Apple Mac OS X FlashPix文件CVE-2011-3222缓冲区溢出漏洞

Bugtraq ID: 50100 CVE ID：CVE-2011-3222 Apple Mac OS X是苹果公司发布的操作系统。 QuickTime处理FlashPix文件存在缓冲区溢出，构建特制的FLashPix文件可导致未明的应用程序终止或任意代码执行。 Apple Mac OS X Server 10.6.6 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.4 Apple Mac OS X Server 10.6.3 Apple Mac OS X Serve...

FreeBSD : tptest -- pwd Remote Stack Buffer Overflow (5486669e-ea9f-11de-bd9c-00215c6a37bb)

SecurityFocus reports : TPTEST is prone to a remote stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition. %NASLMINLEVEL 70300 C...

Debian DSA-2315-1 : openoffice.org - multiple vulnerabilities

Red Hat, Inc. security researcher Huzaifa Sidhpurwala reported multiple vulnerabilities in the binary Microsoft Word doc file format importer of OpenOffice.org, a full-featured office productivity suite that provides a near drop-in replacement for Microsoft Office. %NASLMINLEVEL 70300 C Tenable...

Mozilla Products Same Origin Policy Bypass Vulnerability (Windows)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to same origin policy bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnwin.nasl 7044 2017-09-01 11:50:59Z teissa $ Mozilla Products Same Origin Policy Bypass Vulnerability Windows Authors...

Fedora 15 : qt-4.7.4-2.fc15 (2011-12193)

QtGui Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Network Security,...

Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability

Advisory: Serendipity freetag plugin 'serendipitytagview' Cross-Site Scripting vulnerability Advisory ID: SSCHADV2011-016 Author: Stefan Schurtz Affected Software: Successfully tested on Serendipity 1.5.5 Vendor URL: http://www.s9y.org Vendor Status: fixed CVE-ID: - ==========================...

The CMS Papoo Light version of the multiple xss flaws and fixes-vulnerability warning-the black bar safety net

Defect summary: ========================== The CMS Papoo Light Version containingxssthe defect ================== Technical analysis: ================== /papoo/papoolight/index.php/"/ascriptalertdocument . cookie;/script /papoo/papoolight/kontakt.php/"/ascriptalertdocume nt. cookie;/script...

Microsoft Excel畸形记录远程代码执行漏洞（MS11-072）

BUGTRAQ ID: 49478 CVECAN ID: CVE-2011-1988 Microsoft Excel是由Microsoft为Windows和Apple Macintosh操作系统的电脑而编写和运行的一款试算表软件。 Microsoft Excel在处理畸形记录时存在远程代码执行漏洞，远程攻击者可利用此漏洞以当前用户权限执行任意代码。 Excel解析电子表格文件中的特制记录时，其中的特定值可触发内存破坏漏洞。 Microsoft Excel 2010 Microsoft Excel 2007 Microsoft Excel 2003 Microsoft Office...

Microsoft Windows SMB LsaQueryInformationPolicy Function SID Enumeration Without Credentials

By emulating the call to LsaQueryInformationPolicy, it was possible to obtain the host SID Security Identifier, without credentials. The host SID can then be used to get the list of local users. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid56210; scriptversion"1.5"...

Multiple XSS vulnerabilities in CMS Papoo Light Version

Advisory: Multiple XSS vulnerabilities in CMS Papoo Light Version Advisory ID: SSCHADV2011-014 Author: Stefan Schurtz Affected Software: v4.0 Vendor URL: http://www.papoo.de/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description: ========================== The CMS...

Django开发框架多个安全漏洞

Bugtraq ID: 49573 Django是一款开放源代码的Web应用框架，由Python写成。 Django存在多个安全漏洞，允许攻击者获得敏感信息，操作数据，进行缓存毒药攻击或进行拒绝服务攻击。 1当使用缓存后端时django.contrib.sessions中处理会话存在错误，可被利用操作会话信息。要成功个利用漏洞需要已知会话KEY和应用程序允许攻击者使用合法会话KEY储存字典类对象到缓冲中。 2Django模型系统包括一个字段类型-- URLField...

