CVE-2007-5589

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in 1 PHPSELF in a serverstatus.php, and b grabglobals.lib.php, c displaychangepassword.lib.php, and d common.lib.php in...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in 1 PHPSELF in a serverstatus.php, and b grabglobals.lib.php, c displaychangepassword.lib.php, and d common.lib.php in...

CVE-2007-5589

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in 1 PHPSELF in a serverstatus.php, and b grabglobals.lib.php, c displaychangepassword.lib.php, and d common.lib.php in...

CVE-2007-5589

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via certain input available in 1 PHPSELF in a serverstatus.php, and b grabglobals.lib.php, c displaychangepassword.lib.php, and d common.lib.php in...

libvorbis security update

CentOS Errata and Security Advisory CESA-2007:0912-01 Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contai...

GLSA-200710-08 : KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow

The remote host is affected by the vulnerability described in GLSA-200710-08 KOffice, KWord, KPDF, KDE Graphics Libraries: Stack-based buffer overflow KPDF includes code from xpdf that is vulnerable to an integer overflow in the StreamPredictor::StreamPredictor function. Impact : A remote attacke...

Important: Red Hat Security Advisory: libvorbis security update

Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package contains runtime libraries for use in programs that support...

[SECURITY] Fedora Core 6 Update: kdelibs-3.5.7-1.fc6

Libraries for the K Desktop Environment: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

Moderate: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment KDE. Two...

CVE-2004-2693

HP-UX B.11.00 and B.11.11 with B6848AB GTK+ Support Libraries installed uses insecure directory permissions, which allows local users to gain privileges via files in /opt/gnome/src/GLib/...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Puzzle Apps CMS 2.2.1 allow remote attackers to execute arbitrary PHP code via a URL in the MODULEDIR parameter to 1 core/modules/my/my.module.php or 2 core/modules/xml/xml.module.php; the COREROOT parameter to 3 config.loader.php, 4...

Microsoft MFC FindFile function heap buffer overflow

Overview A buffer overflow vulnerability in the Microsoft Foundation Class MFC Library could allow an attacker to execute arbitrary code on an affected system. Description The Microsoft Foundation Class MFC Library is a Microsoft library that wraps parts of the Windows API in C++ classes. The MFC...

libvorbis security update

CentOS Errata and Security Advisory CESA-2007:0845 Updated libvorbis packages to correct several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The libvorbis package...

Code injection

SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote attackers to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an error response, a differen...

CVE-2007-4613

CVE-2007-4613 affects BEA WebLogic Server SSL libraries (versions 6.1 Gold–SP7, 7.0 Gold–SP7, 8.1 Gold–SP5). Vulnerability: an attacker in a MITM can obtain plaintext from an SSL stream by injecting crafted data and measuring timing of error responses. This is a separate issue from CVE-2006-2461....

[SECURITY] Fedora 7 Update: libvorbis-1.1.2-3.fc7

Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. The libvorbis package contains runtime libraries for use in programs that support Ogg Voribs...

[SECURITY] Fedora 7 Update: kdelibs-3.5.7-20.fc7

Libraries for the K Desktop Environment: KDE Libraries included: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, kio Input/Output, networking, kspell spelling checker, jscript javascript, kab addressbook, kimgio image manipulation...

[SECURITY] Fedora 7 Update: openssl-0.9.8b-14.fc7

The OpenSSL toolkit provides support for secure communications between machines. OpenSSL includes a certificate management tool and shared libraries which provide various cryptographic algorithms and protocols...

CrystalPlayer 1.98 - '.mls' Local Buffer Overflow

!/usr/bin/perl Crystal Player 1.98 Playlist.mls File Local Buffer Overflow Exploit Source:: http://www.crystalplayer.com/CrystalPro.exe Credit To Timq For The Vulnerability POC By Arham Muhammad While Debugging EIP And EBP Successfully Gets Overwritten! Upon Successful Exploitation, DOS Occurs An...

ExLibris Aleph and Metalib Cross Site Scripting Attack

ExLibris Aleph and Metalib Cross Site Scripting Attack ------------------------------------------------------ Matthew Cook Date 16/07/2007 http://escarpment.net/ http://escarpment.net/exlibris.txt Attack: Multiple versions of the ExLibris http://www.exlibrisgroup.com/ Aleph and Metalib products a...