LizardTech DjVu Browser Plug-in buffer overflow vulnerabilities

Overview The LizardTech DjVu Browser Plug-in contains multiple buffer overflows, which could allow an attacker to execute arbitrary code on a vulnerable system. Description The LizardTech DjVu Browser Plug-in is an application that allows the user to view DjVu documents in a web browser. It is...

MD5Crack 4.0-vulnerability warning-the black bar safety net

I always prefer MD5Crack, today to see the author publish a new version, with a relatively large update. MD5Crack 4.0 in the retention MD5Crack features on the basis of the re-modified the entire framework. All the code are rewritten. The rewrite is mainly a logic portion and a UI portion for the...

Denial of service

The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service server outage...

CVE-2007-0424

Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server before September 2006 for Netscape Enterprise Server allow remote attackers to cause a denial of service via certain requests that trigger errors that lead to a server being marked as unavailable,...

CVE-2007-0419

The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service server outage...

CVE-2007-0419

The CVE-2007-0419 issue affects the BEA WebLogic Server proxy plug-in for the Apache HTTP Server (pre June 2006). The root cause is improper handling of protocol errors in the plug-in, which can allow remote attackers to cause a denial of service (server outage). The vulnerability description not...

CVE-2007-0419

The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of service server outage...

Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability

No description provided by source. Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a user's browser session in context o...

Adobe Acrobat Reader Plugin 7.0.x - acroreader Cross-Site Scripting

Adobe Acrobat Reader Plugin 7.0.x - acroreader Cross-Site Scripting Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a...

Adobe Acrobat Reader Plugin <= 7.0.x (acroreader) XSS Vulnerability

Exploit for unknown platform in category remote exploits =================================================================== Adobe Acrobat Reader Plugin = 7.0.x acroreader XSS Vulnerability =================================================================== Stefano Di Paola http://www.wisec.it/...

Adobe PDF Plug-In < 8.0 / 7.0.9 / 6.0.6 Multiple Vulnerabilities (APSB07-01)

The version of Adobe PDF Plug-In installed on the remote host is earlier than 8.0 / 7.0.9 / 6.0.6 and reportedly fails to properly sanitize input to the 'FDF', 'XML', or 'XFDF' fields used by its 'Open Parameters' feature. By tricking a user into accessing a specially crafted link and depending o...

Adobe Acrobat Reader Plugin 7.0.x - &#039;acroreader&#039; Cross-Site Scripting

Stefano Di Paola http://www.wisec.it/ From Secunia: Input passed to a hosted PDF file is not properly sanitised by the browser plug-in before being returned to users. This can be exploited to execute arbitrary script code in a user's browser session in context of an affected site. Example: -...

Adobe Acrobat Plug-In cross domain violation

Overview The Adobe Acrobat Plug-In fails to properly validate user-supplied content, which may allow for cross-site scripting. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view...

IBM多个产品未明信任书伪造漏洞

IBM包含多系列产品，如IBM Tivoli，IBM WebSphere等。 IBM多个产品存在信任书伪造问题，远程攻击者可以利用这个漏洞访问资源和数据或可能控制应用程序。 目前报告此问题可以使攻击者利用COOKIE或伪造其他信任用户未授权访问资源，目前没有详细漏洞细节提供。 IBM Tivoli Access Manager for e-business 5.1 IBM Tivoli Access Manager for e-business 4.1 IBM Tivoli Access Manager for e-business 3.9 IBM Tivoli Access Manag...

Malware and anti-malware technical analysis-vulnerability warning-the black bar safety net

Malware technology of all kinds, of any one function are likely to become a rogue technology, just like weapons, with the good may justice, with a crooked but become evil accomplice. First of all, I From win32 under some rogue bus analysis start: 1. I want to be a malware, the first thing to do i...

CVE-2006-4302

The Java Plug-in J2SE 1.3.002 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities...

CVE-2006-4302

CVE-2006-4302 affects the Java Plug-in J2SE 1.3.0_02–5.0 Update 5, and Java Web Start 1.0–1.2 and J2SE 1.4.2–5.0 Update 5. Remote attackers could exploit vulnerabilities by specifying a JRE version that contains vulnerable components. The available documents do not provide concrete exploit detail...

CVE-2006-4302

The Java Plug-in J2SE 1.3.002 through 5.0 Update 5, and Java Web Start 1.0 through 1.2 and J2SE 1.4.2 through 5.0 Update 5, allows remote attackers to exploit vulnerabilities by specifying a JRE version that contain vulnerabilities...

Netscape/K-Meleon/Flock JavaScript navigator Vulnerability

Description: The newest versions of Netscape, K-Meleon and Flock browsers are affected to JavaScript navigator vulnerability described in http://browserfun.blogspot.com/2006/07/mobb-28-mozilla-navigator-object.html and Mozilla Foundation Security Advisory 2006-45. When method used in a web page...

Sun Java Runtime Environment 1.3/1.4/1.5 - Nested Array Objects Denial of Service

source: https://www.securityfocus.com/bid/18058/info The Sun Java Runtime Environment is vulnerable to a denial-of-service vulnerability. This issue is due to the software's failure to handle exceptional conditions. This issue is reported to affect Java Runtime Environment versions up to 1.4.211...