An attacker can exploit a weakness in Evolution to add arbitrary content into a GnuPG signed and/or encrypted message. This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that Evolution uses GnuPG.
The vulnerability allows an attacker to add arbitrary content into a GnuPG signed and/or encrypted message without the end user knowing. This vulnerability is due to the weakness discussed in BID 22757 (GnuPG Signed Message Arbitrary Content Injection Weakness) and has been assigned its own BID because of the specific way that KMail uses GnuPG.
The vulnerability allows an attacker to add arbitrary content into a message without the end user knowing. An attacker can exploit this weakness in applications using GnuPG to add arbitrary content into a signed and/or encrypted message.
The HyperBook Guestbook v1.30 is prone to an information-disclosure vulnerability because the application fails to protect sensitive information. An attacker can exploit this issue to access sensitive information that may lead to other attacks.
Adobe Acrobat and Adobe Reader may allow remote attackers to retrieve the contents of files on a vulnerable computer. Information gathered through a successful exploit of this vulnerability may aid in other attacks.
WordPress is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks.
The Linux Kernel is prone to a denial-of-service vulnerability. A local attacker can exploit this issue to crash the kernel.
The vulnerability allows an attacker to execute arbitrary script code in the browser of an unsuspecting user, potentially leading to the theft of authentication credentials and other attacks.
Pagesetter is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script code in the context of the affected site, to steal cookie-based authentication credentials, or to control how the site is rendered to the user; other attacks are also possible.
Services By CQR