Sybase ASE 15.x Java Command Execution

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Java Operating System command execution. Risk Level: High Affected versions: Sybase ASE 15.0, 15.5 and 15.7 Remote exploitable: Yes Credits: This vulnerability was discovered...

Carlo Gavazzi EOS Box Multiple Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has identified two vulnerabilities in the Carlo Gavazzi EOS-Box Photovoltaic Monitoring System. Carlo Gavazzi has produced a firmware...

Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)

The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP ...

Scientific Linux Security Update : java-1.6.0-sun on SL5.x i386/x86_64 (20120904)

These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password. To be successfully exploited, an unsuspecting user running an affected release in a browser will need to visit a malicious web page th...

bacula -- Console ACL Bypass

A security issue has been reported in Bacula, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to an error within the implementation of console ACLs, which can be exploited to gain access to certain restricted functionality and e....

Slackware Advisory SSA:2003-260-02 Sendmail vulnerabilities fixed

The remote host is missing an update as announced via advisory SSA:2003-260-02. OpenVAS Vulnerability Test $Id: esoftslkssa200326002.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

Slackware: Security Advisory (SSA:2003-260-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mandriva Linux Security Advisory : mozilla-thunderbird (MDVSA-2012:147)

Security issues were identified and fixed in mozilla thunderbird : Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we...

Newest Java 7 Update Still Exploitable, Researcher Says

UPDATE–Oracle last week patched the two zero-day vulnerabilities in Java that attackers had been exploiting in targeted attacks, but it didn’t take long for researchers to poke more holes in the software. A new bug that allows a complete Java sandbox escape has been identified already, the latest...

SVG buffer overflow and use-after-free issues — Mozilla

Security researcher Arthur Gerkis used the Address Sanitizer tool to find two issues involving Scalable Vector Graphics SVG files. The first issue is a buffer overflow in Gecko's SVG filter code when the sum of two values is too large to be stored as a signed 32-bit integer, causing the function ...

Memory corruption with bitmap format images with negative height — Mozilla

Security researcher Frédéric Hoguin reported two related issues with the decoding of bitmap .BMP format images embedded in icon .ICO format files. When processing a negative "height" header value for the bitmap image, a memory corruption can be induced, allowing an attacker to write random memory...

Location object security checks bypassed by chrome code — Mozilla

Mozilla security researcher mozbugra4 reported that certain security checks in the location object can be bypassed if chrome code is called content in a specific manner. This allowed for the loading of restricted content. This can be combined with other issues to become potentially exploitable...

Graphite 2 memory corruption — Mozilla

Using the Address Sanitizer tool, Mozilla security researcher Christoph Diehl discovered two memory corruption issues involving the Graphite 2 library used in Mozilla products. Both of these issues can cause a potentially exploitable crash. These problems were fixed in the Graphite 2 library, whi...

DOMParser loads linked resources in extensions when parsing text/html — Mozilla

Security researcher vsemozhetbyt reported that when the DOMParser is used to parse text/html data in a Firefox extension, linked resources within this HTML data will be loaded. If the data being parsed in the extension is untrusted, it could lead to information leakage and can potentially be...

WebGL use-after-free and memory corruption — Mozilla

Security researcher miaubiz used the Address Sanitizer tool to discover two WebGL issues. The first issue is a use-after-free when WebGL shaders are called after being destroyed. The second issue exposes a problem with Mesa drivers on Linux, leading to a potentially exploitable crash...

Google engineers Warn Of Serious Unpatched Adobe Reader Flaws

Adobe has missed dozens of vulnerabilities in Reader in this week's Patch Tuesday run according to Google engineers who reported the flaws. Sixteen vulnerabilities still affected the Windows and Mac OS X versions, while 31 critical and "trivially exploitable" bugs were found in the Linux...

CVE-2012-2806

Heap-based buffer overflow in the getsos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large component count in the header of a JPEG image...

reflected xss in the pageId request parameter in 500page.jsp

A scanner picked up that the pageId parameter in 500page.jsp is a potentially reflected xss bug. This can be exploited through a url like the following: https://example.com/pages/viewtrash.vm;editpage?pageId=%22%3E%3Cscript%3Ealert1%3C/script%3E code /images/icons/emoticons/warning.png" You can...

PolarisCMS Cross Site Scripting

PolarisCMS blog.aspx Remote URI Based Cross-Site Scripting Vulnerability Vendor: PolarisCMS Product web page: http://www.polariscms.com Affected version: 2012 Summary: PolarisCMS is a White Label CMS content management System providing more features, functions and flexibility to global web...

Open Constructor - datafileedit.php?result Cross-Site Scripting

Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...