Boxalino Directory Traversal

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Boxalino Vendor: Boxalino AG www.boxalino.com CVD ID: CVE-2009-1479 Subject: Directory Traversal Vulnerabilities Risk: High Effect: Remotely exploitable Author: Axel Neumann Date: 2009-10-20 Introduction ----------...

Websense Email Security xss

No description provided by source. Security Advisory NSOADV-2009-003 Title: Websense Email Security Cross Site Scripting Severity: Low Advisory ID: NSOADV-2009-003 Found Date: 28.09.2009 Date Reported: 01.10.2009 Release Date: 20.10.2009 Author: Nikolas Sotiriu Mail: nso-research at sotiriu.de UR...

Websense Email Security DoS

Exploit for unknown platform in category web applications =========================== Websense Email Security DoS =========================== Title: Websense Email Security Web Administrator DoS Severity: Low Vendor: Websense http://www.websense.com/ Affected Products: Websense Email Security v7....

Websense Email Security DoS

No description provided by source. Security Advisory NSOADV-2009-002 Title: Websense Email Security Web Administrator DoS Severity: Low Advisory ID: NSOADV-2009-002 Found Date: 28.09.2009 Date Reported: 01.10.2009 Release Date: 20.10.2009 Author: Nikolas Sotiriu Mail: nso-research at sotiriu.de...

Boxalino 09.05.25-0421 Directory Traversal

No description provided by source. COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Boxalino Vendor: Boxalino AG www.boxalino.com CVD ID: CVE-2009-1479 Subject: Directory Traversal Vulnerabilities Risk: High Effect: Remotely exploitable Author: Axel Neumann...

Websense Email Security - Cross-Site Scripting

Security Advisory NSOADV-2009-003 Title: Websense Email Security Cross Site Scripting Severity: Low Advisory ID: NSOADV-2009-003 Found Date: 28.09.2009 Date Reported: 01.10.2009 Release Date: 20.10.2009 Author: Nikolas Sotiriu Mail: nso-research at sotiriu.de URL:...

Websense Email Security - Cross-Site Scripting

Websense Email Security - Cross-Site Scripting Security Advisory NSOADV-2009-003 Title: Websense Email Security Cross Site Scripting Severity: Low Advisory ID: NSOADV-2009-003 Found Date: 28.09.2009 Date Reported: 01.10.2009 Release Date: 20.10.2009 Author: Nikolas Sotiriu Mail: nso-research at...

[BONSAI] SQL Injection in Achievo

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

Achievo SQL Injection

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ SQL Injection in Achievo 1. Advisory Information Title: SQL Injection in Achievo Advisory ID: BONSAI-2009-0102 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-sql-injection-0102.txt Date published:...

[BONSAI] XSS in Achievo - Customized XSS payload included

Bonsai Information Security - Advisory http://www.bonsai-sec.com/research/ Multiple XSS in Achievo 1. Advisory Information Title: Multiple XSS in Achievo Advisory ID: BONSAI-2009-0101 Advisory URL: http://www.bonsai-sec.com/research/vulnerabilities/achievo-multiple-xss-0101.txt Date published:...

Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing...

Hyperic HQ 3.2 - 4.2-beta1 Multiple XSS

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Hyperic HQ Multiple XSS 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Advisory URL:...

Hyperic HQ Multiple XSS

Advisory ID Internal CORE-2009-0812 1. Advisory Information Title: Hyperic HQ Multiple XSS Advisory Id: CORE-2009-0812 Date published: 2009-10-02 Date of last update: 2009-11-23 Vendors contacted: SpringSource Release mode: Coordinated release 2. Vulnerability Information Class: Cross site...

Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability when processing the protocol headers for the Server Message Block SMB Negotiate Protocol Request. NOTE: Reportedly, for this issue to be exploitable, file sharing must be enabled. An attacker can exploit this issue to execute cod...

Dnsmasq 2.50 - Heap Overflow Null Pointer Dereference

Dnsmasq 2.50 - Heap Overflow Null Pointer Dereference -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server 1. Advisory Information Title: Dnsmasq Heap...

Dnsmasq < 2.50 - Heap Overflow / Null Pointer Dereference

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server 1. Advisory Information Title: Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server...

TCP/IP Orphaned Connections Vulnerability

Recurity Labs GmbH http://www.recurity-labs.com [email protected] Date: 09.09.2009 Vendor: Microsoft Corporation Product: Microsoft Windows XP/Vista TCP/IP-Stack Vulnerability: TCP/IP Orphaned Connections Vulnerability Affected Releases: Windows Vista Business SP1/ Windows XP SP3...

Core Security Technologies Advisory 2009.0820

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server 1. Advisory Information Title: Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server...

Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server

1. Advisory Information Title: Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server Advisory ID: CORE-2009-0820 Advisory URL:http://www.coresecurity.com/core-labs/advisories/dnsmasq-vulnerabilities Date published: 2009-08-31 Date of last update: 2009-08-31 Vendors contacted: Simon...

[MORNINGSTAR-2009-01] Multiple security issues in Open Auto Classifieds version <= 1.5.9

MorningStar Security - Advisory http://www.morningstarsecurity.com/ Multiple security issues in Open Auto Classifieds 1. Advisory Information ---------------------------------------------------------------------------------------------- Title: Multiple security issues in Open Auto Classifieds...