StationX : IT Security for Home or Business StationX : IT Security for Home or Business StationX : IT Security for Home or Business
Security Home IT Security Services IT Security Research Free Security Software Secure Hosting StationX Contacts IT security Support Hotline
Latest Security News
 

Vulnerabilities News:



This page is created dynamically and was last updated : 15 May, 2008 GMT

 
 
Detailed Security News Detailed Vulnerabilities & Alerts Detailed Virus Alerts and News
Vulnerabilities and Alerts:

SecurityFocus Vulnerabilities:
IT Security Dot 

15 May

:

Vuln: Rantx 'admin.php' Unauthorized Access Vulnerability


Rantx 'admin.php' Unauthorized Access Vulnerability


IT Security Dot 

15 May

:

Vuln: Drupal Site Documentation Module Database Tables Information Disclosure...


Drupal Site Documentation Module Database Tables Information Disclosure Vulnerability


IT Security Dot 

15 May

:

Vuln: SunShop Shopping Cart 'index.php' SQL Injection Vulnerability


SunShop Shopping Cart 'index.php' SQL Injection Vulnerability


IT Security Dot 

15 May

:

Vuln: Symantec Altiris Deployment Solution 'axengine.exe' SQL Injection Vulne...


Symantec Altiris Deployment Solution 'axengine.exe' SQL Injection Vulnerability


IT Security Dot 

Bugtraq: ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential D...


ZDI-08-025: Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability


IT Security Dot 

Bugtraq: ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulne...


ZDI-08-024: Symantec Altiris Deployment Solution SQL Injection Vulnerability


IT Security Dot 

Bugtraq: SunShop Version 3.5.1 Remote Blind Sql Injection


SunShop Version 3.5.1 Remote Blind Sql Injection


IT Security Dot 

Bugtraq: Debian generated SSH-Keys working exploit


Debian generated SSH-Keys working exploit


IT Security Dot 

More rss feeds from SecurityFocus


News, Infocus, Columns, Vulnerabilities, Bugtraq ...


Microsoft Vulnerabilities:
IT Security Dot 

13 May

:

MS08-029 – Moderate: Vulnerabilities in Microsoft Malware Protection Engine...


Bulletin Severity Rating:Moderate - This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker could exploit either of the vulnerabilities by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited this vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart.


IT Security Dot 

13 May

:

MS08-028 – Important: Vulnerability in Microsoft Jet Database Engine Could ...


Bulletin Severity Rating:Critical - This security update resolves a security vulnerability in the Microsoft Jet Database Engine (Jet) in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

13 May

:

MS08-027 – Critical: Vulnerability in Microsoft Publisher Could Allow Remot...


Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Publisher that could allow remote code execution if a user opens a specially crafted Publisher file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

13 May

:

MS08-026 – Critical: Vulnerabilities in Microsoft Word Could Allow Remote C...


Bulletin Severity Rating:Critical - This security update resolves several privately reported vulnerabilities in Microsoft Word that could allow remote code execution if a user opens a specially crafted Word file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

8 Apr

:

MS08-025 – Important: Vulnerability in Windows Kernel Could Allow Elevation...


Bulletin Severity Rating:Important - This important security update resolves a privately reported vulnerability in the Windows kernel. A local attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.


IT Security Dot 

8 Apr

:

MS08-024 - Critical: Cumulative Security Update for Internet Explorer (947864)


Bulletin Severity Rating:Critical - This critical security update resolves one privately reported vulnerability. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

8 Apr

:

MS08-023 - Critical: Security Update of ActiveX Kill Bits (948881)


Bulletin Severity Rating:Critical - This critical security update resolves one privately reported vulnerability for a Microsoft product. This update also includes a kill bit for the Yahoo! Music Jukebox product. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

8 Apr

:

MS08-022 – Critical: Vulnerability in VBScript and JScript Scripting Engine...


Bulletin Severity Rating:Critical - This critical security update resolves a privately reported vulnerability in the VBScript and JScript scripting engines in Windows. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


IT Security Dot 

8 Apr

:

MS08-021 – Critical: Vulnerability in GDI Could Allow Remote Code Execution...


