329 matches found
JBossWS remote Denial of Service
wsf/common/DOMUtils.java in JBossWS Native in Red Hat JBoss Enterprise Application Platform 4.2.0.CP09, 4.3, and 5.1.1; JBoss Enterprise Portal Platform 4.3.CP06 and 5.1.1; JBoss Enterprise SOA Platform 4.2.CP05, 4.3.CP05, and 5.1.0; JBoss Communications Platform 1.2.11 and 5.1.1; JBoss Enterpris...
CVE-2011-0212
servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service CPU and memory consumption, via an XML-RPC request containing an entity declaration in conjunction with an entity reference,...
LulzSec & Anonymous initiates 'Operation Anti-Security' together
LulzSec & Anonymous initiates 'Operation Anti-Security ' together LulzSec has issued a declaration virtual war on any government or governmental agency, the top priority of which they say "is to steal and leak any classified government information, including email spools and documentation...
CVE-2010-3260
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...
Design/Logic Flaw
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...
DEBIAN-CVE-2011-1156
feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0.1 allows remote attackers to cause a denial of service application crash via a malformed DOCTYPE declaration...
CVE-2011-1156
feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0.1 allows remote attackers to cause a denial of service application crash via a malformed DOCTYPE declaration...
CVE-2011-1156
feedparser.py in Universal Feed Parser aka feedparser or python-feedparser before 5.0.1 allows remote attackers to cause a denial of service application crash via a malformed DOCTYPE declaration...
Seraph in Confluence 3.5 environment no longer able to instantiate custom authenticator
Customer using custom authenticator no longer works in Confluence 3.5 despite updates to latest API, latest Atlassian SDK, and building against Confluence 3.5 and embedded Crowd. See attached error log from customer. In brief, error is: noformat Caused by:...
Anonymous Hackers open letter to Google against a Blogger !
Anonymous Hackers open letter to Google against a Blogger ! One of the Anonymous just Publish a New OPEN LETTER to GOOGLE company for Reminding them the Universal Declaration of Animal Rights adopted in Londonon September 23, 1977, Because one of the Blogger Blog have publish a video in which sho...
Operation Algeria, Part 2 by Anonymous Hackers Released !
Operation Algeria, Part 2 by Anonymous Hackers Released ! FREE-THINKING CITIZENS OF THE WORLD, The Algerian government imposes, upon its own citizens, intolerable restrictions on their basic liberties. The Algerian government wants to enforce a future where injustices remain unchallenged and wher...
Adobe Reader U3D Shading Count Memory Corruption (APSB10-09; CVE-2010-0196)
Portable Document Format PDF is an open file format created by Adobe Systems. A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to an integer overflow in Adobe Reader and Acrobat when processing the "Shading Count" field in the CLOD Mesh...
Format string
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...
CVE-2010-0388
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...
OpenJDK proxy mechanism allows non-authorized socket connections (6801497)
The proxy mechanism implementation in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lack...
DEBIAN-CVE-2009-2286
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service crash via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch...
CVE-2009-2286
Buffer overflow in compface 1.5.2 and earlier allows user-assisted attackers to cause a denial of service crash via a long declaration in a .xbm file. NOTE: this issue only affects compface on distributions that used a certain patch...
nitrotech-rfisql.txt
Name: Nitrotech 0.0.3a Multiple Remote Vulnerabilities Download: http://sourceforge.net/project/downloading.php?groupname=nitrotech&filename=nitrotech003a.zip&usemirror=garr Author: Osirys, thanks to x0r Contact: [email protected] Nitrotech cms is vulnerable to multiple vulnerabilities, like remote...
Directory traversal
Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a...
CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...