Make anonymiser more strict about the translation of values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-12420. panel the anonymiser replaces letter and number characters in string values during xml backup. A more strict anonymiser would replace...

Make anonymiser more strict about the translation of values

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-12420. panel the anonymiser replaces letter and number characters in string values during xml backup. A more strict anonymiser would replace...

Integer overflow

Multiple vulnerabilities in 1 bank.php, 2 landfill.php, 3 outposts.php, 4 tribes.php, 5 house.php, 6 tribearmor.php, 7 tribeastral.php, 8 tribeware.php, and 9 includes/head.php in Bartek Jasicki Vallheru before 1.3 beta have unknown impact and remote attack vectors, probably related to large...

CVE-2007-1408

CVE-2007-1408 concerns multiple vulnerabilities in the Vallheru project by Bartek Jasicki (before 1.3 beta), affecting files: bank.php, landfill.php, outposts.php, tribes.php, house.php, tribearmor.php, tribeastral.php, tribeware.php, and includes/head.php. The entry notes unknown impact and remo...

MS Windows (.doc File) Malformed Pointers Denial of Service Exploit

No description provided by source. / Microsoft Windows .doc File Malformed Pointers DoS &...

Microsoft Windows - .doc Malformed Pointers Denial of Service

Microsoft Windows - .doc Malformed Pointers Denial of Service /\ Microsoft Windows .doc File Malformed Pointers DoS Just move your mouse on the file and explorer crashes. If it does not try to look at file properties. Bug comes from Ole32.dll: CMP DWORD PTR DS:EAX+EBX,3 and we can set EAX, EDX an...

CVE-2005-4831

viewcvs in ViewCVS 0.9.2 allows remote attackers to set the Content-Type header to arbitrary values via the content-type parameter, which can be leveraged for cross-site scripting XSS and other attacks, as demonstrated using 1 "text/html", or 2 "image/jpeg" with an image that is rendered as HTML ...

DovX Web Player ActiveX DoS

Crash on large 'resize' method values...

DBImageGallery 1.2.2 (donsimg_base_path) RFI Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ DBImageGallery 1.2.2 donsimgbasepath RFI Vulnerabilities ============================================================ DBImageGallery 1.2.2 Found by Denven ERROR:...

Microsoft Visual Studio 64-bit time functions DoS

Invalid use of assert-style macro causes application termination for timet values behind MAXTIME64T January, 1 3000...

PT-2007-2285 · Microsoft · Visual C++ 8.0 Standard Library

Name of the Vulnerable Software and Affected Versions: Microsoft Visual C++ 8.0 standard library MSVCR80.DLL version 8.0 Description: The 64-bit versions of Microsoft Visual C++ 8.0 standard library time functions, including localtime, localtime s, gmtime, gmtime s, ctime, ctime s, wctime, wctime...

Cross site scripting

Cross-site scripting XSS vulnerability in the IFrame module before 03.02.01 for DotNetNuke DNN allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "Pass through values."...

security flaw

Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...

intel-race.txt

Title: Intel 2200BG 802.11 Beacon frame Kernel Memory Corruption Description: The intel wireless mini-pci driver provided with Intel 2200BG cards is vulnerable to a remote race condition memory corruption flaw. Malformed beacons frame can be used to corrupt internal kernel structures,leading to...

CVE-2006-6309

Multiple array index errors in IBM Tivoli Storage Manager TSM before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service crash via a large index value in unspecified messages, a different issue than CVE-2006-5855...

Apple Airport 802.11 Probe Response Kernel Memory Corruption PoC

No description provided by source. A proof-of-concept exploit has been added to the Metasploit Framework 3.0 source tree: msf use auxiliary/dos/wireless/daringphucball require 'msf/core' module Msf class Auxiliary::Dos::Wireless::DaringPhucball Msf::Auxiliary include Exploit::Lorcon def...

[Reversemode Advisory] Apple Quicktime FLIC File Heap Overflow

Hi, Apple Quicktime = 7.1 is prone to a heap overflow vulnerability. This flaw could lead to a remote code execution,if an attacker tricks the victim to visit a malicious webpage with a specially crafted .fli animation embedded. The flaw is located within the "COLOR64 chunk" Quicktime parser. Sin...

powerzip-exp.txt

/ PowerZip 7.06 Exploit by bratax http://www.bratax.be/ Just a quick one as I was able to reuse most of my zipcentral eploit code.. Greetz to everyone I like...special greetz to mobbie and DT as they were sad I didn't mention them the previous time :p Some technical info: - Original advisory +...

CVE-2006-4447

X.Org and XFree86, including libX11, xdm, xf86dga, xinit, xload, xtrans, and xterm, does not check the return values for setuid and seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail, such as by exceeding a ulimit...

DEBIAN-CVE-2006-4144

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via large 1 bytesperpixel, 2 columns, and 3 rows values, which trigger a heap-based buffer overflow...