Monthly Archive: October 2012

** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse...

** DISPUTED ** Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in...

** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in...

** DISPUTED ** Untrusted search path vulnerability in the installation functionality in ActivePython 3.2.2.3, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in...

Untrusted search path vulnerability in the installation functionality in ActiveTcl 8.5.12, when installed in the top-level C: directory, allows local users to gain privileges via a Trojan horse DLL in the C:TDbin directory, which...

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C: directory, allows local users to gain privileges via a Trojan horse DLL in the C:PerlSitebin directory, which...

The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows remote attackers to bypass intended sandbox restrictions and write to arbitrary files by leveraging access to a renderer process, a different vulnerability than...

Use-after-free vulnerability in the SVG implementation in WebKit, as used in Google Chrome before 22.0.1229.94, allows remote attackers to execute arbitrary code via unspecified vectors. Date published : 2012-10-11 http://lists.apple.com/archives/security-announce/2012/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2012/Nov/msg00001.html

Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. (dot dot) in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in...

The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver,...

welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp. Date published : 2012-10-10 https://bugs.launchpad.net/ubuntu/+source/xdiagnose/+bug/1036211 http://osvdb.org/85882

Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows remote attackers to...

ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource...

WellinTech KingView 6.5.3 and earlier uses a weak password-hashing algorithm, which makes it easier for local users to discover credentials by reading an unspecified file. Date published : 2012-10-10 http://www.us-cert.gov/control_systems/pdf/ICSA-12-283-02.pdf http://www.wellintech.com/index.php/news/33-patch-for-kingview653