python-wrapper untrusted search path/code execution

Exploit for python platform in category local exploits Exploit Title: python-wrapper untrusted search path/code execution vulnerability Date: 06-30-12 Exploit Author: ShadowHatesYou Vendor Homepage: python.org Software Link: http://python.org/download/ Version: Python 2.7.3 and earlier Tested on:...

OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to...

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Debian DSA-2356-1 : openjdk-6 - several vulnerabilities (BEAST)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform : - CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode. - CVE-2011-3521 The CORBA implementation contains a...

[SECURITY] [DSA 2356-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2356-1 [email protected] http://www.debian.org/security/ Florian Weimer December 01, 2011 http://www.debian.org/security/faq -...

Ubuntu: Security Advisory (USN-1263-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to...

OpenJDK: missing SecurityManager checks in scripting engine (Scripting, 7046823)

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to...

MS10-022: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169)

The installed version of the VBScript Scripting Engine allows an attacker to specify a Help file location when displaying a dialog box on a web page. If a user can be tricked into pressing the F1 key while such a dialog box is being displayed, an attacker can leverage this to cause the Windows He...

Microsoft JScript Scripting Engine Remote Code Execution Vulnerability (971961)

This host is missing a critical security update according to Microsoft Bulletin MS09-045. OpenVAS Vulnerability Test $Id: secpodms09-045.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft JScript Scripting Engine Remote Code Execution Vulnerability 971961 Authors: Nikita MR Added JScript 5.7 on...

Remote code execution

The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruptio...

CVE-2009-1920

The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruptio...

CVE-2009-1920

The CVE-2009-1920 vulnerability is a remote code execution flaw in the JScript scripting engine (JScript.dll) used by Internet Explorer. It arises from the engine’s handling of decoded scripts loaded into memory, where memory corruption can occur and allow arbitrary code execution when a user vis...

JScript Scripting Engine Web Pages Decoding Code Execution (MS09-045; CVE-2009-1920)

JScript is an interpreted, object-based scripting language that is often used to make Web sites more flexible or interactive. A remote code execution vulnerability has been reported in the way that the JScript scripting engine decodes script in Web pages. The vulnerability is due to a memory...

MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961)

The remote host is running a version of Windows that contains a flaw in its JScript scripting engine. An attacker may be able to execute arbitrary code on the remote host by constructing a malicious JScript and enticing a victim to visit a web site or view a specially crafted email message. C...

banner NSE Script

A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds. The banner will be truncated to fit into a single line, but an extra line may be printed for every increase in the level of verbosity requested on the command line...

CVE-2006-0830

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service resource consumption and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetti...

CVE-2006-0830

The scripting engine in Internet Explorer allows remote attackers to cause a denial of service resource consumption and possibly execute arbitrary code via a web page that contains a recurrent call to an infinite loop in Javascript or VBscript, which consumes the stack, as demonstrated by resetti...

CVE-2006-0830

CVE-2006-0830 affects the Internet Explorer scripting engine. A web page triggering a recurrent infinite loop in Javascript or VBScript can consume stack space, potentially causing a denial of service and, per the description, may allow arbitrary code execution by resetting the loop’s location va...