[USN-686-1] AWStats vulnerability

=== Ubuntu Security Notice USN-686-1 December 04, 2008 awstats vulnerability CVE-2008-3714 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 7.

Re: [USN-684-1] ClamAV vulnerability

[EMAIL PROTECTED]:~$ clamscan -V ClamAV 0.94.1/8713/Tue Dec 2 14:59:31 2008 >From http://securitytracker.com/alerts/2008/Dec/1021296.html: Version(s): prior to 0.94.2 Description: A vulnerability was reported in Clam AntiVirus. A remote user can cause denial of service conditions on the ta

[ MDVSA-2008:236 ] vim

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:236 http://www.mandriva.com/security/

Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: PHP ZipArchive::extractTo() Directory Traversal Vulnerability Release Date: 2008/12/04 Last Modified:

DDIVRT-2008-18 Orb Denial of Service

Title - DDIVRT-2008-18 Orb Denial of Service Severity Medium Date Discovered --- October 21st 2008 Discovered By - Digital Defense, Inc. Vulnerability Research Team Credit: Steven James and [EMAIL PROTECTED] Vulnerability Description

[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1680-1 [EMAIL PROTECTED] http://www.debian.org/security/ Florian Weimer December 04, 2008

Joomla Component GameQ

# Joomla Component GameQ # #

CVE-2008-2086: Java Web Start File Inclusion via System Properties Override

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Java We

[UPRSN] Ubuntu Privacy Remix 8.04r1 fixes security issues

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ### UPR Security Notice UPRSN-08_01 December 04, 2008 several vulnerabilities ### Ubuntu Privacy Remix (UPR), based on Ubuntu 8

Re: XSS in Internet Explorer 6 and 7

Hello Thierry! Your saying above that this attack works if "Initialise and script ActiveX control not marked as safe" is ENABLED. This Saved XSS hole works even with this option disabled (i.e. with default settings). But when we want to use ActiveX in our code (e.g. for Code Execution attack),

[SECURITY] [DSA 1681-1] New Linux 2.6.24 packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-1681-1[EMAIL PROTECTED] http://www.debian.org/security/ Dann Frazier, Alexander Prinsier December 04, 2008 htt

iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDefense Security Advisory 12.02.08 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 02, 2008 I. BACKGROUND The Sun Java JRE is Sun's implementation of the Java runtime. For more information, see the vendor's site found at the following li

Joomla Component mydyngallery

# Joomla Component mydyngallery # #

iDefense Security Advisory 12.04.08: Sun Java Web Start GIF Decoding Memory Corruption Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDefense Security Advisory 12.02.08 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 02, 2008 I. BACKGROUND Java Web Start (JWS) is a framework built by Sun that is used to run Java applications outside of the browser. It is distributed wi

iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDefense Security Advisory 12.02.08 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 02, 2008 I. BACKGROUND Pack200 is a compression method introduced by Sun in the 1.5 release of the JRE. It is used to compress Jar files, and is optimized

Re: Joomla Component GameQ

Already discovered: http://packetstormsecurity.org/0806-exploits/joomlagameq-sql.txt 6d9a99abd76c7d48c68ea5c98d952844 The Joomla GameQ component versions 4.0 and below suffer from a SQL injection vulnerability. Authored By mailto:His0k4.hlm[at]gmail.com";>His0k4 On Thu, Dec 04, 2008 at 08:20

[ MDVSA-2008:237 ] apache2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:237 http://www.mandriva.com/security/

[USN-687-1] nfs-utils vulnerability

=== Ubuntu Security Notice USN-687-1 December 04, 2008 nfs-utils vulnerability CVE-2008-4552 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu

iDefense Security Advisory 12.04.08: Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 iDefense Security Advisory 12.02.08 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 02, 2008 I. BACKGROUND The Sun Java JRE is Sun's implementation of the Java runtime. For more information, see the vendor's site found at the following li