Debian DSA-1615-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2785 It was discovered that missing boundary checks on a reference counter for CSS objects...

MS Internet Explorer COM Objects File Download Exploit (MS05-038)

No description provided by source. /+++++++++++++++++++++++++++++++++++++++++++++++ Ms05 038 exploit POC Write By ZwelL 2005 8 11 http://www.donews.net/zwell [email protected] Some code belongs to Lioncnhonker, regards to him. This code tested on Windows 2003...

CVE-2008-2976

Multiple directory traversal vulnerabilities in TinX/cms 1.1, when registerglobals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the 1 language parameter to a includeme.php, b admin/ajax.php, and c...

CVE-2008-2975

The CVE-2008-2975 vulnerability affects TinX/cms 1.1, specifically the admin/objects/obj_image.php component. It is a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via the language parameter. The NVD lists a MEDIUM severity (CVSSv2 4.3) with n...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox

Overview Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's ali...

Ruby contains a vulnerability that prevents safe level 4 from functioning as a sandbox.

Overview Safe level is a security model provided by Ruby language that limits the operation of untrusted objects. A vulnerability that allows an attacker to bypass the safe level restrictions and execute inaccessible methods ex. destructive methods was confirmed. Impact An attacker may be able to...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values...

Microsoft Publisher memory corruption

.PUB files memory corruption on embedded objects parsing...

xpdf: embedded font vulnerability

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...

Business Objects Infoview - cms Cross-Site Scripting

Business Objects Infoview - cms Cross-Site Scripting source: https://www.securityfocus.com/bid/28762/info Business Objects is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input via the Infoview web portal. An attacker may leverage...

Business Objects Infoview - 'cms' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28762/info Business Objects is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input via the Infoview web portal. An attacker may leverage this issue to execute arbitrary script code in the...

Python stringobject.c多个远程溢出漏洞

BUGTRAQ ID: 28749 Python是一种开放源代码的脚本编程语言。 Python的核心API提供了多个用于分配字符串对象的函数，其中一个API调用允许分配或重新分配PyStringObject，这个函数为PyStringFromStringAndSize，该函数获取了两个参数，分别为一个指针和一个有符整数。如果指针非空的话，就会将指向该指针的内存重新分配为第二个参数所指定的大小；如果指针为空，就会分配整数所指定的字节数并返回。 在这个操作期间，没有验证第二个参数是否为负数，而该值与PyStringObject的大小相加并用作了分配函数的长度，可能导致错误的内存分配。...

Adobe Flash Player 89.0.x - .SWF File DeclareFunction2 ActionScript Tag Remote Code Execution

Adobe Flash Player 89.0.x - .SWF File DeclareFunction2 ActionScript Tag Remote Code Execution source: https://www.securityfocus.com/bid/28694/info Adobe Flash Player is prone to a remote code-execution vulnerability when handling certain embedded ActionScript objects. An attacker may exploit this...

CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet...

DEBIAN-CVE-2008-1515

The SOAP interface in OTRS 2.1.x before 2.1.8 and 2.2.x before 2.2.6 allows remote attackers to "read and modify objects" via SOAP requests, related to "Missing security checks."...

Stack overflow

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors...

Apple Safari 3.1之前版本多个安全漏洞

BUGTRAQ ID: 28290 CVECAN ID: CVE-2008-1011,CVE-2008-1010,CVE-2008-1009,CVE-2008-1008,CVE-2008-1007,CVE-2008-1006,CVE-2008-1005,CVE-2008-1004,CVE-2008-1003,CVE-2008-1002,CVE-2008-1001,CVE-2008-0050 Safari是苹果家族操作系统默认所捆绑的WEB浏览器。 Safari的3.1版修复了多个安全漏洞，具体如下： CVE-2008-0050 恶意的HTTPS代理服务器可能在502 Bad...

CVE-2007-6254

CVE-2007-6254 involves a stack-based buffer overflow in the SAP BusinessObjects RptViewerAX ActiveX control (RptViewerAX.dll) for BusinessObjects 6.5, prior to CHF74. The overflow in the RptViewerAX ActiveX control can allow a remote attacker to execute arbitrary code, with exploitation described...