DSA-1419-1 openoffice.org

Bulletin has no description...

CVE-2002-2284

Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes...

Hack attack: in a WEB application hidden Backdoor-vulnerability warning-the black bar safety net

In many commercial programs,the programmer might, for some purposes, in the program left by the back door. We do not discuss the purpose of doing so is what, just talk about how in the program to hide an“ultimate back door.” First of all for everyone to see an example, last year I wrote an articl...

CVE-2006-3733

jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator and execute arbitrary Java code via an invokeOp...

CVE-2006-3072

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation...

CVE-2006-3072

M4 Macro Library in Symantec Security Information Manager before 4.0.2.29 HOTFIX 1 allows local users to execute arbitrary commands via crafted "rule definitions", which produces dangerous Java code during M4 transformation...

Symantec Security Information Manager Authentication bypass

SUMMARY A security vulnerability has been found in the current release of Symantec Security Information Manager. Risk Impact Low Remote | No ---|--- Local | Yes Authentication Required | No Exploit publicly available | No AFFECTED PRODUCTS Product | Version | Build | Update To ---|---|---|---...

[Full-disclosure] Google Search Appliance proxystylesheet Flaws

This document can be found online at: - http://metasploit.com/research/vulns/googleproxystylesheet/ Title: Google Search Appliance proxystylesheet Flaws Release Date: November 21, 2005 Patch Date: August 16, 2005 Reported Date: June 10, 2005 Vendor: Google Systems Affected: Google Mini Search...

Google Search Appliance proxystylesheet XSLT Java Code Execution

Exploit for hardware platform in category remote exploits ================================================================ Google Search Appliance proxystylesheet XSLT Java Code Execution ================================================================ This file is part of the Metasploit Framewor...

Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...

Google Search Appliance proxystylesheet XSLT Java Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...

Google Search Appliance - proxystylesheet XSLT Java Code Execution (Metasploit)

Google Search Appliance - proxystylesheet XSLT Java Code Execution Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license a...

Oracle 9i Application Server SOAP Default Configuration Vulnerability - Active Check

In a default installation of Oracle 9i Application Server AS v.1.0.2.2, it is possible to deploy or undeploy SOAP services without the need of any kind of credentials. SPDX-FileCopyrightText: 2003 Javier Fernandez-Sanguino Some text descriptions might be excerpted from a referenced sources, and a...

Oracle XSQL Stylesheet Vulnerability

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. OpenVAS Vulnerability Test $Id: oraclexsql.nasl 8023 2017-12-07 08:36:26Z teissa $ Description: Oracle XSQL Stylesheet...

Oracle XSQL Stylesheet Vulnerability

The Oracle XSQL Servlet allows arbitrary Java code to be executed by an attacker by supplying the URL of a malicious XSLT stylesheet when making a request to an XSQL page. SPDX-FileCopyrightText: 2000 Matt Moore Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

Bird Chat 1.61 - Denial of Service

Bird Chat 1.61 - Denial of Service / Bird Chat 1.61 - Denial Of Service - Proof Of Concept Coded by: Donato Ferrante / import java.net.Socket; import java.net.InetAddress; import java.net.ConnectException; import java.net.SocketTimeoutException; import java.io.OutputStream; import...

CVE-2002-2284

Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes...

CVE-2001-0126

Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet...

Security Bulletin MS01-010

---------------------------------------------------------------------- Title: Patch Available for "Windows Media Player Skins File Download" Vulnerability Date: February 14, 2001 Software: Windows Media Player 7 Impact: Run arbitrary code Bulletin: MS01-010 Microsoft encourages customers to...

Дырка в Oracle XSQL servlet

Имеется возможность выполнить .xsl-файл в контексте сервера. Это дает возможность выполнить любой java-код...