CVE-2013-2687

Stack-based buffer overflow in the bpedecompress function in 1 BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and 2 QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service application crash or possibly execute...

DD-WRT 24-sp2 CSRF / Command Injection

DD-WRT v24-sp2 is prone to command injection from specially crafted configuration values containing shell meta-characters. A remote attacker can potentially use CSRF from an authenticated client to execute commands on the router as the root user. Successful exploitation can result in system wide...

Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2013-0751)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0751 advisory. 1.7.0.19-2.3.9.1.0.1.el64 - Update DISTRONAME in specfile 1.7.0.19-2.3.9.1.el6 - updated to updated IcedTea 2.3.9 with fix to one of security fixes -...

Oracle Linux 5 / 6 : java-1.7.0-openjdk (ELSA-2013-0275)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-0275 advisory. 1.7.0.9-2.3.7.1.0.2.el63 - Increase release number and rebuild. 1.7.0.9-2.3.7.1.0.1.el63 - Update DISTRONAME in specfile 1.7.0.9-2.3.7.1.el63 -...

Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2012-0729)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0729 advisory. 1:1.6.0.0-1.48.1.11.3 - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz828751 1:1.6.0.0-1.47.1.11.3 - Modified patch3,...

用友软件开发管理平台IIS写权限导致可获取服务器webshell

简要描述： 见说明 详细说明： http://ufsdp-borrow.ufsoft.com.cn/cmd.asp http://ufsdp-borrow.ufsoft.com.cn/1937cN.txt 漏洞证明：...

java security update

CentOS Errata and Security Advisory CESA-2013:1014 Updated java-1.6.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scorin...

CentOS Update for java CESA-2013:0958 centos5

Check for the Version of java OpenVAS Vulnerability Test CentOS Update for java CESA-2013:0958 centos5 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for java-1.7.0-openjdk RHSA-2013:0957-01

Check for the Version of java-1.7.0-openjdk OpenVAS Vulnerability Test RedHat Update for java-1.7.0-openjdk RHSA-2013:0957-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

GLPI 0.83.8 - Multiple Vulnerabilities

GLPI 0.83.8 - Multiple Vulnerabilities GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free...

OpenJDK: Better access restrictions (Sound, 8006328)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to...

RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0957)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:0957 advisory. These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in...

Important: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

GLPI 0.83.8 SQL Injection

GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was...

GLPI 0.83.7 Parameter Traversal Arbitrary File Access Vulnerability

GLPI version 0.83.7 suffers from a parameter traversal vulnerability that allows for arbitrary file access. GLPI v0.83.7 itemtype Parameter Traversal Arbitrary File Access Exploit Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 Summary: GLP...

OpenJDK: Insecure shared memory permissions (2D, 8001034)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previou...

OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information...

Fedora Update for pairs FEDORA-2013-10182

Check for the Version of pairs OpenVAS Vulnerability Test Fedora Update for pairs FEDORA-2013-10182 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

[SECURITY] Fedora 17 Update: kdesdk-4.10.4-1.fc17

A metapackage/collection of applications and tools used by developers, incl uding: cervisia: a CVS frontend kate: advanced text editor kcachegrind: a browser for data produced by profiling tools e.g. cachegr ind kompare: diff tool kuiviewer: displays designer's UI files lokalize: computer-aided...

PHP file include vulnerability attack and Defense combat-vulnerability warning-the black bar safety net

Summary PHP is a very popular Web development language on the Internet many Web applications are using PHP development. And in the use of PHP development of Web applications, PHP file include vulnerability is a Common Vulnerability. The use of PHP file include vulnerabilities intrusion website is...