alert...
Multiple vulnerabilities have been reported in Symantec Quarantine Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
http://secunia.com/advisories/43106/
[3/5] Symantec Products Intel Alert Management...
Multiple vulnerabilities have been reported in Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.
http://secunia.com/advisories/43099/
[2/5] Fedora update for myproxy
Fedora has issued an update for myproxy. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks.
http://secunia.com/advisories/43103/
[2/5] XNova Cross-Site Request Forgery...
A vulnerability has been discovered in XNova, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/43096/
[2/5] ISC DHCPv6 Message Processing Denial of...
A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/43104/
[2/5] ISC DHCPv6 Message Processing Denial of...
A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/43006/
[2/5] PivotX "color" and "src" Cross-Site...
Two vulnerabilities have been reported in PivotX, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43040/
[2/5] PivotX "image" Cross-Site Scripting...
A vulnerability has been discovered in PivotX, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43045/
[4/5] SumatraPDF "closedctd()" Memory Corruption...
A vulnerability has been discovered in SumatraPDF, which potentially can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43095/
[4/5] MuPDF "closedctd()" Memory Corruption...
A vulnerability has been discovered in MuPDF, which potentially can be exploited by malicious people to compromise a user’s system.
http://secunia.com/advisories/43020/
[3/5] Cisco Content Services Gateway Security...
Multiple vulnerabilities have been reported in Cisco Content Services Gateway (CSG2), which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).
http://secunia.com/advisories/43052/
[1/5] PivotX Path Disclosure Weakness
A weakness has been discovered in PivotX, which can be exploited by malicious people to disclose certain system information.
http://secunia.com/advisories/43041/
[2/5] TYPO3 Media [DAM] Extension Cross-Site...
A vulnerability has been reported in the Media [DAM] extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks.
http://secunia.com/advisories/43080/
[4/5] SUSE update for java-1_6_0-ibm
SUSE has issued an update for java-1_6_0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system.
http://secunia.com/advisories/43091/
[4/5] Red Hat update for webkitgtk
Red Hat has issued an update for webkitgtk. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain access restrictions, conduct spoofing attacks, cause a DoS (Denial of Service), potentially disclose sensitive information, and potentially compromise a user’s system.
http://secunia.com/advisories/43086/
[3/5] Novell ZENworks Handheld Management...
A vulnerability has been reported in Novell ZENworks Handheld Management, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43094/
[3/5] Joomla! B2 Portfolio Component "c" SQL...
Salvatore Fresta has discovered a vulnerability in the B2 Portfolio component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
http://secunia.com/advisories/43038/
[4/5] Ruby Mail Gem Email Address Shell Command...
A vulnerability has been reported in the Mail gem for Ruby, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43077/
[2/5] Panda Products APPFLT.SYS Driver IOCTL...
Two vulnerabilities have been discovered in certain Panda products, which can be exploited by malicious, local users to potentially gain escalated privileges.
http://secunia.com/advisories/43043/
[2/5] OpenVAS Manager Command Injection...
A vulnerability has been reported in OpenVAS Manager, which can be exploited by malicious users to compromise a vulnerable system.
http://secunia.com/advisories/43037/
[2/5] HP OpenView Storage Data Protector...
A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious people to cause a DoS (Denial of Service).
http://secunia.com/advisories/43088/
[3/5] JBoss Web Framework Kit Spring Framework...
Red Hat has acknowledged a vulnerability in JBoss Web Framework Kit, which can be exploited by malicious people to compromise a vulnerable system.
http://secunia.com/advisories/43087/
[2/5] Greenbone Security Assistant Cross-Site...
A vulnerability has been reported in Greenbone Security Assistant, which can be exploited by malicious people to conduct cross-site request forgery attacks.
http://secunia.com/advisories/43092/