406 matches found
Symphony CMS 2.1.2 - Blind SQL Injection
Symphony CMS 2.1.2 - Blind SQL Injection -------------------------------------------------------------------------------------------- 20110424 - Justanotherhacker.com : Symphony-cms blind sql injection JAHx111 - http://www.justanotherhacker.com/advisories/JAHx111.txt...
Moderate: Red Hat Security Advisory: gnupg2 security update
An updated gnupg2 package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SpringSource Hyperic HQ Cross Site Scripting
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2009-2907: SpringSource Hyperic HQ multiple XSS vulnerabilities Severity: Moderate Vendor: SpringSource Versions Affected: SpringSource Hyperic HQ 4.2 pre-release versions SpringSource Hyperic HQ 4.1.0 to 4.1.2 SpringSource Hyperic HQ 4.0.0 to 4.0...
AST-2010-003: Invalid parsing of ACL rules can compromise security
Asterisk Project Security Advisory - AST-2010-003 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Invalid parsing of ACL rules can compromise | | | security |...
SuSE 10 Security Update : Mozilla XULRunner (ZYPP Patch Number 6616)
The Mozilla XULRunner engine was updated to version 1.9.0.15 to fix various bugs and security issues. The following security issues have been fixed : - Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to...
Cross-origin data theft through document.getSelection() — Mozilla
Security researcher Gregory Fleischer reported that text within a selection on a web page can be read by JavaScript in a different domain using the document.getSelection function, violating the same-origin policy. Since this vulnerability requires user interaction to exploit, its severity was...
Blue Moon Security Advisory 2009-04
BLUE MOON SECURITY ADVISORY 2009-04 =================================== :Title: Remote Denial of Service in Internet Explorer :Severity: Moderate :Reporter: Blue Moon Consulting :Products: Internet Explorer 7 and 8 :Fixed in: -- Description ----------- We could not find out the definitive...
CVE-2009-0916
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."...
Information stealing via loadBindingDocument — Mozilla
Mozilla developer Boris Zbarsky reported that XBL bindings could be used to read data from other domains, a violation of the same-origin policy. The severity of this issue was determined to be moderate due to several mitigating factors:...
Information stealing via local shortcut files — Mozilla
Security researcher Liu Die Yu of TopsecTianRongXin reported that locally saved .url shortcut files could be used to read information stored in the local cache. An attacker could use this vulnerability to steal information from a victim's browser cache if they were able to get the victim to...
Moderate: Red Hat Security Advisory: gnutls security update
Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GnuTLS library provides support for cryptographic algorithms and for protocols such as...
Microsoft Security Bulletin MS08-056 - Moderate Vulnerability in Microsoft Office Could Allow Information Disclosure (957699)
Microsoft Security Bulletin MS08-056 - Moderate Vulnerability in Microsoft Office Could Allow Information Disclosure 957699 Published: October 14, 2008 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft Office. The...
SECOBJADV-2008-02: Cygwin Installation and Update Process can be Subverted Vulnerability
====================================================================== = Security Objectives Advisory SECOBJADV-2008-02 = ====================================================================== Cygwin Installation and Update Process can be Subverted Vulnerability...
AST-2008-004: Format String Vulnerability in Logger and Manager
Asterisk Project Security Advisory - AST-2008-004 +------------------------------------------------------------------------+ | Product | Asterisk | |--------------------+---------------------------------------------------| | Summary | Format String Vulnerability in Logger and Manager |...
Moderate: htdig security update
3:3.2.0b6-4 - CVE-2007-6110...
AKLINK-SA-2007-002.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ ||| Security Advisory AKLINK-SA-2007-002 ||| ||| CVE-2007-1363 CVE candidate ||| ||| CVE-2007-1364 CVE candidate ||| ============================================ DropAFew - Multiple vulnerabilities SQL...
Cross Site Scripting holes found in Horde 3.0
Hyperdose Security Advisory Name: Cross Site Scripting holes found in Horde 3.0 Systems Affected: Horde 3.0 installations Severity: Moderate Author: Robert Fly - [email protected] Advisory URL: http://www.hyperdose.com/advisories/H2005-01.txt --Horde Description-- The Horde Application Framewo...
sphpBlog037.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Simple PHP Blog directory traversal vulnerability Vulnerability discovery: Madelman Date: 02/01/2005 Severity: Moderate Summary: - -------- I started this project because I wanted a dead-simple blog. Something that didn't require a database, us...
Microsoft Security Bulletin MS04-018
Microsoft Security Bulletin MS04-018 Cumulative Security Update for Outlook Express 823353 Issued: July 13, 2004 Version: 1.0 Summary Who should read this document: Customers who use Microsoft® Outlook Express® Impact of Vulnerability: Denial of Service Maximum Severity Rating: Moderate...
Microsoft Security Bulletin MS04-008
Microsoft Security Bulletin MS04-008 Vulnerability in Windows Media Services Could Allow a Denial of Service 832359 Issued: March 9, 2004 Version: 1.0 Summary Who Should Read This Document: Customers who are using Microsoft® Windows® 2000 Impact of Vulnerability: Denial of Service Maximum Severit...