Mac OS X 10.6 < 10.6.5 Multiple Vulnerabilities

Versions of Mac OS X 10.6 earlier than 10.6.5 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.5 contains security fixes for the following products : - AFP Server - Apache modperl - Apache - AppKit - ATS - CFNetwork - CoreGraphics - CoreText - CUPS - Directory Services -...

OpenJDK HttpURLConnection request splitting (6952017)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

OpenJDK HttpURLConnection request splitting (6952017)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...

Preemptive Protection against Multiple Microsoft Forefront UAG Cross-Site Scripting Vulnerabilities (MS10-089)

Multiple cross-site scripting vulnerabilities have been reported in Microsoft Forefront Unified Access Gateway UAG. Microsoft Forefront UAG is a virtual private networking solution that provides secure remote access to corporate networks for remote employees and business partners. It incorporates...

Creator Defends FireSheep: App Does More Good Than Harm

One of a pair of developers who created FireSheep, a Firefox browser plug-in that makes it easy to snoop on others’ social networking sessions, has written a blog post defending his creation, saying it has helped elevate discussion about security on the Web. In a post on his blog, Eric Butler, a...

Week in Security: Toorcon and SecTor Wrap-up, Bugs and Stuxnet Stances

Autumn conferences grabbed the headlines this week as presentations at the Toorcon Conference in San Diego and SecTor in Toronto wrapped up October, with revelations about the vulnerability of social networking sessions and critical infrastructure headlining. In San Diego, talks at Toorcon came...

Alstrasoft E-Friends 4.96 Local File Inclusion / Shell Upload / SQL Injection

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions Affected 4.96 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-27 X. INDEX I. ABOUT THE...

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions Affected 4.96 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-27 X. INDEX I. ABOUT THE...

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities

Exploit for php platform in category web applications ========================================================= AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities ========================================================= Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions...

Oracle Java SE Multiple Vulnerabilities (Windows)

This host is installed with Oracle Java JDK/JRE and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbsunjavasemultvulnoct10win.nasl 11742 2010-10-25 15:43:20Z oct$ Oracle Java SE Multiple Vulnerabilities Windows Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

OpenJDK local network address disclosure (6952603)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors...

OpenJDK HttpURLConnection request splitting (6952017)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities

AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions Affected 4.96 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-27 X. INDEX I. ABOUT THE...

Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities

Alstrasoft e-Friends 4.96 - Multiple Vulnerabilities AlstraSoft E-Friends 4.96 Multiple Remote Vulnerabilities Name AlstraSoft E-Friends Vendor http://www.alstrasoft.com Versions Affected 4.96 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at...

Plugin, FireSheep, Lays Open Web 2.0 Insecurity

HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...

OpenJDK local network address disclosure (6952603)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.227 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2010-3560

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors...

CVE-2010-3573

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU...