DP300,TE60,TP3106,ViewPoint 9030,eCNS210 TD,eSpace 7950,eSpace IAD,eSpace U1981 Security Vulnerabilities

SonicWall Viewpoint v6.0 SP2 - Multiple Web Vulnerabilities

...

Sonicwall Viewpoint 6.x Session Hijacking

...

Ice IX: Not Cool At All

My colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program...

Fedora Update for gipfel FEDORA-2011-5200

Check for the Version of...

[SECURITY] Fedora 14 Update: gipfel-0.3.2-7.fc14

gipfel is a tool to find the names of mountains or points of interest on a picture. It uses a database containing names and GPS data. With the given viewpoint (the point from which the picture was taken) and two known mountains on the picture, it can compute all parameters needed to compute the...

Facebook shuts down dissident Chinese blogger Michael Anti's account

CHINESE blogger and activist Michael Anti wants to know why he is less worthy of a Facebook account than company founder Mark Zuckerberg's dog. Anti, a popular online commentator whose legal name is Zhao Jing, said his Facebook account had been suddenly cancelled in January. Company officials...

Threatpost's List of the Top 10 Security Top 10 Lists

Ever since the traditional print industry collapsed in on itself like a decommissioned ‘Vegas casino, replaced with blogs, micro blogs, social networking and other forms of Web based publishing, the end of the year has brought with it a blizzard of retrospective and prospective Top 10 lists from...

CVE-2010-3828

iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...

CVE-2010-3828

iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...

Code injection

iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...

CVE-2010-3828

iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an...

Apple iOS < 4.2 Multiple Vulnerabilities

The remote mobile host is a using a version of Apple iOS earlier than 4.2. Such versions are potentially affected by multiple vulnerabilities. Apple iOS 4.2 contains security fixes for the following components : Configuration Policies CoreGraphics FreeType iAd Content Display ImageIO ...

NSA: Our Development Methods Are in the Open Now

WASHINGTON–Despite its reputation for secrecy and technical expertise, the National Security Agency doesn’t have a set of secret coding practices or testing methods that magically make their applications and systems bulletproof. In fact, one of the agency’s top technical experts said that...

Microsoft Office HtmlDlgHelper Class Memory Corruption

No description provided by...

Microsoft Office - HtmlDlgHelper Class Memory Corruption (MS10-071)

Microsoft Office - HtmlDlgHelper Class Memory Corruption...

Microsoft Office - &#039;HtmlDlgHelper&#039; Class Memory Corruption (MS10-071)

...

CORE-2010-0517 - Microsoft Office HtmlDlgHelper class memory corruption

Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com Microsoft Office HtmlDlgHelper class memory corruption Advisory Information Title: Microsoft Office HtmlDlgHelper class memory corruption Advisory Id: CORE-2010-0517 Advisory URL:...

Microsoft Office HtmlDlgHelper Class Memory Corruption

Exploit for windows platform in category dos /...

Core Security Technologies Advisory 2010.0517

...

Microsoft Office HtmlDlgHelper class memory corruption

Core Security - CoreLabs Microsoft Office HtmlDlgHelper class memory corruption 1. Advisory Information Title: Microsoft Office HtmlDlgHelper class memory corruption Advisory Id: CORE-2010-0517 Advisory URL: http://www.coresecurity.com/content/MS-Office-HtmlDlgHelper-memory-corruption Date...

Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow

Core Security - CoreLabs Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow 1. Advisory Information Title: Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow Advisory Id: CORE-2010-0407 Advisory URL:...

Espace De Reflexion Cross Site Scripting

...

Alpha B Forum Cross Site Scripting

...

E-membres 1.0 Database Disclosure

...

CVE-2009-2395

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...

Sql injection

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...

CVE-2009-2395

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...

CVE-2009-2395

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to...

Joomla! Component com_K2 -q 1.0.1b - &#039;category&#039; SQL Injection

...

Elgg Cross Site Scripting / Request Forgery

...

elgg - Cross-Site Scripting / Cross-Site Request Forgery / Change Password

...

Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web...

Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities

No description provided by...

elgg - Cross-Site Scripting Cross-Site Request Forgery Change Password

elgg - Cross-Site Scripting Cross-Site Request Forgery Change...

Mercury Audio Player 1.21 (.pls) SEH Overwrite Exploit

Exploit for unknown platform in category local...

CVE-2009-0656

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...

CVE-2009-0656

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...

Security feature bypass

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...

CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...

Code injection

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...

CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...

CVE-2009-0656

Asus SmartLogon 1.0.0005 allows physically proximate attackers to bypass "security functions" by presenting an image with a modified viewpoint that matches the posture of a stored image of the authorized notebook...

CVE-2009-0657

Toshiba Face Recognition 2.0.2.32 allows physically proximate attackers to obtain notebook access by presenting a large number of images for which the viewpoint and lighting have been modified to match a stored image of the authorized notebook...

Unfixed XSS vulnerability at www.edf-bleuciel.fr

Security researcher Mystick, has submitted on 11/10/2008 a cross-site-scripting (XSS) vulnerability affecting www.edf-bleuciel.fr, which at the time of submission ranked 48191 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/10/2008. It is...

Avlc Forum (vlc_forum.php id) Remote SQL Injection Vulnerability

No description provided by...

emacs code execution

LISP macro execution is...

Joomla Component Alberghi &lt;= 2.1.3 (id) SQL Injection Vulnerability

No description provided by...

CVE-2007-5911

Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...

Stack overflow

Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...

CVE-2007-5911

Multiple stack-based buffer overflows in the AxMetaStream ActiveX control in AxMetaStream.dll 3.3.2.26 in Viewpoint Media Player 3.2 allow remote attackers to execute arbitrary code via a long string argument to the (1) BroadcastKey, (2) BroadcastKeyFileURL, (3) Component, (4) ComponentClassID,...