CVE-2011-2385

The iPhoneHandle package 0.9.x before 0.9.7 and 1.0.x before 1.0.3 in Open Ticket Request System OTRS does not properly restrict use of the iPhoneHandle interface, which allows remote authenticated users to gain privileges, and consequently read or modify OTRS core objects, via unspecified vector...

RootRepeal – Rootkit Detector v1.3.5 Download Now

RootRepeal – Rootkit Detector v1.3.5 Download Now RootRepeal is a new rootkit detector currently in public beta. It is designed with the following goals in mind: Easy to use – a user with little to no computer experience should be able to use it. Powerful – it should be able to detect all publicl...

PT-2011-3445 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista versions SP1 and SP2 Microsoft Windows Server 2008 versions Gold, SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1...

Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code...

Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within vgx.dll while...

java security update

CentOS Errata and Security Advisory CESA-2011:0857 Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring Syst...

Tom Sawyer Software GET Extension Factory COM Object Instantiation Memory Corruption

Tom Sawyer Software's GET Extension Factory, a component used for graph visualization applications, is installed on the remote Windows host. It may have been bundled with a third-party application, such as the VMware Infrastructure Client or Embarcadero ER / Studio XE2. The installed version of...

Nmap NSE net: rmi-dumpregistry

Connects to a remote RMI registry and attempts to dump all of its objects. First it tries to determine the names of all objects bound in the registry, and then it tries to determine information about the objects, such as the the class names of the superclasses and interfaces. This may, depending ...

Information disclosure

The implementation of OutputMediator objects in IBM WebSphere Portal 6.0.1.7, and 7.0.0.1 before CF002, allows remote authenticated users to cause a denial of service memory consumption via requests...

VulnCheck KEV: CVE-2011-1345

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, as demonstrated by Stephen Fewer as the first of three chained...

Google Fixes Two Chrome Bugs, Adds Flash 10.3 to Browser

Google has released an updated version of its Chrome browser, which includes fixes for two security vulnerabilities as well as a new version of the Adobe Flash player. The latest version of Chrome is just a small incremental update of the browser, and there were no bugs found by external...

CVE-2011-1303

Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

CVE-2011-1303

Google Chrome before 11.0.696.57 does not properly handle floating objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

Microsoft Collaboration Data Objects Buffer Overflow (MS05-048; CVE-2005-1987)

Microsoft Collaboration Data Objects CDO are a set of COM objects made for the IIS SMTP service and Exchange servers that provide the ability to build messaging and collaboration applications. A buffer overflow vulnerability exists in Microsoft Collaboration Data Objects. The vulnerability is...

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll aka AuthPlayLib.bundle in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x...

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll aka AuthPlayLib.bundle in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x...

Wireshark 1.5.1 Development Release !

Wireshark 1.5.1 Development Release ! Wireshark 1.5.1 has been released. Installers for Windows, OS X, and source code are now available. New and Updated Features The following features are new or have been significantly updated since version 1.4: 1. Wireshark can import text dumps, similar to...

[SECURITY] Fedora 15 Update: rubygem-activerecord-3.0.5-1.fc15

Implements the ActiveRecord pattern Fowler, PoEAA for ORM. It ties databa se tables and classes together for business objects, like Customer or Subscription, that can find, save, and destroy themselves without resorting to manual SQL...

CVE-2009-5064

ldd in the GNU C Library aka glibc or libc6 2.13 and earlier allows local users to gain privileges via a Trojan horse executable file linked with a modified loader that omits certain LDTRACELOADEDOBJECTS checks. NOTE: the GNU C Library vendor states "This is just nonsense. There are a gazillion...

CVE-2011-1205

The CVE-2011-1205 entry concerns multiple buffer overflows in unspecified COM objects within IBM Rational licensing components used by Rational ClearCase 7.0.0.4–7.1.1.4, ClearQuest 7.0.0.4–7.1.1.4, and related products. The root cause is buffer overflows in COM objects that can be triggered by r...