Notes dog a pittance latest injection vulnerability-vulnerability warning-the black bar safety net

/modules/ajax/topic.mod.php function Picajax //echo 1 1; //echo base64encodeserializearray'a'='0''; $options = array; $TopicListLogic = Load::logic'topiclist', 1; $perpagenum = $this-Post'ppnum' ? int$this-Post'ppnum' : 2 0; $cachetime = $this-Post'ctime' ? int$this-Post'ctime' : 1 0; $uid =...

Scientific Linux Security Update : libsoup on SL4.x, SL5.x i386/x86_64

An integer overflow flaw which caused a heap-based buffer overflow was discovered in libsoup's Base64 encoding routine. An attacker could use this flaw to crash, or, possibly, execute arbitrary code. This arbitrary code would execute with the privileges of the application using libsoup's Base64...

Scientific Linux Security Update : glib2 on SL5.x i386/x86_64

Diego Petten discovered multiple integer overflows causing heap-based buffer overflows in GLib's Base64 encoding and decoding functions. An attacker could use these flaws to crash an application using GLib's Base64 functions to encode or decode large, untrusted inputs, or, possibly, execute...

Scientific Linux Security Update : evolution-data-server on SL5.x i386/x86_64

Evolution Data Server did not properly check the Secure/Multipurpose Internet Mail Extensions S/MIME signatures used for public key encryption and signing of e-mail messages. An attacker could use this flaw to spoof a signature by modifying the text of the e-mail message displayed to the user...

Google Android - 'content://' URI Multiple Information Disclosure Vulnerabilities

Android Data Stealing Web PageClick: Malicious Link"; // Stage 1: Redirect to Stage 2 which will force a download of the HTML/JS payload, then a few seconds later redirect...

aidiCMS 3.55 - 'ajax_create_folder.php' Remote Code Execution

?php / -------------------------------------------------------------------- aidiCMS v3.55 ajaxcreatefolder.php Remote Code Execution Exploit -------------------------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom...

WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection

WordPress Plugin BuddyPress 1.2.10 WordPress Theme DEV Blogs Mu 1.2.6 WordPress 3.1.4 - Regular Subscriber HTML Injection source: https://www.securityfocus.com/bid/49765/info Multiple products are prone to an HTML-injection vulnerability because they fail to sufficiently sanitize user-supplied...

WordPress Plugin BuddyPress 1.2.10 / WordPress Theme DEV Blogs Mu 1.2.6 (WordPress 3.1.4) - Regular Subscriber HTML Injection

source: https://www.securityfocus.com/bid/49765/info Multiple products are prone to an HTML-injection vulnerability because they fail to sufficiently sanitize user-supplied input. An attacker could exploit this vulnerability to execute arbitrary script code in the browser of an unsuspecting victi...

Zyncro 3.0.1.20 - Multiple HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/49740/info Zyncro is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input. Note: To exploit these issues, an attacker must have the ability to create a new group and capture the packets transferred...

NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability

NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability CVSS Risk Rating: 4.6 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/15/2011 Discovered...

CentOS Update for evolution28-libsoup CESA-2009:0344 centos4 i386

Check for the Version of evolution28-libsoup OpenVAS Vulnerability Test CentOS Update for evolution28-libsoup CESA-2009:0344 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribu...

CentOS Update for evolution CESA-2009:0358 centos3 i386

Check for the Version of evolution OpenVAS Vulnerability Test CentOS Update for evolution CESA-2009:0358 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

bogofilter -- heap underrun on malformed base64 input

Julius Plenz reports: I found a bug in the base64decode function which may cause memory corruption when the function is executed on a malformed base64 encoded string. If a string starting with an equal-sign is passed to the base64decode function it triggers a memory corruption that in some cases...

RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities

Binary data 5511.prm...

RealNetworks Helix Server 11.x / 12.x / 13.x Multiple Vulnerabilities

According to its banner, the remote host is running version 11.x, 12.x, or 13.x of RealNetworks Helix Server / Helix Mobile Server. Such versions are potentially affected by multiple vulnerabilities : - A heap overflow exists in the NTLM authentication code related to invalid Base64 encoding...

Mozilla Base64 decoding crash

Multiple integer overflows in the 1 PLBase64Decode and 2 PLBase64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service memory corruption and application crash...

To bypass the'Access Denied'-a vulnerability warning-the black bar safety net

jackal registerglobals = On ? php $sqlcontent = "? PHP exit’Access Denied’; ?& gt;".$ p."\ n"; fileputcontents$logfile, $sqlcontent; ?& gt;exp-demo. php? logfile=php://filter/write=convert. base64-decode/resource=abc. php&p=aPD9waHAgcGhwaW5mbygpOy8vPz4= http://marc.info/?l=full-disclosure& ... 7...

Smart PHP Subscriber Multiple Disclosure Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Smart PHP Subscriber Multiple Disclosure Vulnerabilities ========================================================...

SuSE 10 Security Update : libsoup (ZYPP Patch Number 6223)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2009-0585 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...

SuSE 11 Security Update : glib2 (SAT Patch Number 817)

Large strings could lead to a heap overflow in the base64 encoding and decoding functions. Attackers could potentially exploit that to execute arbitrary code. CVE-2008-4316 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...