CentOS Update for firefox CESA-2009:0436 centos5 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2009:0436 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Cross-site Request Forgery (CSRF) Vulnerabilities in phpList

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in phpList which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF vulnerabilities in phpList 1.1 The vulnerability exists due to insufficient validation of the request origi...

AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow

This module exploits a buffer overflow vulnerability in opcode 21 handled by rpc.cmsd on AIX. By making a request with a long string passed to the first argument of the "rtablecreate" RPC, a stack based buffer overflow occurs. This leads to arbitrary code execution. NOTE: Unsuccessful attempts ma...

HP LoadRunner 9.0 ActiveX AddFolder Buffer Overflow

This module exploits a stack buffer overflow in Persits Software Inc's XUpload ActiveX controlversion 2.1.0.1 thats included in HP LoadRunner 9.0. By passing an overly long string to the AddFolder method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-334)

This update brings the Mozilla Firefox browser to version 3.0.4. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for...

SopCore控件SetExternalPlayer()方式任意代码执行漏洞

BUGTRAQ ID: 33920 SopCore是一个视频播放插件，安装后可以观看TvBaby的网络电视。 SopCore控件的SetExternalPlayer函数没有正确地验证ExternalPlayer属性参数，如果用户受骗访问了恶意网页，就可能将任意可执行文件关联到“外部播放器”按键上。之后当用户点击该按键时，就会未经提示便执行该文件。 Sopcast SopCore Control 3.0.3.501 厂商补丁： Sopcast ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Gentoo Security Advisory GLSA 200803-13 (vlc)

The remote host is missing updates announced in advisory GLSA 200803-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2003-0391

The CVE-2003-0391 entry describes a format-string vulnerability in Magic WinMail Server 2.3 (and possibly other 2.x versions) that allows remote attackers to crash the service and potentially execute arbitrary code via format specifiers processed in the PASS/USER flow. The weakness occurs when ha...