Lucene search
K

867 matches found

ThreatPost
ThreatPost
added 2010/01/06 5:28 p.m.8 views

I Have Only One Security Prediction for 2010

Instead of the usual top ten lists that are all-too-common with predictions for the new year, I have just one: 2010 will be the year of desktop applications handling untrusted data in sandboxed processes, and it will be about time. Since the release of Windows XP SP2, there have been significantl...

0.2AI score
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2009/10/26 12:0 a.m.340 views

NFS Server Superfluous

The remote NFS server is not exporting any shares. Running an unused service unnecessarily increases the attack surface of the remote host. C Tenable Network Security, Inc. Get the export list of the remote host and warns the user if a NFS share is exported to the world. include 'compat.inc' ;...

10CVSS5.5AI score0.0194EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2009/09/25 6:49 p.m.16 views

Microsoft Says Google Chrome Frame is IE Security Risk

Google’s decision to introduce a plug-in that runs Google Chrome inside Microsoft’s Internet Explorer isn’t sitting well with the folks at Redmond. The Google Chrome Frame, which is presented as a seamless way to bring Google Chrome’s open web technologies and speedy JavaScript engine to Internet...

1.1AI score
Exploits0References4
ThreatPost
ThreatPost
added 2009/06/25 8:57 p.m.12 views

Vulnerabilities and Attack Surface

From CERT Will Dormann Two recent US-CERT Vulnerability Notes cert.org describe similar issues in the Adobe Reader and Foxit Reader PDF viewing applications. The vulnerabilities, that both applications failed to properly handle JPEG2000 JPX data streams, were discovered as part of our Vulnerabili...

1.5AI score
Exploits0References4
securityvulns
securityvulns
added 2009/01/19 12:0 a.m.53 views

Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability

Version Affected: Oracle E-Business Suite Release 12, version 12.0.6 Oracle E-Business Suite Release 11i, version 11.5.10.2 CVE: 2008-5446 Description: The oracle E Business including applications like I-Recruitment etc is vulnerable to flaw which leads to sensitive information disclosure about t...

6.7AI score
Exploits0
Prion
Prion
added 2007/03/20 8:19 p.m.20 views

Code injection

Microsoft Windows Vista establishes a Teredo address without user action upon connection to the Internet, contrary to documentation that Teredo is inactive without user action, which increases the attack surface and allows remote attackers to communicate via Teredo...

7.5CVSS7.1AI score0.11793EPSS
Exploits0References6
exploitpack
exploitpack
added 2004/01/20 12:0 a.m.12 views

WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure

WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure source: https://www.securityfocus.com/bid/9460/info The WebTrends Reporting Center management interface discloses installation path information when an invalid argument for an interface URI parameter is requested. This...

7.4AI score
Exploits0
Rows per page
Query Builder