9293 matches found
[Backports-security-announce] Security update for openoffice.org
Rene Engelhard uploaded new packages for openoffice.org which fixed the following security updates: CVE-2009-0200 Dyon Balding of Secunia Research has discovered a vulnerability, which can be exploited by opening a specially crafted Microsoft Word document. When reading a Microsoft Word document,...
Auto-Updater Added to Opera Browser
The Opera Web browser has undergone a minor security makeover with one significant improvement — the ability to update itself when patches are released. The latest browser update will, by default, notify the user about available updates in very much the same way Mozilla Firefox handles automatic...
x10 MP3 Automatic Search Engine 1.6.5b - 'info.php?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43336/info x10 Media Automatic MP3 Search Engine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...
x10 MP3 Automatic Search Engine 1.6.5 - 'linkvideos_listing.php?category' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43336/info x10 Media Automatic MP3 Search Engine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...
x10 MP3 Automatic Search Engine 1.6.5b - 'embed.php?name' Cross-Site Scripting
source: https://www.securityfocus.com/bid/43336/info x10 Media Automatic MP3 Search Engine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of ...
x10 MP3 Automatic Search Engine 1.6.5b - info.php?name Cross-Site Scripting
x10 MP3 Automatic Search Engine 1.6.5b - info.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/43336/info x10 Media Automatic MP3 Search Engine is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker m...
Microsoft Security Bulletin MS09-042 - Important Vulnerability in Telnet Could Allow Remote Code Execution (960859)
Microsoft Security Bulletin MS09-042 - Important Vulnerability in Telnet Could Allow Remote Code Execution 960859 Published: August 11, 2009 Version: 1.0 General Information Executive Summary This security update resolves a publicly disclosed vulnerability in the Microsoft Telnet service. The...
Adobe Flash Player和AIR存在多个安全漏洞
Bugraq ID: 35890 CVE ID:CVE-2009-1863 CVE-2009-1864 CVE-2009-1865 CVE-2009-1866 CVE-2009-1867 CVE-2009-1868 CVE-2009-1869 CVE-2009-1870 CNCVE ID:CNCVE-20091863 CNCVE-20091864 CNCVE-20091865 CNCVE-20091866 CNCVE-20091867 CNCVE-20091868 CNCVE-20091869 CNCVE-20091870 Adobe Flash...
Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
Microsoft Security Bulletin MS09-035 - Moderate Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution 969706 Published: July 28, 2009 Version: 1.0 General Information Executive Summary This security update addresses several privately reported vulnerabilities i...
PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit
No description provided by source. !/usr/bin/perl 0-Day PunBB Automatic Image Upload = v1.3.5 Delete Arbitrary File Vulnerability Coded By Dante90, WaRWolFz Crew Bug Discovered By: Dante90, WaRWolFz Crew Works only if '$AllowDelete = "USERGROUP";' is not commented in "uploadimgconfig.php" FIND...
PunBB Automatic Image Upload 1.3.5 Delete File
!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowDelete = "Members"; use LWP::UserAgent; use HTTP::Cookies; my $UserName,$PassWord,$DirectoryFile,$DeleteFile = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...
PunBB Automatic Image Upload 1.3.5 SQL Injection
!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...
PunBB Automatic Image Upload 1.3.5 - SQL Injection
PunBB Automatic Image Upload 1.3.5 - SQL Injection !/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login m...
PunBB Automatic Image Upload 1.3.5 - SQL Injection
!/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowStats = "Members"; use LWP::UserAgent; use HTTP::Cookies; use strict; my $UserName,$PassWord,$ID = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; sub Login my $Login =...
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete
PunBB Automatic Image Upload 1.3.5 - Arbitrary File Delete !/usr/bin/perl 0-Day PunBB Automatic Image Upload $AllowDelete = "Members"; use LWP::UserAgent; use HTTP::Cookies; my $UserName,$PassWord,$DirectoryFile,$DeleteFile = @ARGV; if@ARGV 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or...
Microsoft Security Bulletin MS09-032 - Critical Cumulative Security Update of ActiveX Kill Bits (973346)
Microsoft Security Bulletin MS09-032 - Critical Cumulative Security Update of ActiveX Kill Bits 973346 Published: July 14, 2009 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability that is currently being exploited. The vulnerability ...
Google Fixes Critical Flaw in Chrome Browser
Google has released a new version of its Chrome browser, which includes a fix for a serious buffer overflow vulnerability. The vulnerability in Chrome lies in the way that the browser handles certain responses from HTTP servers. Version 2.0.172.33 of Chrome is available now, although Google is no...
Do All in Cmd Shell-vulnerability warning-the black bar safety net
Foreword Cmd Shellcommand line interactionis a hack eternal topic, it is the historic and enduring it. This article is intended to introduce and summarize some of the command line under control of Windows systems. These methods are as far as possible use the system comes with the tools to achieve...
Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (1)
source: https://www.securityfocus.com/bid/35425/info Apple iPhone is prone to a security-bypass vulnerability that may cause a call to be placed automatically. Successfully exploiting this issue may allow attackers to bypass the Mail's call-approval dialog and place a call automatically from a...
Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass (3)
Apple iPhone 2.2.1 - Call Approval Dialog Security Bypass 3 source: https://www.securityfocus.com/bid/35425/info Apple iPhone is prone to a security-bypass vulnerability that may cause a call to be placed automatically. Successfully exploiting this issue may allow attackers to bypass the Mail's...