GroupDocs Document Annotation 1.3.8 - grpdocs-dialog.php Multiple Parameter XSS

The GroupDocs.Annotation for Cloud WordPress plugin was affected by a grpdocs-dialog.php Multiple Parameter XSS security vulnerability...

GroupDocs Document Annotation 1.3.8 - options.php Multiple Parameter XSS

The GroupDocs.Annotation for Cloud WordPress plugin was affected by an options.php Multiple Parameter XSS security vulnerability...

WordPress GroupDocs Document Annotation Plugin <= 1.3.8 - XSS

This plugin is prone to a cross site scripting vulnerability in options.php and grpdocs-dialog.php. Solution Update the plugin...

WordPress GroupDocs Document Annotation Plugin <= 1.3.8 - XSS

This plugin is prone to a cross site scripting vulnerability in options.php and grpdocs-dialog.php. Solution Update the plugin...

openSUSE Security Update : viewvc (openSUSE-SU-2012:0831-1)

update to 1.1.15 bnc768680 : - security fix: complete authz support for remote SVN views CVE-2012-3356 - security fix: log msg leak in SVN revision view with unreadable copy source CVE-2012-3357 Additionally the following non-security issues have been addressed : - fix several instances of...

CVE-2013-6448

The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via...

Input validation

The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via...

CVE-2013-6448

The InterfaceGenerator handler in JBoss Seam Remoting in JBoss Seam 2 framework 2.3.1 and earlier, as used in JBoss Web Framework Kit, allows remote attackers to bypass the WebRemote annotation restriction and obtain information about arbitrary classes and methods on the server classpath via...

[Dexter] A Free Tool for Mobile (Android) Malware Analysis

Bluebox Labs just released Dexter, a free tool which wants to help information security professionals and malware analysts to analyze Android mobile applications in order to find malware and vulnerabilities. .png Dexter combines manual and automatic static program analysis to provide a better...

CVE-2012-5896

CVE-2012-5896 affects Quest InTrust, specifically the Annotation Objects ActiveX control (AnnotateX.dll) prior to or at 10.4.0.853. The vulnerability arises from the Add method not being properly implemented, enabling remote code execution via a memory address supplied in the first argument, tied...

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

Quest InTrust Annotation Objects ActiveX Control Add Method Vulnerability

Added: 04/27/2012 BID: 52765 OSVDB: 80662 Background InTrust collects, stores, reports and alerts on event log data from Windows, Unix and Linux systems. Problem Quest Intrust Annotation Objects ActiveX Control AnnotateX.dll is vulnerable to remote code execution due to an input validation error...

Quest InTrust Annotation Objects Uninitialized Pointer

This module exploits an uninitialized variable vulnerability in the Annotation Objects ActiveX component. The ActiveX component loads into memory without opting into ALSR so this module exploits the vulnerability against windows Vista and Windows 7 targets. A large heap spray is required to fulfi...

Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll

Exploit for windows platform in category remote exploits Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: "InTrust securely collects, stores, reports and alerts on event log data...

Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution

Quest InTrust 10.4.x - Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: "InTrust...

GeneralUtil.htmlEscapeQuotes should be annotated HtmlSafe

The GeneralUtil.htmlEscapeQuotes method outputs HTML and thus should be annotated as @HtmlSafe. Not doing so causes its output to be double escaped when automatic escaping is enabled for the plugin/velocity template...

Fedora 15 : viewvc-1.1.11-1.fc15 (2011-7185)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...

Fedora 13 : viewvc-1.1.11-1.fc13 (2011-7198)

security fix: remove user-reachable override of cvsdb row limit - fix broken standalone.py -c and -d options handling - add --help option to standalone.py - fix stack trace when asked to checkout a directory issue 478 - improve memory usage and speed of revision log markup issue 477 - fix broken...