Avaya Products FreeType TTF Font Parsing Vulnerability
Avaya has acknowledged a vulnerability in various Avaya products, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the freetype library.
Sun Java System Web Server "redirect" Vulnerability
A vulnerability has been reported in Sun Java System Web Server, which can be exploited by malicious people to conduct HTTP header injection attacks, HTTP response splitting attacks, and disclose potentially sensitive information.
SUSE update for MozillaFirefox, MozillaThunderbird, and Seamonkey
SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and Seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing and cross-site scripting attacks, and potentially compromise a user's system.
Kaspersky Anti-Spam Insecure File Permissions
A security issue has been reported in Kaspersky Anti-Spam, which can potentially be exploited by malicious, local users to manipulate certain files.
BlueCat Networks Adonis Heartbeat Denial of Service
A vulnerability has been reported in BlueCat Networks Adonis, which can be exploited by malicious people to cause a DoS (Denial of Service).
Interact Cross-Site Scripting Vulnerabilities
Some vulnerabilities have been reported in Interact, which can be exploited by malicious people to conduct cross-site scripting attacks
WebDirector "deslocal" Cross-Site Scripting
r0t has reported a vulnerability in WebDirector, which can be exploited by malicious people to conduct cross-site scripting attacks.
SUSE update for qt3
SUSE has issued an update for qt3. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
SUSE update for bind
SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
kware update for firefox
Slackware has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
FreeBSD update for tcpdump
FreeBSD has issued an update for tcpdump. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a user's system.
FreeBSD update for bind
FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to poison the DNS cache.
Ubuntu update for gimp
Ubuntu has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system.
Mac OS X Security Update Fixes Multiple Vulnerabilities
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
WordPress "style" Cross-Site Scripting
Benjamin Flesch has discovered a vulnerability in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.
Red Hat update for tetex
Red Hat has issued an update for tetex. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
Apple iPhone Multiple Vulnerabilities
Some vulnerabilities have been reported in Apple iPhone, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, and potentially to compromise a vulnerable system.
Music Box libvorbis Multiple Vulnerabilities
Some vulnerabilities have been reported in Music Box, which can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise an user's system.
Ubuntu update for firefox
Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a vulnerable system.
Confixx Pro "thisdir" File Inclusion Vulnerability
H4 / XPK have reported a vulnerability in Confixx Pro, which can be exploited by malicious people to compromise a vulnerable system.
留言列表
資訊安全 (4)