Bulletin Severity Rating:Critical - This critical security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of these vulnerabilities could allow remote code execution if a user opens a specially crafted EMF or WMF image file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


IT Security Dot 

8 Apr

:

MS08-020 – Important: Vulnerability in DNS Client Could Allow Spoofing (945...


Bulletin Severity Rating:Important - This important security update resolves a privately reported vulnerability. This spoofing vulnerability exists in Windows DNS clients and could allow an attacker to send specially crafted responses to DNS requests, thereby spoofing or redirecting Internet traffic from legitimate locations.


IT Security Dot 

8 Apr

:

MS08-019 – Important: Vulnerabilities in Microsoft Visio Could Allow Remote...


Bulletin Severity Rating:Important - This security update resolves privately reported vulnerabilities in Microsoft Office Visio that could allow remote code execution if a user opens a specially crafted Visio file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

8 Apr

:

MS08-018 – Critical: Vulnerability in Microsoft Project Could Allow Remote ...


Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Project that could allow remote code execution if a user opens a specially crafted Project file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

11 Mar

:

MS08-017 - Critical: Vulnerabilities in Microsoft Office Web Components Could...


Bulletin Severity Rating:Critical - This critical update resolves two privately reported vulnerabilities in Microsoft Office Web Components. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

11 Mar

:

MS08-016 – Critical: Vulnerabilities in Microsoft Office Could Allow Remote...


Bulletin Severity Rating:Critical - This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.


IT Security Dot 

11 Mar

:

MS08-015 - Critical: Vulnerability in Microsoft Outlook Could Allow Remote Co...


Bulletin Severity Rating:Critical - This security update resolves a privately reported vulnerability in Microsoft Office Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability is not exploitable by simply viewing an e-mail through the Outlook preview pane.


Redhat Vulnerabilities:
IT Security Dot 

RHBA-2008:0259-2: GFS bug fix update


Red Hat Enterprise Linux: Updated GFS packages that fix module loading issues are now available for Red Hat Enterprise Linux 3.9, kernel release 2.4.21-57.EL.


IT Security Dot 

RHBA-2008:0260-4: system-config-cluster bug fix update


Red Hat Enterprise Linux: An updated system-config-cluster package that fixes a bug is now available.


IT Security Dot 

RHSA-2008:0270-5: Important: libvorbis security update


Red Hat Enterprise Linux: Updated libvorbis packages that fix various security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. CVE-2008-1419, CVE-2008-1420, CVE-2008-1423


IT Security Dot 

RHSA-2008:0271-3: Important: libvorbis security update


Red Hat Enterprise Linux: Updated libvorbis packages that fix various security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. CVE-2008-1419, CVE-2008-1420, CVE-2008-1423, CVE-2008-2009


IT Security Dot 

RHSA-2008:0194-20: Important: xen security and bug fix update


Red Hat Enterprise Linux: Updated xen packages that fix several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. CVE-2007-3919, CVE-2007-5730, CVE-2008-0928, CVE-2008-1943, CVE-2008-1944, CVE-2008-2004


IT Security Dot 

RHBA-2008:0246-2: cman-kernel bug fix update


Red Hat Enterprise Linux: Updated cman-kernel packages that fix module loading issues are now available for Red Hat Enterprise Linux 4.6, kernel release 2.6.9-67.0.15.EL.


IT Security Dot 

RHBA-2008:0247-2: dlm-kernel bug fix update


Red Hat Enterprise Linux: Updated dlm-kernel packages that fix various bugs and module loading issues are now available for Red Hat Enterprise Linux 4.6, kernel release 2.6.9-67.0.15.EL.


IT Security Dot 

RHBA-2008:0248-2: gnbd-kernel bug fix update


Red Hat Enterprise Linux: Updated gnbd-kernel packages that fix module loading issues are now available for Red Hat Enterprise Linux 4.6, kernel release 2.6.9-67.0.15.EL.


IT Security Dot 

RHBA-2008:0249-7: GFS-kernel bug fix update


Red Hat Enterprise Linux: Updated GFS-kernel packages that fix a bug and module-loading issues are now available for Red Hat Enterprise Linux 4.6, kernel release 2.6.9-67.0.15.EL.


