Microsoft Security Bulletin MS08-071 – Critical Vulnerabilities in GDI Could Allow Remote Code Execution (956802) Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in GDI. Exploitation of either of...
1.9AI Score
0.792EPSS
[SECURITY] Fedora 8 Update: cups-1.3.9-2.fc8
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.949EPSS
[SECURITY] Fedora 9 Update: cups-1.3.9-2.fc9
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.949EPSS
[SECURITY] Fedora 10 Update: cups-1.3.9-4.fc10
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.864EPSS
SecurityReason : PHP 5.2.6 dba_replace() destroying file
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ SecurityReason.com PHP 5.2.6 dba_replace() destroying file ] Author: Maksymilian Arciemowicz http://securityreason.com Date: - - Written: 10.11.2008 - - Public: 28.11.2008 SecurityReason Research SecurityAlert Id: 58 SecurityRisk: Medium Affected...
-0.3AI Score
-0.3AI Score
Discuz! 6.1 xss2webshell Exploit-vulnerability warning-the black bar safety net
/* ####################################### Discuz! 6.1 xss2webshell[SODB-2 0 0 8-1 0] Exploit by 80vul-A team: http://www.80vul.com ####################################### */ //Target url var siteurl='http://www.80vul.com/Discuz_6.1.0/'; var request = false; if(window. XMLHttpRequest) { ...
-0.2AI Score
7.1AI Score
Fwd: Deny Of Service and infinite loop in BitDefender (module pdf.xmd)
Deny Of Service and infinite loop in BitDefender (module pdf.xmd) / ProTeuS @ cih.ms / tested on pdf.xmd BitDefender's pdf engine by Alexandru Matei (0.1,Oct 8 2008), CRC32=A393F805 and on pdf.xmd last update by the moment of publication Deny of service occurs during parsing of included compressed....
0.9AI Score
Discuz! admin\runwizard.inc.php get-webshell bug
由于Discuz!的admin\runwizard.inc.php里saverunwizardhistory()写文件操作没有限制导致执行代码漏洞. 在文件admin\runwizard.inc.php里代码: $runwizardhistory = array(); $runwizardfile = DISCUZ_ROOT.'./forumdata/logs/runwizardlog.php'; if($fp = @fopen($runwizardfile, 'r')) { $runwizardhistory = @unserialize(fread($fp,...
7.1AI Score
[SECURITY] Fedora 9 Update: cups-1.3.9-1.fc9
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.949EPSS
[SECURITY] Fedora 8 Update: cups-1.3.9-1.fc8
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.949EPSS
Unfixed XSS vulnerability at www.teikav.edu.gr
Security researcher Ic3Drag0n, has submitted on 10/12/2008 a cross-site-scripting (XSS) vulnerability affecting www.teikav.edu.gr, which at the time of submission ranked 233523 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/01/2009. It is...
AI Score
-0.4AI Score
7.1AI Score
7.4AI Score
EPSS
0.5AI Score
Rianxosencabos CMS 0.9 Remote Blind SQL Injection Vulnerability
Exploit for unknown platform in category web...
7.1AI Score
Unfixed XSS vulnerability at www.chansol.com
Security researcher Milisx, has submitted on 25/09/2008 a cross-site-scripting (XSS) vulnerability affecting www.chansol.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently...
-0.1AI Score
Unfixed XSS vulnerability at www.uouo.cn
Security researcher Milisx, has submitted on 25/09/2008 a cross-site-scripting (XSS) vulnerability affecting www.uouo.cn, which at the time of submission ranked 2786244 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently.....
-0.1AI Score
Unfixed XSS vulnerability at www.kwms.co.kr
Security researcher Milisx, has submitted on 25/09/2008 a cross-site-scripting (XSS) vulnerability affecting www.kwms.co.kr, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently...
-0.1AI Score
Unfixed XSS vulnerability at www.noche.co.kr
Security researcher Milisx, has submitted on 25/09/2008 a cross-site-scripting (XSS) vulnerability affecting www.noche.co.kr, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently...
-0.1AI Score
Unfixed XSS vulnerability at www.asflower.net
Security researcher Milisx, has submitted on 25/09/2008 a cross-site-scripting (XSS) vulnerability affecting www.asflower.net, which at the time of submission ranked 4510631 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is...
-0.1AI Score
Gentoo Security Advisory GLSA 200510-02 (MPEG Tools)
The remote host is missing updates announced in advisory GLSA...
-0.1AI Score
0.0004EPSS
Gentoo Security Advisory GLSA 200510-02 (MPEG Tools)
The remote host is missing updates announced in advisory GLSA...
7.2AI Score
0.0004EPSS
7.1AI Score
7.4AI Score
Microworld Mailscan 5.6.a Password Reveal Exploit
Exploit for unknown platform in category remote...
