3.0.3): Arbitrary Java code execution via an HTTP request containing a specially-crafted .jar file

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs0=jar: followed by a URL of a crafted .jar file...

Digital Forensics Framework v0.9.0 latest version download !

"DFF Digital Forensics Framework is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules." This is...

DSA-2122-2 glibc - privilege escalation

Bulletin has no description...

CentOS 5 : glibc (CESA-2010:0793)

Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

DEBIAN-CVE-2010-4159

Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-4159

Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory...

Important: Red Hat Security Advisory: glibc security and bug fix update

Updated glibc packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

linux/ARM - Loader Port 0x1337 Shellcode

Exploit for linux/x86 platform in category shellcode ======================================== linux/ARM - Loader Port 0x1337 Shellcode ======================================== / Title: arm-loader Brief: Bind port 0x1337 on any local interface, listen for a connection receive a payload, and pass...

ARM Loader Port 0x1337

ARM Loader Port 0x1337. Shellcode exploit for arm platform / Title: arm-loader Brief: Bind port 0x1337 on any local interface, listen for a connection receive a payload, and pass execution to it Author: Daniel Godas-Lopez / / socdes = socketAFINET, SOCKSTREAM, IPPROTOTCP; / mov %r0, $2 / AFINET /...

[SECURITY] [DSA 2122-1] New glibc packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-2122-1 [email protected] http://www.debian.org/security/ Florian Weimer October 22, 2010 http://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: glibc security update

Updated glibc packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

DEBIAN-CVE-2010-2546

Multiple heap-based buffer overflows in loaders/loadit.c in libmikmod, possibly 3.1.12, might allow remote attackers to execute arbitrary code via 1 crafted samples or 2 crafted instrument definitions in an Impulse Tracker file, related to panpts, pitpts, and ITProcessEnvelope. NOTE: some of thes...

Fedora Update for mono FEDORA-2010-10433

Check for the Version of mono OpenVAS Vulnerability Test Fedora Update for mono FEDORA-2010-10433 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora Update for mono FEDORA-2010-10332

Check for the Version of mono OpenVAS Vulnerability Test Fedora Update for mono FEDORA-2010-10332 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[SECURITY] Fedora 13 Update: mono-2.6.4-1.fc13

The Mono runtime implements a JIT engine for the ECMA CLI virtual machine as well as a byte code interpreter, the class loader, the garbage collector, threading system and metadata access libraries...

PT-2010-1181 · Spring · Spring Framework

Name of the Vulnerable Software and Affected Versions: Spring Framework versions 2.5.x through 2.5.5, 2.5.7 before 2.5.7.SR01, and 3.0.x through 3.0.2 Description: The issue is related to incorrect code generation management in the Spring Framework, allowing remote attackers to execute arbitrary...

Spring Framework - Arbitrary code Execution

CVE-2010-1622: Spring Framework execution of arbitrary code Severity: Critical Vendor: SpringSource, a division of VMware Versions Affected: 3.0.0 to 3.0.2 2.5.0 to 2.5.6.SEC01 community releases 2.5.0 to 2.5.7 subscription customers Earlier versions may also be affected Description: The Spring...

OpenJDK Deserialization of RMIConnectionImpl objects should enforce stricter checks (6893947)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18 and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...

DEBIAN-CVE-2010-0830

Integer signedness error in the elfgetdynamicinfo function in elf/dynamic-link.h in ld.so in the GNU C Library aka glibc or libc6 2.0.1 through 2.11.1, when the --verify option is used, allows user-assisted remote attackers to execute arbitrary code via a crafted ELF program with a negative value...

Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 (java-1.6.0-openjdk)

Check for the Version of java-1.6.0-openjdk OpenVAS Vulnerability Test Mandriva Update for java-1.6.0-openjdk MDVSA-2010:084 java-1.6.0-openjdk Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...