Secunia Vulnerabilities:
IT Security Dot 

[4/5] Fusebox "FUSEBOX_APPLICATION_PATH" File Inclusion


MajnOoNxHaCkEr has discovered a vulnerability in Fusebox, which can be exploited by malicious people to disclose sensitive information and to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[2/5] phpVID "query" Cross-Site Scripting Vulnerability


Russ McRee has reported a vulnerability in phpVID, which can be exploited by malicious people to conduct cross-site scripting attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Drupal Site Documentation Module Information Disclosure


A vulnerability has been reported in the Site Documentation module for Drupal, which can be exploited by malicious people to disclose sensitive information.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[4/5] LANAI CMS Multiple File Extensions Vulnerability


EgiX has discovered a vulnerability in LANAI CMS, which can be exploited by malicious people to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Oracle Application Server Portal Authentication Bypass


Deniz Cevik has reported a vulnerability in Oracle Application Server, which can be exploited by malicious people to bypass certain security restrictions.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] AustinSmoke GasTracker "gastracker_admin" Security Bypass


t0pP8uZz has discovered a vulnerability in AustinSmoke GasTracker (AS-GasTracker), which can be exploited by malicious people to bypass certain security restrictions.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Cisco Unified Communications Manager Multiple Denial of Service


Some vulnerabilities have been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Fedora update for blender


Fedora has issued an update for blender. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Feedback and Rating Script "listingid" SQL Injection


t0pP8uZz has reported a vulnerability in Feedback and Rating Script, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] PHP Classifieds Script "fatherID" SQL Injection Vulnerabilities


Cyb3r-1sT has reported some vulnerabilities in PHP Classifieds Script, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[4/5] Fedora update for clamav


Fedora has issued an update for clamav. which can be exploited by malicious people to cause a DoS (Denial of Service), or to compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] AJ Article "artid" SQL Injection Vulnerability


t0pP8uZz has reported a vulnerability in AJ Article, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] Linux Kernel Multiple Vulnerabilities


Some vulnerabilities have been reported in the Linux kernel, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to potentially cause a DoS (Denial of Service).


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[3/5] AJ Classifieds 2008 "posting_id" SQL Injection Vulnerability


t0pP8uZz has reported a vulnerability in AJ Classifieds 2008, which can be exploited by malicious people to conduct SQL injection attacks.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


IT Security Dot 

[4/5] TYPO3 sr_feuser_register Extension Multiple Vulnerabilities


Some vulnerabilities have been reported in the sr_feuser_register extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a vulnerable system.


Be sure to check if your system is missing security updates or have insecure applications installed:
http://secunia.com/software_inspector/

Feature Overview - The Secunia Software Inspector:
* Detects insecure versions of applications installed
* Verifies that all Microsoft patches are applied
* Assists you in updating your system and applications
* Runs through your browser. No installation or download is required.


CERT Vulnerabilities:
IT Security Dot 

TA08-134A: Microsoft Updates for Multiple Vulnerabilities


Microsoft Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-100A: Adobe Flash updates for Multiple Vulnerabilities


Adobe Flash updates for Multiple Vulnerabilities


IT Security Dot 

TA08-099A: Microsoft Updates for Multiple Vulnerabilities


Microsoft Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-094A: Apple Quicktime Updates for Multiple Vulnerabilities


Apple Quicktime Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-087A: Mozilla Updates for Multiple Vulnerabilities


Mozilla Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-087B: Cisco Updates for Multiple Vulnerabilities


Cisco Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-079A: Apple Updates for Multiple Vulnerabilities


Apple Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-079B: MIT Kerberos Updates for Multiple Vulnerabilities


MIT Kerberos Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-071A: Microsoft Updates for Multiple Vulnerabilities


Microsoft Updates for Multiple Vulnerabilities


IT Security Dot 

TA08-066A: Sun Updates for Multiple Vulnerabilities in Java


Sun Updates for Multiple Vulnerabilities in Java


IGX Vulnerabilities:

[CaRP] XML error: mismatched tag at line 10


This page is created dynamically and was last updated : 15 May, 2008 GMT


 
Home | Services | Research | Sales | Hosting | Contacts | Hot line | Site map | Adult | Links | Penetration Testing
Copyright © 2008. Station X Ltd. All rights reserved. Legal Notices Privacy Policy
seduction sex tips