ASTPP VoIP Billing (4cf207a) - Multiple Vulnerabilities

ASTPP VoIP Billing 4cf207a - Multiple Vulnerabilities Title: ====== ASTPP VoIP Billing 4cf207a - Multiple Web Vulnerabilities Date: ===== 2012-08-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=687 VL-ID: ===== 687 Common Vulnerability Scoring System:...

CVE-2012-2298

Multiple cross-site scripting XSS vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 "user names in page titles" and 2 "autocomplete callbacks."...

JW Player 5.9 Cross Site Scripting / Content Spoofing

Exploit for multiple platform in category web applications Hello list! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Play...

JW Player 5.9 Cross Site Scripting / Content Spoofing

Hello list! I want to warn you about security vulnerabilities in JW Player. These are Content Spoofing and Cross-Site Scripting vulnerabilities. ------------------------- Affected products: ------------------------- Vulnerable are JW Player 5.9.2156 and 5.9.2206, except one vulnerability and...

Fedora Update for rubygem-activemodel FEDORA-2011-11386

Check for the Version of rubygem-activemodel OpenVAS Vulnerability Test Fedora Update for rubygem-activemodel FEDORA-2011-11386 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

Multiple dangling pointer vulnerabilities — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the...

[SECURITY] Fedora 15 Update: rubygem-activemodel-3.0.5-1.fc15

Rich support for attributes, callbacks, validations, observers, serialization, internationalization, and testing. It provides a known set of interfaces for usage in model classes. It also helps building custom ORMs for use outside of the Rails framework...

PHP 5.3 < 5.3.3 Multiple Vulnerabilities

According to its banner, the version of PHP 5.3 installed on the remote host is older than 5.3.3. Such versions may be affected by several security issues : - An error exists when processing invalid XML-RPC requests that can lead to a NULL pointer dereference. bug 51288 CVE-2010-0397 - An error...

CVE-2009-3577

Autodesk 3D Studio Max 3DSMax 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks."...

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk 3DS Max Application Callbacks Arbitrary Command Execution 1. Advisory Information Title: Autodesk 3DS Max Application...

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

Advisory ID Internal CORE-2009-0909 Core Security - CoreLabs Autodesk 3DS Max Application Callbacks Arbitrary Command Execution 1. Advisory Information Title: Autodesk 3DS Max Application Callbacks Arbitrary Command Execution Advisory Id: CORE-2009-0909 Advisory...

Autodesk 3DS Max Application Callbacks Arbitrary Command Execution

Exploit for unknown platform in category local exploits ================================================================== Autodesk 3DS Max Application Callbacks Arbitrary Command Execution ================================================================== Title: Autodesk 3DS Max Application...

Autodesk 3ds - Max Application Callbacks Arbitrary Command Execution

source: https://www.securityfocus.com/bid/36634/info Autodesk 3ds Max is prone to a vulnerability that lets attackers execute arbitrary commands in the context of the vulnerable application. This issue affects the following: 3ds Max 6 through 9 3ds Max 2008 through 2010 Other versions may also be...

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv104, allows remote authenticated users to cause a denial of service NIS+ daemon hang via unspecified vectors related to NIS+ callbacks...

CVE-2009-2029

Unspecified vulnerability in rpc.nisd in Sun Solaris 8 through 10, and OpenSolaris before snv104, allows remote authenticated users to cause a denial of service NIS+ daemon hang via unspecified vectors related to NIS+ callbacks...

CVE-2008-2772

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

CVE-2008-2772

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

OpenAFS race conditions

Race conditions on acquiring and giving back file callbacks...

DEBIAN-CVE-2007-6599

Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service daemon crash by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list...

CVE-2007-6599

Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service daemon crash by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list...