CVE-2014-1259

Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service application crash via a crafted filename...

Buffer overflow

Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service application crash via a crafted filename...

CVE-2014-1259

Buffer overflow in File Bookmark in Apple OS X before 10.9.2 allows attackers to execute arbitrary code or cause a denial of service application crash via a crafted filename...

CVE-2014-1259

Apple OS X before 10.9.2 is affected by CVE-2014-1259 due to a buffer overflow in the File Bookmark handling when processing a filename. The vulnerability can enable arbitrary code execution or cause an application crash (DoS). The issue is listed across multiple sources, including NVD and macOS ...

Apple Mac OS X多个安全漏洞(APPLE-SA-2014-02-25-1)

BUGTRAQ ID: 65777 CVECAN ID: CVE-2014-1254,CVE-2014-1262,CVE-2014-1255,CVE-2014-1256,CVE-2014-1257,CVE-2014-1258,CVE-2014-1261,CVE-2014-1263,CVE-2014-1265,CVE-2014-1259,CVE-2014-1264,CVE-2014-1260,CVE-2014-1246,CVE-2014-1247,CVE-2014-1248,CVE-2014-1249,CVE-2014-1250,CVE-2014-1245 OS X（前称Mac OS...

Mac OS X Multiple Vulnerabilities (Security Update 2014-001) (BEAST)

The remote host is running a version of Mac OS X 10.7 or 10.8 that does not have Security Update 2014-001 applied. This update contains several security-related fixes for the following components : - Apache - App Sandbox - ATS - Certificate Trust Policy - CFNetwork Cookies - CoreAnimation - Date...

Mac OS X 10.9.x < 10.9.2 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.9.x that is prior to 10.9.2. This update contains several security-related fixes for the following components : - Apache - ATS - Certificate Trust Policy - CoreAnimation - CoreText - curl - Data Security - Date and Time - File Bookmark - Finder ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the signin functionality of ics in MyTeamwork services in Alcatel-Lucent Omnitouch 8660 My Teamwork before 6.7, Omnitouch 8670 Automated Message Delivery System AMDS before 6.7, Omnitouch 8460 Advanced Communication Server before 9.1, and...

WordPress 3.1.3 SQL Inject-vulnerability warning-the black bar safety net

sql inject wp-includes/taxonomy.php http://localhost/wp-admin/edit-tags. php? taxonomy=linkcategory&orderby = SQL Inject & nbsp; ORDER = SQL Injecthttp://localhost/wp-admin/edit-tags.php?taxonomy=posttag&orderby = SQL Inject & nbsp; ORDER = SQL Inject http://localhost/wp-admin/edit-tags. php?...

DEDECMS v5. 7(2013-06-07) xss+csrf 0day-vulnerability warning-the black bar safety net

Bookmark management existxss+csrf http://localhost/dedecms/member/flinkmain.php xss:http://localhost/dedecms/member/flinkmain.php?dopost=addnew&title=test' onmouseover=alert1;'&url=test' onmouseover=alert1;' CSRF:img...

Foreman: app/controllers/bookmarks_controller.rb remote code execution

Eval injection vulnerability in the create method in the Bookmarks controller in Foreman before 1.2.0-RC2 allows remote authenticated users with permissions to create bookmarks to execute arbitrary code via a controller name attribute...

[SECURITY] Fedora 18 Update: kde-baseapps-4.10.4-1.fc18

Core applications for KDE 4, including: dolphin : File manager kdepasswd : Changes a UNIX password. kdialog : Nice dialog boxes from shell scripts keditbookmarks : Bookmark oranizer and editor kfind : File find utility kfmclient : Tool for opening URLs from the command line konqueror : Web browse...

[SECURITY] Fedora 19 Update: kde-baseapps-4.10.4-1.fc19

Core applications for KDE 4, including: dolphin : File manager kdepasswd : Changes a UNIX password. kdialog : Nice dialog boxes from shell scripts keditbookmarks : Bookmark oranizer and editor kfind : File find utility kfmclient : Tool for opening URLs from the command line konqueror : Web browse...

Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities

Vanilla Forums Van2Shout Plugin 1.0.51 - Multiple Cross-Site Request Forgery Vulnerabilities Exploit Title: Vanilla Forums where 1337 is the id. Bookmark CSRF: http://site.org/index.php=/vanilla/discussion/bookmark/1337 UnBookmark CSRF http://site.org/index.php=/vanilla/discussion/bookmark/1337?...

Server: Multiple XSS vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in ownCloud 5.0.0 allow remote attackers to inject arbitrary web script or HTML via the "newname" POST parameter to renameTag.php in /apps/bookmarks/ajax/ Commits: 1c63eb1 stable5 Risk: Medium Note: Successful exploitation of this stored XSS...

CVE-2012-4203

The New Tab page in Mozilla Firefox before 17.0 uses a privileged context for execution of JavaScript code by bookmarklets, which allows user-assisted remote attackers to run arbitrary programs by leveraging a javascript: URL in a bookmark...

DEBIAN-CVE-2012-4732

Cross-site request forgery CSRF vulnerability in Request Tracker RT 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authentication of users for requests that toggle ticket bookmarks...

BookNux 0.2 Cross Site Scripting / SQL Injection

Exploit for php platform in category web applications BookNux 0.2 Vendor information: "This is an online bookmark manager. It's allow several user, share bookmark private or public. It's use php and mysql." Vendor URI: http://developer.berlios.de/projects/booknux/ Issues: SQL Injection, Cross Sit...

Social Bookmark CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Social Bookmark CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/social-bookmark-script/28963/ Category:: webapps Demo : http://www.e-soft24.com/scripts/social-bookmark/admin Greetz: Inj3ct0r...

Video Bookmark CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: Video Bookmark CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/video-bookmark-script/28016/ Category:: webapps Demo : http://www.e-soft24.com/scripts/video-bookmark/admin/ Greetz: Inj3ct0r Explo...