8737 matches found
Untrusted applet and application XSLT processing privilege escalation
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
[SECURITY] Fedora 8 Update: chmsee-1.0.0-2.30.fc8
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...
Unfixed XSS vulnerability at www.africandevelopmentagency.org
Security researcher Camilo-TcK, has submitted on 04/10/2008 a cross-site-scripting XSS vulnerability affecting www.africandevelopmentagency.org, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/10/2008...
CDNetworks Nefficient Download - 'NeffyLauncher.dll' Code Execution
Title: CDNetworks Nefficient DownloadNeffyLauncher.dll Vulnerabilities Author: Simon Ryeobar4mi at gmail.com, barami at ahnlab.com Severity: High Impact: Remote Code Execution Vulnerable Systems: MS Windows Systems Version: NeffyLauncher 1.0.5 AA07EBD2-EBDD-4BD6-9F8F-114BD513492C Solution: Upgrad...
Buffer overflow security vulnerabilities in Java Web Start
Stack-based buffer overflow in Java Web Start javaws.exe in Sun JDK and JRE 6 Update 4 and earlier and 5.0 Update 14 and earlier; and SDK and JRE 1.4.216 and earlier; allows remote attackers to execute arbitrary code via a crafted JNLP file...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
Critical: Red Hat Security Advisory: java-1.5.0-ibm security update
Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runti...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Buffer overflow in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different issue than CVE-2008-1188, aka the "third" issue...
[SECURITY] Fedora 7 Update: chmsee-1.0.0-1.30.fc7
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...
PHP 5 php_sprintf_appendstring()函数整数溢出漏洞
BUGTRAQ ID: 28392 CVECAN ID: CVE-2008-1384 PHP是广泛使用的通用目的脚本语言,特别适合于Web开发,可嵌入到HTML中。 PHP formattedprint.c文件的printf函数存在整数溢出漏洞,能够执行PHP脚本的攻击者可能利用此漏洞提升权限。 在formattedprint.c文件的phpsprintfappendstring函数中: - ---formattedprint.c-start--- inline static void phpsprintfappendstringchar buffer, int pos, int siz...
CA BrightStor ARCserve Backup r11.5 ActiveX Remote BOF Exploit
No description provided by source. HTML !-- CA BrightStor ARCserve Backup r11.5 AddColumn 0day ActiveX Remote Buffer Overflow Exploit Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: - CA BrightStor ARCserve Backup r11.5 ftp://ftp.ca.com/priv/trial/BABr11/BABLDr115/BABLDr115.zi...
SSF Server Detection
Binary data 4422.prm...
java: Vulnerability in the font parsing code
Unspecified vulnerability in the font parsing implementation in Sun JDK and JRE 5.0 Update 9 and earlier, and SDK and JRE 1.4.214 and earlier, allows remote attackers to perform unauthorized actions via an applet that grants certain privileges to itself...
SOL8508 - Cross-site scripting vulnerability in installControl.php3 page
A cross-site scripting XSS vulnerability exists in the FirePass installControl.php3 page, which is accessible prior to authentication. The installControl.php3 page fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web...
Untrusted applet and application privilege escalation (CVE-2008-1186)
Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application or applet, a different issue than CVE-2008-1186,...
Untrusted applet and application XSLT processing privilege escalation
Unspecified vulnerability in Sun Java Runtime Environment JRE and JDK 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to cause a denial of service JRE crash and possibly execute arbitrary code via unknown vectors related to XSLT transform...
Android软件开发工具包BMP文件处理整数溢出漏洞
BUGTRAQ ID: 28006 CVECAN ID: CVE-2008-0986 Android是Google通过Open Handset Alliance发起的项目,用于为移动设备提供完整的软件集,包括操作系统、中间件等。 Android SDK的libsgl.so库中的BMP::readFromStreamStream , ImageDecoder::Mode方式在解析BMP图形文件头时存在整数溢出漏洞,远程攻击者可能利用此漏洞控制用户设备。 如果BMP文件头的offset字段值为负数且Bitmap Information部分(DIB头)指定了8...
Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)
Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...
pds-sql.txt
Provided By Development Solutions SQL Injection Exploitpanel Real Estate SQL Injection Exploitpanel AUTHOR : S@BUN HOME : http://www.hackturkiye.com/ DorKs 1 : "Provided By Development Solutions" dork 2 : allinurl: "agentlist.asp?Letter" EXPLOIT : Username: anything' OR 'x'='x Password: anything'...
[SECURITY] Fedora 8 Update: tomcat5-5.5.26-1jpp.2.fc8
Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participator...