109 matches found
PHPKIT WCMS 1.6.5 Cross Site Scripting
MajorSecurity SA-079PHPKIT WCMS - Multiple stored Cross Site Scripting Issues Details ============= Product: PHPKIT WCMS Security-Risk: low Remote-Exploit: yes Vendor-URL: http://www.phpkit.com/ Advisory-Status: published Credits ============= Discovered by: David Vieira-Kurz of MajorSecurity...
[CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite
CAL-20100204-3Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite Affected Products ================= 11.5.2.602 ,11.5.6.606 and prior CVE ID: CVE-2010-1280 CAL ID: CAL-20100204-3 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com has discovered a...
[CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability
CAL-20100204-1Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability Affected Products ================= 11.5.2.602 ,11.5.6.606 and prior CVE ID: CVE-2010-1282 CAL ID: CAL-20100204-1 Vulnerability Details ===================== Code Audit Labs http://www.vulnhunt.com ha...
iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
iDefense Security Advisory 01.12.10 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2010 I. BACKGROUND Adobe Reader and Acrobat are Portable Document Format PDF reader and processors. For more information, please visit following pages: http://www.adobe.com/products/reader/...
Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit
No description provided by source. ! /usr/bin/perl CALquartzmidpoc.pl MircoSoftMediaplayerquartz.dllmidremoteDos POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 windows media Player 10.00.00.3998 quartz.dll 6.5.3790.4283 Windows...
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
No description provided by source. ! /usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please assign to a CVE number DESCRIPTI...
Microsoft Media Player (quartz.dll .mid) Denial of Service Exploit
Exploit for unknown platform in category dos / poc ================================================================== Microsoft Media Player quartz.dll .mid Denial of Service Exploit ================================================================== ! /usr/bin/perl CALquartzmidpoc.pl...
Microsoft GDI Plugin - '.png' Infinite Loop Denial of Service (PoC)
!/usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please assign to a CVE number DESCRIPTION =========== The vulnerability...
Microsoft Media Player - quartz.dll .wav Multiple Remote Denial of Service Vulnerabilities
Microsoft Media Player - quartz.dll .wav Multiple Remote Denial of Service Vulnerabilities ! /usr/bin/perl CAL2quartzwavpoc.pl TwoMircoSoftMediaplayerquartz.dllwavremoteDosvulnerabilities by Code Audit Labs public 2009-04-19 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp...
Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC
Exploit for unknown platform in category dos / poc ============================================================= Microsoft GDI Plugin .png Infinite Loop Denial of Service PoC ============================================================= ! /usr/bin/perl CALgdiplugpoc.pl...
Microsoft GDI Plugin - .png Infinite Loop Denial of Service (PoC)
Microsoft GDI Plugin - .png Infinite Loop Denial of Service PoC ! /usr/bin/perl CALgdiplugpoc.pl MircosoftgdiplugpnginfinityloopD.o.S POC by Code Audit Labs public 2009-04-17 http://www.vulnhunt.com/ Affected ======== test on full updated winxp sp3 other version should be affected CVE: please...
iDefense Security Advisory 01.13.09: Oracle Database 10g R2 Summary Advisor Arbitrary File Rewrite Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDefense Security Advisory 01.12.09 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 12, 2009 I. BACKGROUND Oracle Database Server is a family of database products that range from personal databases to enterprise solutions. Further informati...
selfgen-xss.txt
Release Date: August 23 2008 Platform: Web Severity: Important Summary: Bam host a large number of websites for student unions throughout the uk using a custom cms system called Self Generate. This vulnerability affects all of these websites and allows attackers to inject arbitrary html/javascrip...
CAL-20070730-1.txt
CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...
[Full-disclosure] CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability
CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability BACKGROUND: =========== BlueSkychat is a professional voice and video chat software widely used by large chat websites in china. DESCRIPTION: ============ Code Audit Labs Code Audit for BlueSkyCat ActiveX Control and discovered ...
[Full-disclosure] ActiveWeb Contentserver CMS SQL Injection Management Interface
Advisory: ActiveWeb Contentserver CMS SQL Injection Management Interface RedTeam Pentesting discovered an SQL Injection in the picturerealedit.asp script of the activeWeb contentserver CMS during a penetration test. An editor with the permission to edit pictures can exploit this by injecting...
SUSE-SA:2006:044: libtiff
The remote host is missing the patch for the advisory SUSE-SA:2006:044 libtiff. This update of libtiff is the result of a source-code audit done by Tavis Ormandy, Google Security Team. It fixes various bugs that can lead to denial-of-service conditions as well as to remote code execution while...
phpmyvisites-xss.txt
Multiple vulnerabilities in phpMyVisites Application : phpMyVisites prior to 2.2 stable Release Date : 11 February 2007 Author : Nicob Abstract : ========== Several vulnerabilities were identified in phpMyVisites. This software is "a free and powerful open source GNU/GPL software for websites...
WEB vulnerabilities mining techniques-vulnerability warning-the black bar safety net
Source: security focus Author: 7all sgh81at163.com WEB vulnerability Mining Technology |=---------------= WEB vulnerability Mining Technology=-----------------------------=| |=-----------------------------------------------------------------=| |=---------------= 7all7all7at163. com...
Important: Red Hat Security Advisory: kdelibs security update
Updated kdelibs packages that fix a flaw in kimgio input validation are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. KDE is a graphical desktop environment for the X Window System. Konqueror is...