7.1AI Score
-0.4AI Score
-0.1AI Score
Berkeley Yacc (byacc) 'skeleton.c'本地拒绝服务漏洞
BUGTRAQ ID: 30233 CNCAN ID:CNCAN-2008071604 Berkeley Yacc是一款用于生成编译器的编译器。 Berkeley Yacc (byacc) 'skeleton.c'存在越界访问,本地攻击者可以利用漏洞对应用程序进行拒绝服务攻击。 在减少规则和yacc堆栈指针指向分配栈中很后面的位置时,通过$$ = $1行为可导致内存越界访问而造成应用程序崩溃。 Robert Corbett Berkeley Yacc (byacc) 20070509 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD...
6.9AI Score
CentOS 3 / 4 / 5 : bind / selinux-policy (CESA-2008:0533)
Updated bind packages that help mitigate DNS spoofing attacks are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 10th July 2008] We have updated the Enterprise Linux 5 packages in this advisory. The default and sample...
6.8CVSS
-1AI Score
0.133EPSS
RHEL 2.1 / 3 / 4 / 5 : bind (RHSA-2008:0533)
Updated bind packages that help mitigate DNS spoofing attacks are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. [Updated 10th July 2008] We have updated the Enterprise Linux 5 packages in this advisory. The default and sample...
6.8CVSS
-1.1AI Score
0.133EPSS
[SECURITY] Fedora 8 Update: bind-9.5.0-28.P1.fc8
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
1.4AI Score
0.133EPSS
[SECURITY] Fedora 9 Update: bind-9.5.0-33.P1.fc9
BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....
6.8CVSS
1.4AI Score
0.133EPSS
CentOS Errata and Security Advisory CESA-2008:0533-03 ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. The DNS protocol protects against spoofing attacks by requiring an attacker to predict both the DNS transaction ID and UDP source port of a....
6.8CVSS
6.9AI Score
0.133EPSS
bind, caching, selinux security update
CentOS Errata and Security Advisory CESA-2008:0533 ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. The DNS protocol protects against spoofing attacks by requiring an attacker to predict both the DNS transaction ID and UDP source port of a...
6.8CVSS
6.9AI Score
0.133EPSS
Preemptive Protection against Multiple Vendor DNS Insufficient Socket Entropy Vulnerability
A Spoofing vulnerability has been reported in major DNS implementations, including Microsoft Windows DNS service and Berkeley Internet Name Domain (BIND). DNS Spoofing allows an attacker to change a DNS entry so it would point to an IP of his own choice. This vulnerability could allow an attacker.....
6.8CVSS
6.6AI Score
0.133EPSS
(RHSA-2008:0533) Important: bind security update
ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. The DNS protocol protects against spoofing attacks by requiring an attacker to predict both the DNS transaction ID and UDP source port of a request. In recent years, a number of papers have...
6.8CVSS
1AI Score
0.133EPSS
phpBB <= 2.0.15 Register Multiple Users Denial of Service (perl code)
No description provided by...
7.1AI Score
Unfixed XSS vulnerability at www.youngwave.org
Security researcher Milisx, has submitted on 22/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.youngwave.org, which at the time of submission ranked 6088838 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. It is...
-0.1AI Score
Unfixed XSS vulnerability at www.ycec.co.kr
Security researcher Milisx, has submitted on 22/06/2008 a cross-site-scripting (XSS) vulnerability affecting www.ycec.co.kr, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/07/2008. It is currently...
-0.1AI Score
PHP168 X-Forwarded-For exploit-vulnerability warning-the black bar safety net
amxku's blog ( http://www.amxku.net/ ) author: amxku The vulnerability itself is the cause of nothing to say, old X-Forwarded-For problem, I think this loophole a lot of people have found it. Because of this vulnerability for some time, and was just on the pc to test it, may be some error,...
AI Score
7.1AI Score
Unfixed XSS vulnerability at corp-gov.ru
Security researcher Azat Harutyunyan, has submitted on 29/05/2008 a cross-site-scripting (XSS) vulnerability affecting corp-gov.ru, which at the time of submission ranked 1255383 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/06/2008. It is.....
0.1AI Score
RHEL 5 : bind (RHSA-2008:0300)
Updated bind packages that fix two security issues, several bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Berkeley Internet Name Domain (BIND) is an...
0.3AI Score
0.015EPSS
(RHSA-2008:0300) Moderate: bind security, bug fix, and enhancement update
The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. It was...
0.1AI Score
0.015EPSS
[SECURITY] Fedora 9 Update: cups-1.3.7-2.fc9
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.015EPSS
7.1AI Score
[SECURITY] Fedora 7 Update: cups-1.2.12-11.fc7
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line...
4.2AI Score
0.949EPSS