[SECURITY] Fedora 11 Update: rubygem-activeresource-2.3.2-2.fc11

Wraps web resources in model classes that can be manipulated through XML ov er REST...

Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow

Added: 08/14/2009 CVE: CVE-2009-1534 BID: 35992 OSVDB: 56916 Background Microsoft Office Web Components OWC are a group of OLE classes implemented as ActiveX controls. Problem A buffer overflow vulnerability in the OWC.Spreadsheet.9 ActiveX control allows command execution when a user loads a web...

[SECURITY] Fedora 10 Update: wxGTK-2.8.10-2.fc10

wxWidgets/GTK2 is the GTK2 port of the C++ cross-platform wxWidgets GUI library, offering classes for all common GUI controls as well as a comprehensive set of helper classes for most common application tasks, ranging from networking to HTML display and image manipulation...

CVE-2009-1812

Multiple SQL injection vulnerabilities in myGesuad 0.9.14 aka 0.9 allow remote attackers to execute arbitrary SQL commands via 1 the formUser parameter aka the Name field to common/login.php, and allow remote authenticated users to execute arbitrary SQL commands via the ID parameter in a Detail...

FreeBSD : jdk/jre -- Security Vulnerability With Java Plugin (ac619d06-3ef8-11d9-8741-c942c075aa41)

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between JavaScript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in MeetWeb 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 modules.php, 2 ManagerResource.class.php, 3 ManagerRightsResource.class.php, 4 RegForm.class.php, 5 RegResource.class.php, and 6...

Fix header injection vulnerabilities

A number of vulnerabilities were found during JRA-16024 which expose JIRA to header injection attacks: Note that different application server configurations may expose or hide the presence of a header injection vulnerability. Standalone tomcat is usually not vulnerable. Tomcat 5.5.26 redirects al...

OpenJDK applet privilege escalation via JAX package access (6592792)

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

CVE-2008-5347

Technical details for CVE-2008-5347 are not provided in the supplied documents; no affected product/version specifics beyond the initial description. Monitor for updates.

CVE-2008-5347

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

OpenJDK applet privilege escalation via JAX package access (6592792)

Multiple unspecified vulnerabilities in Java Runtime Environment JRE for Sun JDK and JRE 6 Update 10 and earlier allow untrusted applets and applications to gain privileges via vectors related to access to inner classes in the 1 JAX-WS and 2 JAXB packages...

[SECURITY] Fedora 8 Update: rubygem-activeresource-2.1.1-1.fc8

Wraps web resources in model classes that can be manipulated through XML ov er REST...

CVE-2008-4529

Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the ENVasicmspath parameter to 1 Association.php, 2 BigMath.php, 3 DiffieHellman.php, 4 DumbStore.php, 5 Extension.php, 6 FileStore.php, 7 HMAC.php, 8...

asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. =========================================================================================== o asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerability Software : asiCMS version alpha 0.208 Vendor : http://asicms.sourceforge.net/ Download :...

asiCMS alpha 0.208 - Multiple Remote File Inclusions

asiCMS alpha 0.208 - Multiple Remote File Inclusions =========================================================================================== o asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerability Software : asiCMS version alpha 0.208 Vendor : http://asicms.sourceforge.net/ Download...

[SECURITY] Fedora 9 Update: rubygem-activeresource-2.1.1-1.fc9

Wraps web resources in model classes that can be manipulated through XML ov er REST...

openEngine 2.0 beta2 Remote File Inclusion Vulnerability

No description provided by source. Author : By CrackersChild Contact: [email protected] Greetz : str0ke & All My Friends Script : openEngine 2. 0 beta2 Remote File include Vulnerable Download :http://downloads.sourceforge.net/openengine/openengine20beta2.zip?modtime=1203083918&bigmirror=0...

JBossEAP allows download of non-EJB class files

The default configuration of the JBossAs component in Red Hat JBoss Enterprise Application Platform aka JBossEAP or EAP, possibly 4.2 before CP04 and 4.3 before CP02, when a production environment is enabled, sets the DownloadServerClasses property to true, which allows remote attackers to obtain...

javaws vulnerabilities

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.213 and earlier, allows remote attackers to perform unauthorized actions via an application that grants privileges to itself, related to "Incorrect Use of System Classes" and probably related to...

CVE-2008-2899

Technical details for CVE-2008-2899 are not publicly provided in the supplied documents. The initial description is generic, and connected records do not expose affected product specifics, root cause, or remediation.