Microsoft Windows WINS Server 'ECommEndDlg()'本地特权提升漏洞

Bugtraq ID: 49523 CVE ID：CVE-2011-1984 Microsoft Windows是一款流行的操作系统。 Microsoft Windows WINS存在安全漏洞，如果用户在运行WINS服务，受此漏洞影响的系统上接收到特制WINS复制报文，这个漏洞可允许特权提升。攻击者必须拥有合法登录凭证，本地利用此漏洞。 恶意报文会由MS11-035中报告的ECommEndDlg函数处理，但这次函数处理的指针由攻击者控制。 向WINS服务绑定在回路地址127.0.0.1的动态UDP端口发送特制报文可触发此漏洞。在老的win 2003...

Fedora 16 : librsvg2-2.34.1-1.fc16 (2011-12312)

New release of librsvg which fixes CVE-2011-3146. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

CMS Papoo Light 4.0 Cross Site Scripting

Advisory: Multiple XSS vulnerabilities in CMS Papoo Light Version Advisory ID: SSCHADV2011-014 Author: Stefan Schurtz Affected Software: v4.0 Vendor URL: http://www.papoo.de/ Vendor Status: fixed CVE-ID: - ========================== Vulnerability Description: ========================== The CMS...

Microsoft Windows Script Host 'wshesn.dll' DLL装载任意代码执行漏洞

Bugtraq ID: 49436 Windows Scripting Host是一款Windows操作系统脚本语言程序。 Windows Scripting Host wscript.exe不安全装载wshesn.dll库，攻击者可以诱使用户在远程WebDAV或SMB共享上打开js, jse, vbe, vbs, wsf, wsh文件，可以以用户安全上下文装载任意库。 Microsoft Windows Script Host 5.6 厂商解决方案 目前没有详细解决方案提供： http://www.microsoft.com...

Ruby Random Number Values Information Disclosure Vulnerability

This host is installed with Ruby and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodrubyrandomnumbervaluesinfodiscvuln.nasl 8196 2017-12-20 12:13:37Z cfischer $ Ruby Random Number Values Information Disclosure Vulnerability Authors: Sooraj KS Copyright:...

Java for Mac OS X 10.5 Update 9

This host is missing an important security update according to Mac OS X 10.5 Update 9. OpenVAS Vulnerability Test $Id: secpodmacosxjava105upd9.nasl 7024 2017-08-30 11:51:43Z teissa $ Java for Mac OS X 10.5 Update 9 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod, http://www.secpod.com This...

Pidgin拒绝服务和安全绕过漏洞

Bugtraq ID: 49268 CVE ID：CVE-2011-2943 Pidgin是一款多协议即时通信软件。 Pidgin存在安全漏洞，允许恶意攻击者进行拒绝服务或任意代码执行攻击。 1当处理昵称中包含特殊字符的WHO应答时IRC协议插件存在错误，可被利用触发空指针引用。 2解析HTTP 100应答时MSN协议插件存在错误，可被利用使应用程序崩溃。 成功利用漏洞需要HTTP连接方法启用默认禁用并使用恶意服务器。 3Pidgin支持IM会话中使用URL处理器，windows平台下直接把URL提交给ShellExecute API，并以当前用户运行。当通过file://...

Linux Kernel 'CIFSFindNext()'函数拒绝服务漏洞

Bugtraq ID: 49295 CVE ID：CVE-2011-3191 Linux是一款开放源代码的操作系统。 "CIFSFindNext"函数fs/cifs/cifssmb.c存在一个符号相关错误，发送特制的CIFS消息可使客户端崩溃。 要成功利用漏洞需要使用恶意服务器。 Linux kernel 2.6.x 厂商解决方案 目前没有详细解决方案提供： http://www.linux.org/...

Apache DoS Bug Resurfaces, Spurring New Attacks

A bug in the way that the hugely popular Apache Web server handles some types of HTTP “range” header requests can enable a remote attacker to cause a denial-of-service condition on a vulnerable server. The flaw, which affects all versions of Apache 1.3 and Apache 2, reportedly already is being...