2670 matches found
[SECURITY] Fedora 21 Update: libdigidoc-3.9.1.1191-1.fc21
libDigiDoc is a library implementing a subset of the XAdES digital signature standard on top of Estonian specific .ddoc container format. It allows to create, sign, verify, and modify digidoc XML containers...
Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28589/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to perform certain...
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28593/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to change the victim's passwor...
Oracle Containers for J2EE Detection
Binary data oc4jdetect.nbin...
Oracle Containers for J2EE Multiple Unspecified HTTP Vulnerabilities (April 2014 CPU)
The remote install of Oracle Containers for J2EE is missing a vendor-supplied update. It is, therefore, affected by multiple, unspecified vulnerabilities related to how HTTP requests are handled. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
CVE-2014-0426
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413...
Design/Logic Flaw
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0426...
CVE-2014-0414
CVE-2014-0414 affects Oracle Containers for J2EE (Oracle Fusion Middleware 10.1.3.5). The connected sources describe a null byte injection vulnerability in the path handling when transferring a request to another static page or JSP via pageContext.forward or jsp:forward, which can lead to script ...
CVE-2014-0426
Technical details for CVE-2014-0426 are not publicly provided in the supplied documents. No explicit affected product version, root cause, or remediation are disclosed here. Monitor for updates from official advisories.
CVE-2014-0413
CVE-2014-0413 affects Oracle Fusion Middleware 10.1.3.5’s Oracle Containers for J2EE component. The vulnerability arises in HTTP request handling, enabling remote attackers to impact integrity. This entry is a separate issue from CVE-2014-0426. Connected sources confirm affected product/component...
System Level Exploration: sysdig
Linux system exploration and troubleshooting tool with first class support for containers Sysdig instruments your physical and virtual machines at the OS level by installing into the Linux kernel and capturing system calls and other OS events. Sysdig also makes it possible to create trace files f...
[USN-2104-1] LXC vulnerability
========================================================================== Ubuntu Security Notice USN-2104-1 February 12, 2014 lxc vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
[RHEL 7] Red Hat Enterprise Linux 7 Beta
Red Hat Enterprise Linux 7 Beta showcases hundreds of new features and enhancements, including: Linux Containers - Enabling applications to be created and deployed in isolated environments with allocated resources and permissions. Performance Management – Using built in tools, you can optimize...
CVE-2013-5773
CVE-2013-5773 affects Oracle Containers for J2EE within Oracle Fusion Middleware 10.1.3.5.0, with an unspecified integrity impact via Servlet Runtime; the exact vectors are not detailed in the provided documents. One connected source notes an unspecified cross-site scripting issue in Oracle’s J2E...
PT-2013-47: Directory Traversal in Oracle Containers for J2EE
The specialists of the Positive Research center have detected a Directory Traversal vulnerability in Oracle Containers for J2EE when running on Windows. Oracle Containers for J2EE does not properly handle a Request-URI sent by the client. An attacker can apply to an arbitrary script outside of th...
PT-2013-49: Null Byte Injection in Oracle Containers for J2EE
The specialists of the Positive Research center have detected a Null Byte Injection vulnerability in Oracle Containers for J2EE. Oracle Containers for J2EE does not properly handle a null byte in the path when transferring a request to another static page or a JSP script via pageContext.forward o...
PT-2013-48: CRLF Injection in Oracle Containers for J2EE
The specialists of the Positive Research center have detected a CRLF Injection vulnerability in Oracle Containers for J2EE. Oracle Containers for J2EE does not properly validate the values from the HTTP headers. An attacker can use a crafted malicious HTTP response and display arbitrary data to t...
CVE-2013-1542
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime...
CVE-2013-1514
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote authenticated users to affect integrity via vectors related to RMI Support...