Apple Safari 3 for Windows - Protocol Handler Command Injection

source: https://www.securityfocus.com/bid/24434/info Apple Safari for Windows is prone to a protocol handler command-injection vulnerability. Exploiting the issue allows remote attackers to pass arbitrary command-line arguments to any application that can be called through a protocol handler. Thi...

Mac OS X Safari information leak

Saved password can be accessed from the web page via system components...

safari's saved password at risk

I'd like to inform you that safari is prone to a vunlerability that allow a local user to steal safari's saved passwords by using some macosx componenets. More infos about this issue will be made available as soon as apple will provide a fix. I strongly recommend users remove all safari's saved...

ActiveGS ActiveX multiple buffer overflows

Buffer overflows in different components...

CVE-2007-2317

Multiple PHP remote file inclusion vulnerabilities in MiniBB Forum 1.5a and earlier, as used by TOSMO/Mambo 4.0.12 and probably other products, allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to bbplugins.php in 1 components/minibb/ or 2...

Looked at the foreign cattle people how to tap Microsoft vulnerability-vulnerability warning-the black bar safety net

Ghost boy note: contains a w3wp-dos. c and a PDF document. I also added a download mirror to prevent the official link failure. Information source: 混世魔王 blog w3wp remote DoS due to improper reference of STA COM components in ASP.NET asp.net COM DOS EXP research Cattle below download address. And...

AROUNDMe 0.7.7 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. AROUNDMe 077 Found by kezzap66345 Script Download:http://download.savannah.gnu.org/releases/aroundme/aroundme077.tar.gz ERROR1: File:\components\core\inc\coreprofile.header.php includeonce$languagepathcore . 'inc/mecommon.inc.php'; rfi coded RFI1:...

AROUNDMe 0.7.7 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ============================================================= AROUNDMe 0.7.7 Multiple Remote File Inclusion Vulnerabilities ============================================================= AROUNDMe 077 Found by kezzap66345 ERROR1:...

Microsoft Data Access Components code execution

ADODB.Connection NextRecordset / Execute double free vulnerability. Can be used for hidden malware installation...

DEBIAN-CVE-2007-1266

Evolution 2.8.1 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Evolution from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message...

DEBIAN-CVE-2007-1268

Mutt 1.5.13 and earlier does not properly use the --status-fd argument when invoking GnuPG, which prevents Mutt from visually distinguishing between signed and unsigned portions of OpenPGP messages with multiple components, which allows remote attackers to forge the contents of a message without...

Within a minute the whole network paralysis NMPI-vulnerability warning-the black bar safety net

Disclaimer:This article is for personal research, not for destroying it!!!! Today best friend suddenly called me, said to open his own cafe is people get miserable, please save me the“life” is! Heard what was going on, I had to sympathize, because this is the WIN9x deadly vulnerability But this...

CVE-2007-1249

MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check "the additional environment security configuration," which allows remote attackers with write permissions to reorder components...

Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:050-1)

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10. This update provides the latest Firefox to correct these issues. Update : A regression was found in the latest Firefox packages provided where changes to library paths...

CVE-2007-1056

VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service. NOTE: exploitation is...

CVE-2007-1056

VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service. NOTE: exploitation is...

Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer (928090)

Microsoft Security Bulletin MS07-016 Cumulative Security Update for Internet Explorer 928090 Published: February 13, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...

MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779)

The remote host contains a version of the ADODB.Connection ActiveX control that is vulnerable to a security flaw that could allow an attacker to execute arbitrary code on the remote host by constructing a malicious web page and entice a victim to visit this web page. Tenable Network Security, Inc...

Microsoft Security Bulletin MS07-009 Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779)

Microsoft Security Bulletin MS07-009 Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution 927779 Published: February 13, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maxim...

CVE-2007-0675

A certain ActiveX control in sapi.dll aka the Speech API in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sou...