Spring Source OXM 3.0.4 Command Injection

Reference: http://static.springsource.org/spring/docs/3.0.x/spring-framework-reference/html/oxm.htmld0e26722 Product: Spring Source OXM Object/XML Mapping Vendor: VMware Vulnerable Version: 3.0.4 only when XStream and IBM JRE are used Status: Fixed Vendor Notification: 12 October 2010 Vendor Fix:...

IBM DB2 - 'DT_RPATH' Insecure Library Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/48514/info IBM DB2 is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code with root privileges. Successfully exploiting this issue will result in...

IBM DB2 - DT_RPATH Insecure Library Loading Arbitrary Code Execution

IBM DB2 - DTRPATH Insecure Library Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/48514/info IBM DB2 is prone to a vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue to gain elevated privileges and execute arbitrary code wit...

AT-TFTP Server Remote Denial of Service Vulnerability

AT-TFTP Server v1.8 Remote Denial of Service Vulnerability SecPod Technologies www.secpod.com Author: Antu Sanadi SecPod ID: 1013 01/04/2011 Issue Discovered 04/04/2011 Vendor Notified No Response from the Vendor 25/04/2011 Advisory Released Class: Denial of Service Severity: High Overview:...

MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223)

The remote host is running a version of the Windows kernel that is affected by the following types of vulnerabilities : - Several use-after-free vulnerabilities exist due to the way that Windows kernel-mode drivers manage kernel-mode driver objects. CVE-2011-0662, CVE-2011-0665, CVE-2011-0666,...

Design/Logic Flaw

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

CVE-2011-1183

Apache Tomcat 7.0.11, when web.xml has no login configuration, does not follow security constraints, which allows remote attackers to bypass intended access restrictions via HTTP requests to a meta-data complete web application. NOTE: this vulnerability exists because of an incorrect fix for...

Microsoft Word .docx Insecure Library Loading (MS11-023; CVE-2011-0107)

Microsoft Word is a popular word processing software. A remote code execution vulnerability has been reported in the way that Microsoft Word handles the loading of DLL files. The vulnerability is caused when Microsoft Office Word incorrectly restricts the path used for loading external libraries...

PT-2011-2925 · Apache · Apache Tomcat

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: A regression in a previous fix caused security constraints to be ignored under certain conditions. Specifically, this occurred when there was no login...

Adobe Flash Player Malformed Number Arguments Memory Corruption (APSB11-02; CVE-2011-0578)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient type checking by the Adobe Flash Player. A remote attacker may exploit this iss...

iOS myDBLite 1.1.10 - Directory Traversal

iOS myDBLite 1.1.10 - Directory Traversal Exploit Title : myDBLite v1.1.10 for iPhone / iPod touch, Directory Traversal Date: 02/24/2011 Author: R3d@l3rt, Sp@2K, Sp@2K, Sunlight, H@ckk3y Software Link: http://itunes.apple.com/kr/app/mydb-lite/id335521112?mt=8 Version: 1.1.10 Tested on: iPhone, iP...

Adobe Flash Player ActionScript Atom Value Memory Corruption (APSB11-02; CVE-2011-0574)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A memory corruption vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient type checking by the Adobe Flash Player. A remote attacker may exploit this iss...

FreeBSD : mediawiki -- multiple vulnerabilities (8d04cfbd-344d-11e0-8669-0025222482c5)

Medawiki reports : An arbitrary script inclusion vulnerability was discovered. The vulnerability only allows execution of files with names ending in '.php' which are already present in the local filesystem. Only servers running Microsoft Windows and possibly Novell Netware are affected. Despite...

Microsoft Windows Kerberos Unkeyed Checksum Local Privilege Escalation Vulnerability

Description The Microsoft Windows implementation of Kerberos is prone to a local privilege-escalation vulnerability. Local attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting these issues will result in the complete compromise of affect...

Search Google Censorship Gently Piracy !

Google was not kidding when he said he would fight against illegal file sharing, and now he died autocomplete when it comes to investigation of piracy. If they were not sure that the digital world has decided this year to piracy, it would be quite clear now. First, Nintendo announces "the golden...

Openfire 3.6.4 Multiple CSRF Vulnerabilities

Exploit for jsp platform in category web applications Project: Openfire Severity: High Versions: 3.6.4 other versions may be affected Exploit type: Multiple CSRF Fixes Available: None ------------------------------------------------------------------------...

Microsoft Graphics Filters FlashPix Converter Buffer Overflow (MS10-105; CVE-2010-3951)

A remote code execution vulnerability has been discovered in the way that Microsoft Office parses specially crafted FlashPix image files. FlashPix is a bitmapped computer graphics file format where the image is saved in more than one resolution. The vulnerability is due to an error in Microsoft...

Microsoft Windows CVE-2010-3941 'Win32k.sys' Double Free Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the 'Win32k.sys' Windows kernel-mode driver. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromi...

Professional Penetration Testing Guide

Here is the another good book in the field of penetration testing. Unlike other books which aims only at the technical aspects of Penetration testing, this one explains every step involved in the making of a Professional Pentester. Rather than just teaching how to use the existing tools, it does...

Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation

Cisco Unified Communications Manager 8.0 - Invalid Argument Privilege Escalation source: https://www.securityfocus.com/bid/44672/info Cisco Unified Communications Manager is prone to a local privilege-escalation vulnerability. Attackers can exploit this issue to gain administrative access to the...