CVE-2012-6662

Cross-site scripting XSS vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo...

The Windows Kerberos vulnerability details becoming clearer-vulnerability warning-the black bar safety net

The day before yesterday, Microsoft's unconventional update fixes a particularly serious defect: any login to the domain where the users can be their own elevated privileges to other users privileges, even including the domain administrator privileges. The author from the pre-notification informe...

MantisBT XmlImportExport Plugin PHP Code Injection

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'MantisBT XmlImportExport Plugin PHP Code Injection Vulnerability', 'Description' = %q This module exploits a post-auth vulnerability...

USN-2408-1 neutron vulnerability

Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values...

RHEL 5 : redhat-ds-base (RHSA-2013:1116)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1116 advisory. Red Hat Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol LDAP server and...

OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an...

OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an...

OpenJDK: XML parsing Denial of Service (JAXP, 8017298)

A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an...

Microsoft Internet Explorer Title attribute Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

libXp: Integer overflow leading to heap-based buffer overflow

Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XpGetAttributes, 2 XpGetOneAttribute, 3 XpGetPrinterList, and 4 XpQueryScreens functions...

F5 Networks BIG-IP : HTTP cookie vulnerability (SOL15406)

The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server. CVE-2004-0462 C Tenable Network Security, Inc. The...

DEBIAN-CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

Stack overflow

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

CVE-2014-6055

Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a 1 long file or 2 directory name or the 3 FileTime attribute in a...

phpyun多漏洞组合写shell(有条件限制)

简要描述： phpyun多漏洞组合写shell有条件限制 详细说明： 1. Phpyun的后台基本都有token。 之所以说基本，是因为还漏掉了一个关键的地方。 Phpyun的管理员帐号密码都在phpyunadminuser表中。 用上面的方法进行备份，是没有token的 限制条件 http://wooyun.org/bugs/wooyun-2014-064004 感谢u神 然后如下。 2. 好的，再来说如果实现上面这个get的问题。 我们注册一个企业用户。 然后在添加一个表情，然后修改图片属性，地址。...

Design/Logic Flaw

IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended...

Microsoft Internet Explorer 'CAttrValue' Style Attribute Remote Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...

Design/Logic Flaw

The Android WebView in Android before 4.4 allows remote attackers to bypass the Same Origin Policy via a crafted attribute containing a \u0000 character, as demonstrated by an onclick="window.open'\u0000javascript: sequence to the Android Browser application 4.2.1 or a third-party web browser...

PHPOK 存储型 xss两处

简要描述： 前台功能存在存储型 xss，可攻击后台，获取管理员权限。 详细说明： 第一处xss漏洞： 留言功能。 后台的输出点有一处输出如下： 可以看出，我们留言的标题直接输出在 onclick 事件中了，可简单构造 '+alert1+'，管理员删除留言时触发： 此时输出： 第二处xss漏洞： PHPOK 过滤 XSS 的函数如下： function safehtml$info if!$info return false; $tmp = "//isU"; $info = pregreplace$tmp,"",$info; //$info =...

CVE-2014-1552

Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect...