Developer Finds Privacy Holes in Foursquare

A developer figured out that Foursquare had a privacy leak because of how it published user check-ins on web pages for each location. He logged 875,000 in San Francisco. Foursquare is aware of the bug. Read the full article. Wired...

Microsoft IE Developer Toolbar多个远程代码执行漏洞（MS10-035）

BUGTRAQ ID: 40414,40416 CVE ID: CVE-2010-1260,CVE-2010-1261 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问IE8 Developer Toolbar中尚未正确初始化或已被删除的对象的方式中存在一个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 必须用户交互才可利用这个漏洞，用户必须按下F12键响应特制站点的提示。 Microsoft...

Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)

This host is missing a critical security update according to Microsoft Bulletin MS10-034. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability (980195)

This host is missing a critical security update according to Microsoft Bulletin MS10-034. OpenVAS Vulnerability Test $Id: secpodms10-034.nasl 5361 2017-02-20 11:57:13Z cfi $ Description: Microsoft Data Analyzer and IE Developer Tools ActiveX Control Vulnerability 980195 Authors: Veerendra GG...

CVE-2010-1260

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability....

CVE-2010-1261

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability...

Memory corruption

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability...

Memory corruption

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability....

CVE-2010-1260

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability....

CVE-2010-1260

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Element Memory Corruption Vulnerability....

CVE-2010-0811

CVE-2010-0811 corresponds to a remote code execution vulnerability in the Internet Explorer 8 Developer Tools ActiveX control (iedvtool.dll). Public sources (OpenVAS/Nessus entries) tie this to Microsoft IE/Win components and list affected Windows versions including 2000 SP4, XP SP2/SP3, Server 2...

CVE-2010-1261

CVE-2010-1261 : A memory-corruption vulnerability in the Internet Explorer 8 Developer Toolbar (IE8) affects IE8 SP1/SP2/SP3. The connected MS knowledge base MS10-035 documents a remote code execution risk when processing a specially crafted page, due to uninitialized/deleted objects. Microsoft’s...

CVE-2010-1261

The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability...

PT-2010-2539 · Microsoft · Activex +9

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 8 Developer Tools versions in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1...

PT-2010-2965 · Microsoft · Internet Explorer 8 +1

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 8 versions SP1 through SP3 Description: A remote code execution issue exists due to improper initialization or deletion of an object in the IE8 Developer Toolbar, leading to memory corruption. This could be exploit...

PT-2010-2966 · Microsoft · Internet Explorer 8 +1

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 8 versions SP1 through SP3 Description: A remote code execution issue exists due to improper initialization or deletion of an object in the IE8 Developer Toolbar, leading to memory corruption. This could be exploit...

Facebook Developer Verification Won't Stop Rogue Apps

Looking to clamp down on the escalation of malicious apps on its popular social network, Facebook will now require that every developer to verify their Facebook account by providing a mobile phone number or adding a credit card to their account. While this is clearly a step in the right direction...

Webiz SQL Injection

Exploit Title: Webiz SQL Injection Vulnerability Date: 23-05-2010 Author: kannibal615 Software Link: N/A Version: 2008 Tested on: PHP CVE : N/A Code : @@@@@@@@ @@ @@ @@@@@@ @@@@@ @@ @@@@@ @@ @@@@@@@@ @@@@@ @@@@@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@ @@@@@@@ @@@@@ @@@@@ @@ @@ @@ @@@@@...

Fedora Update for kdesdk FEDORA-2010-8547

Check for the Version of kdesdk OpenVAS Vulnerability Test Fedora Update for kdesdk FEDORA-2010-8547 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

[SECURITY] Fedora 11 Update: kdesdk-4.4.3-1.fc11.1

A collection of applications and tools used by developers, including: cervisia: a CVS frontend kate: advanced text editor kbugbuster: a tool to manage the KDE bug report system kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays...