CVE-2008-0891

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service crash via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information...

CVE-2008-0891

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service crash via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information...

DEBIAN-CVE-2008-0891

Double free vulnerability in OpenSSL 0.9.8f and 0.9.8g, when the TLS server name extensions are enabled, allows remote attackers to cause a denial of service crash via a malformed Client Hello packet. NOTE: some of these details are obtained from third party information...

www file share pro 5.30 insecure multiple

this server that now has reached 5.30 per version still contains many elements of insecurity: does not control the file extensions loaded not figure the pass not esitone setting permits 666 777 etc. Min poc: http://gmda.altervista.org/wfsp530xpl/wfsp530exp.bat.txt...

Multiple vulnerabilities in extension Frontend User Registration (sr_feuser_register)

It has been discovered that the extension Frontend User Registration srfeuserregister is susceptible to Cross Site Scripting XSS attacks and allows Remote Command Execution. Component Type: Third party extensions. These extensions are not part of the TYPO3 default installation. Affected Versions:...

[SECURITY] Fedora 8 Update: epiphany-extensions-2.20.1-7.fc8

Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser...

[SECURITY] Fedora 7 Update: epiphany-extensions-2.18.3-9

Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser...

Vulnerabilities in extensions in pmk_rssnewsexport and scm_rdfexport

It has been discovered that the extensions pmkrssnewsexport and cmrdfexport are vulnerable to SQL Injection attacks. Component Type: Third party extensions. These extensions are not part of the TYPO3 default installation. Affected Versions: pmkrssnewsexport: All versions, cmrdfexport: All version...

CVE-2008-1780

Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors...

CVE-2008-1780

Unspecified vulnerability in the labeled networking functionality in Solaris 10 Trusted Extensions allows applications in separate labeling zones to bypass labeling restrictions via unknown vectors...

CVE-2008-1780

CVE-2008-1780 concerns Solaris 10 Trusted Extensions, where the labeled networking functionality can be bypassed across separate labeling zones via unknown vectors. The underlying root cause is not detailed in the provided sources. The NVD entry notes a local attacker with low complexity could ac...

XFree86 / X.Org / NX multiple security vulnerabilities

XInput and TOG-CUP extensions memory corruption, EVI and MIT-SHM extensions integer overflows, multiple extensions array index overflows. libxfont PCF fonts parsing buffer overflow...

[SECURITY] Fedora 8 Update: epiphany-extensions-2.20.1-6.fc8

Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser...

[SECURITY] Fedora 7 Update: epiphany-extensions-2.18.3-8

Epiphany Extensions is a collection of extensions for Epiphany, the GNOME web browser...

Microsoft IIS ASP远程代码执行漏洞（MS08-006）

BUGTRAQ ID: 27676 CVECAN ID: CVE-2008-0075 Microsoft Internet信息服务（IIS）是Microsoft Windows自带的一个网络信息服务器，其中包含HTTP服务功能。 IIS处理ASP网页输入的方式存在远程代码执行漏洞，允许攻击者向网站的ASP页面传送恶意输入。成功利用这个漏洞的攻击者可以在IIS服务器上以WPI的权限（默认配置为网络服务帐号权限）执行任意操作。 Microsoft IIS 6.0 Microsoft IIS 5.1 临时解决方法： 在Windows Server 2003上禁用传统风格ASP： 1...

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 27th February 2008 The erratum text has been updated to include the...

CVE-2007-6689

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the 1 Core application or 2 MIME module...

CVE-2007-6689

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the 1 Core application or 2 MIME module...

Design/Logic Flaw

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the 1 Core application or 2 MIME module...

CVE-2007-6689

Menalto Gallery before 2.2.4 does not properly check for malicious file extensions during file uploads, which allows attackers to execute arbitrary code via the 1 Core application or 2 MIME module...