Important: Red Hat Security Advisory: mingw32-libxml2 security update

Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat Enterprise Linux 6.4. T...

RedHat Update for libxml2 RHSA-2012:0017-01

Check for the Version of libxml2 OpenVAS Vulnerability Test RedHat Update for libxml2 RHSA-2012:0017-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Important: Red Hat Security Advisory: libxml2 security update

Updated libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

Low: Red Hat Security Advisory: libxml2 security and bug fix update

Updated libxml2 packages that fix several security issues and various bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

[Bkis] sNews 1.7.1 XSS vulnerability

General Information sNews is a free content management system CMS written in PHP and MySQL. It is available at http://snewscms.com/. In April 2011, Bkis Security discovered an XSS Cross-site Scripting vulnerability in sNews CMS version 1.7.1 Taking advantage of this vulnerability, hacker might...

[Bkis-02-2010] Multiple Vulnerabilities in CMS Made Simple - Bkis

Bkis-02-2010 Multiple Vulnerabilities in CMS Made Simple 1. General information CMS Made Simple is a free content management system CMS written in PHP, available at www.cmsmadesimple.org. In March, 2010, Bkis Security discovered some XSS and CSRF vulnerabilities in CMS Made Simple 1.7.1. Taking...

[Bkis-01-2010] Multiple Vulnerabilities in BigAce - Bkis

Multiple Vulnerabilities in BigAce 1. General Information BigAce is a free content management software CMS written in PHP, and is available at http://www.bigace.de. In April 2010, Bkis Security discovered an XSS and CSRF vulnerability in BigAce 2.7.1. Taking advantage of this vulnerability, hacke...

[Bkis-12-2009] eoCMS SQL injection vulnerability - Bkis Report

eoCMS SQL injection vulnerability 1. General information eoCMS is an open source code software which is used to develop Internet forum http://eocms.com/. On October 15, 2009, Bkis Security detected a SQL injection vulnerability in some functions of eoCMS. This is a critical vulnerability which...

Photodex ProShow Gold 4 (Windows XP SP3) - .psh Universal Buffer Overflow (SEH)

Photodex ProShow Gold 4 Windows XP SP3 - .psh Universal Buffer Overflow SEH + Vulnerability : ProShow Gold 4 BOF + Detected by : Bkis - http://blog.bkis.com/?p=737 Sploit coded by : corelanc0d3r corelanc0d3ratgmaildotcom Sploit coded on : August 20, 2009 Type : local OS : Windows Product : Photod...

Photodex ProShow Gold 4 (.psh File) Universal BOF Exploit XP SP3 (SEH)

Exploit for unknown platform in category local exploits ====================================================================== Photodex ProShow Gold 4 .psh File Universal BOF Exploit XP SP3 SEH ====================================================================== + Vulnerability : ProShow Gold 4...

Photodex ProShow Gold 4 (Windows XP SP3) - '.psh' Universal Buffer Overflow (SEH)

Vulnerability : ProShow Gold 4 BOF + Detected by : Bkis - http://blog.bkis.com/?p=737 Sploit coded by : corelanc0d3r corelanc0d3ratgmaildotcom Sploit coded on : August 20, 2009 Type : local OS : Windows Product : Photodex ProShow Gold Versions affected : 4.0 Download link :...

Photodex ProShow Gold 4 (.psh File) Universal BOF Exploit XP SP3 (SEH)

No description provided by source. + Vulnerability : ProShow Gold 4 BOF + Detected by : Bkis - http://blog.bkis.com/?p=737 Sploit coded by : corelanc0d3r corelanc0d3ratgmaildotcom Sploit coded on : August 20, 2009 Type : local OS : Windows Product : Photodex ProShow Gold Versions affected : 4.0...

[Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities

Bkis-11-2009 ProShow Gold Buffer Overflow Vulnerabilities 1. General Information ProShow Gold is a software allowing you easily create photo and video slide shows on DVD, PC and Web. Recently, Bkis has just detected vulnerabilities in the software related to the processing of ProShow Slideshow’s...

[Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability

Bkis-06-2009 GOM Player Subtitle Buffer Overflow Vulnerability 1. General Information GOM Player is a popular multimedia player supporting multiple media formats avi, mpeg,…. In March 2009, Bkis has detected a vulnerability in this software. With this vulnerability, users might lose sensible...

GOM Player 2.1.16.6134 - Subtitle Local Buffer Overflow (PoC)

GOM Player 2.1.16.6134 - Subtitle Local Buffer Overflow PoC !/usr/local/bin/perl Title : GOM Player Subtitle Buffer Overflow Vulnerabiltity Discovery by : Bui Quang Minh Tested : GOM Player 2.1.16.6134 Reference : Bkis http://security.bkis.vn/?p=501 PoC : Windows XP Silently Crash and Windows...

[Bkis-04-2009] GOM Encoder Heap-based Buffer Overflow

GOM Encoder Heap-based Buffer Overflow 1. General Information GOM Encoder is a video transcoder that can work with a lot of video formats. One of its functions is embedding subtitles to the video, which means you can see subtitles on the resulting video even if your device doesn't support subtitl...

FeedMon 2.7.0.0 outline Tag Buffer Overflow Exploit PoC

No description provided by source. !usr/bin/perl -w Reference: http://security.bkis.vn/?p=329 http://www.securityfocus.com/bid/33630/info Tested on Windows Server 2003 with FeedMon 2.7.0.0. FeedMon crashes whenever I am trying to Unsubscribe from the maliciousoverlylong feed. Thanx to milw0rm,...

FeedDemon (ver<=2.7) Buffer Overflow Vulnerability

The vulnerability was found in the processing of OPML Outline Processor Markup Language file, which is an XML format for outlines used by RSS reader to store and manage RSS feeds. With OPML, users can easily share their RSS feed lists with others or export these lists to use in other RSS feed...

[SVRT-02-09] FeedDemon (ver<=2.7) Buffer Overflow Vulnerability

Title : FeedDemon Buffer OverFlow Vulnerability 1. General Information FeedDemon is known as the most popular Windows RSS Reader which allows users to view and manage easily RSS feeds from their desktop. In January 2009, SVRT-BKIS detected a buffer overflow vulnerability in this software. Taking...

[Full-disclosure] [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM

MULTI SECURITY VULNERABILITIES IN MVNFORUM 1. General Information mvnForum is software used for creating forums on the Internet http://www.mvnforum.com. This is an open source software making use of Java J2EE ISP/Servlet technology. On September 6 2008, SVRT-Bkis found several CSRF and XSS...