Inherit Edit Restrictions for Child Pages

panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-26446. panel As it said in Documentation for Page Restrictions|https://confluence.atlassian.com/display/DOC/Page+Restrictions:...

FreeBSD Ports: mantis

The remote host is missing an update to the system as announced in the referenced advisory. VID 55587adb-b49d-11e1-8df1-0004aca374af OpenVAS Vulnerability Test $ Description: Auto generated from VID 55587adb-b49d-11e1-8df1-0004aca374af Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. CVE-2010-1200 A flaw was found in the way browser plug-ins interac...

Threat Outbreak Alert: Fake Anti-Phishing Email Messages on March 9, 2015

Low Alert ID: 26510 First Published: 2012 July 30 22:05 GMT Last Updated: 2015 March 10 11:01 GMT Version: 32 Summary Cisco Security has detected significant activity related to spam email messages that claim to be from the antiphishing.org support team. The message claims the recipient's system...

WordPress Plugin Resume Submissions & Job Postings 2.5.1 - Unrestricted Arbitrary File Upload

Exploit Title: WordPress Resume Submissions & Job Postings v2.5.1 Unrestricted File Upload Date: 7/9/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.geerservices.com/ Software Link: http://downloads.wordpress.org/plugin/resume-submissions-job-postings.2.5.1.zip Version: 2.5.1...

Debian DSA-2500-1 : mantis - several vulnerabilities

Several vulnerabilities were discovered in Mantis, an issue tracking system. - CVE-2012-1118 Mantis installation in which the privatebugviewthreshold configuration option has been set to an array value do not properly enforce bug viewing restrictions. - CVE-2012-1119 Copy/clone bug report actions...

Threat Outbreak Alert: Fake DHL Express Tracking Notification Email Messages on February 3, 2014

Medium Alert ID: 26262 First Published: 2012 June 27 20:46 GMT Last Updated: 2014 February 4 13:56 GMT Version: 26 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a DHL Express tracking notification for the recipient. The text in the...

Trojan.Milicenso Print Bomb - Printer Trojan cause massive printing

Trojan.Milicenso - Printer Trojan cause massive printing A Trojan that sends printers crazy, making them print pages of garbled nonsense until all the paper has been used up, has seen a spike in activity.Symantec detected the Trojan.Milicenso across various countries, but the worst hit regions...

CVE-2012-2692

MantisBT before 1.2.11 does not check the deleteattachmentsthreshold permission when formsecurityvalidation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments...

Design/Logic Flaw

MantisBT before 1.2.11 does not check the deleteattachmentsthreshold permission when formsecurityvalidation is set to OFF, which allows remote authenticated users with certain privileges to bypass intended access restrictions and delete arbitrary attachments...

DEBIAN-CVE-2012-1253

Cross-site scripting XSS vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embedded image attachment...

E-mail Trends Show Hackers Working Weekends Less and Less

While there are an increasing number of weekends catered to hacking, even hackers need a day off – and it shouldn’t surprise many that increasingly, that day is usually Sunday. Network security company FireEye reviewed statistics on email-based attacks for 2012 that suggest that Sunday has slowed...

User can upload attachments to restricted pages that adopt restrictions from parent page

Users that should have no access to restricted pages that adopt restrictions from the parent page are able to upload attachments if they know the page ID. How to reproduce: 1. Create 2 users, user1 and user2 2. Create a page with user1 and set the page view and edit restrictions to "Me" 3. Create...

Threat Outbreak Alert: Fake Picture Link Email Messages on September 16, 2013

Low Alert ID: 25964 First Published: 2012 May 18 17:00 GMT Last Updated: 2013 September 17 14:05 GMT Version: 78 Summary Cisco Security has detected significant activity related to spam email messages. The text in the email message instructs the recipient to follow a link or open an attachment...

XSS Vulnerabilities in JIRA Attachments?

At the current moment, JIRA do not have any restrictions for attachment files, which allows users to upload malicious file into JIRA issues. This can be a problem when we open an attachments using Mozilla Firefox, since the browser allows us to open attachments using web browser. The steps to...

XSS Vulnerabilities in JIRA Attachments?

At the current moment, JIRA do not have any restrictions for attachment files, which allows users to upload malicious file into JIRA issues. This can be a problem when we open an attachments using Mozilla Firefox, since the browser allows us to open attachments using web browser. The steps to...

XSS Vulnerabilities in JIRA Attachments?

At the current moment, JIRA do not have any restrictions for attachment files, which allows users to upload malicious file into JIRA issues. This can be a problem when we open an attachments using Mozilla Firefox, since the browser allows us to open attachments using web browser. The steps to...

DNSChanger Malware

UPDATE: On March 5, 2012, a federal judge agreed to allow more time for organizations and individuals to clean systems of the DNSChanger malware and extended the deadline for shutting off servers that had been keeping infected computers connected to the internet. Although the new deadline is July...

Wordpress Auto Attachments 0.2.9 File Upload

File upload vulnerability in Wordpress Auto Attachments plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Ongoing Targeted Attack Campaign Going After Defense, Aerospace Industries

Researchers have identified a strain of malware that’s being used in a string of targeted attacks against defense contractors, government agencies and other organizations by leveraging exploits against zero-day vulnerabilities. The attacks may have been going on since 2009 in some form and the...