PT-2006-3280 · Ispconfig · Ispconfig

Name of the Vulnerable Software and Affected Versions: ISPConfig versions 2.2.2 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the go infoserverclasses root parameter. The vendor has disputed this issue, stating that the affected...

Remote file inclusion

PHP remote file inclusion vulnerability in classes/adodbt/sql.php in Limbo CMS 1.04 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the classesdir parameter...

gdb security update

CentOS Errata and Security Advisory CESA-2005:709 An updated gdb package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written ...

Low: Red Hat Security Advisory: gdb security update

An updated gdb package that fixes several bugs and minor security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them i...

phplistSQL.txt

----------------------------------------- PhpList Sql Injection and Path Disclosure ----------------------------------------- Vulnerabilities --------------- 1 There is an sql injection in the id parameter of publichtml/lists/admin/?page=admin&id=INJECT HERE 2 Because of the heavy use of classes...

PhpList Sql Injection and Path Disclosure

----------------------------------------- PhpList Sql Injection and Path Disclosure ----------------------------------------- Vulnerabilities --------------- 1 There is an sql injection in the id parameter of publichtml/lists/admin/?page=admin&id=INJECT HERE 2 Because of the heavy use of classes...

singapore v0.9.11 cross site scripting and path disclosure

Because of singapores heavy use of classes it has multiple path disclosure occurences. The following pages all produced class related errors when navigating directly to them in your browser. gallery/includes/admin.class.php templates/admindefault/ all the .tpl.php files templates/default/ all the...

security flaw

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier 1 allow access to restricted Java classes via JavaScript and 2 do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary file...

Sun Java plugin privilege escalation

It's possible to access few internal classes...

jdk/jre -- Security Vulnerability With Java Plugin

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code...

Java XSLT security advisory addendum

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================ Illegalaccess.org security advisory addendum ============================================ Vendor informed: April, 2004 Public Advisory released: August 2, 2004 Today: August 9, 2004 URL:...

Sun Solaris vulnerable to DoS when the Basic Security Module (BSM) is configured to perform auditing of specific classes

Overview There is a vulnerability in Sun Solaris that could allow local users to cause a denial of service when the Basic Security Module BSM is configured to perform auditing of specific audit classes. Description Sun Microsystems describes the Basic Security Module BSM as a "security auditing...

Advisory: Webster HTTP Server

ABSTRACT Webster HTTP Server is an HTTP/1.0 server written in C++ using Microsoft Foundation Classes MFC. It runs on Windows 95, 98, NT, 2000, Me, and XP platforms. It was first published as a sample application in Microsoft Journal MSJ. Multiple security flaws have been identified in Webster tha...

Microsoft Java implementation JDBC classes do not properly validate DLL requests

Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM do not properly validate DLL requests, allowing a malicious applet to load and execute any DLL on the client system. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and XP. It is used...

CVE-2000-1099

Java Runtime Environment in Java Development Kit JDK 1.2.205 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities...

Netscape Communicator 4.x - URL Read

Netscape Communicator 4.x - URL Read source: https://www.securityfocus.com/bid/1546/info A flaw in Netscape Communicator's implementation of Java allows malicious applets to read any resource reachable via a URL from the local machine by using the netscape.net.URLConnection and...

PT-1999-1203 · Microsoft · Windows Nt

Name of the Vulnerable Software and Affected Versions: Windows NT affected versions not specified Description: The issue concerns the HKEY CLASSES ROOT key in a Windows NT system, which has inappropriate, system-critical permissions. Recommendations: At the moment, there is no information about a...

MS10-074: Vulnerability in Microsoft Foundation Classes could allow remote code execution

None None...