CVE-2014-3009

The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct...

Important: php-ZendFramework

Issue Overview: The GenericConsumer class in the Consumer component in ZendOpenId before 2.0.2 and the ZendOpenIdConsumer class in Zend Framework 1 before 1.12.4 violate the OpenID 2.0 protocol by ensuring only that at least one field is signed, which allows remote attackers to bypass...

MS Internet Explorer <= 6.x (IMG / XML elements) Denial of Service

No description provided by source. !-- Discovered by Inge Henriksen [email protected] http://ingehenriksen.blogspot.com/ -- table tr tdIMG align=leftX X X?xml:namespace prefix=v v:X style=HEIGHT:1/td /tr /table milw0rm.com 2006-01-18...

Apple Safari 3 for Windows Protocol Handler Command Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24434/info Apple Safari for Windows is prone to a protocol handler command-injection vulnerability. Exploiting the issue allows remote attackers to pass arbitrary command-line arguments to any application that can be call...

Adobe Photoshop Elements - Active File Monitor Service Local Privilege Escalation

No description provided by source. To exploit this issue, attackers require local, interactive access to an affected computer. The following example commands are available: sc stop AdobeActiveFileMonitor8.0 sc config AdobeActiveFileMonitor8.0 binPath= cmd /c net user adobe kills /add && net...

Final Draft 8 Multiple Stack Buffer Overflows

No description provided by source. Name : Final Draft 8 Multiple Stack Buffer Overflows Vendor Website : http://www.finaldraft.com/index.php Date Released : 29/11/2011 Affected Software : Final Draft 8.02 Researcher : Nick Freeman [email protected] Description...

Adobe Photoshop Elements 8.0 - Multiple Arbitrary Code Execution Vulnerabilities

No description provided by source. Title: ------ Adobe Photoshop Elements 8.0 Multiple Arbitrary Code Execution Vulnerabilities Vendor: ------- Adobe Systems Inc. http://www.adobe.com Product web page: ----------------- http://www.adobe.com/products/photoshop-elements.html Affected version:...

Ashampoo Burning Studio Elements 10.0.9 (.ashprj) Heap Overflow

No description provided by source. !/usr/bin/perl Ashampoo Burning Studio Elements 10.0.9 .ashprj Heap Overflow Vulnerability Vendor: Ashampoo GmbH & Co. KG Product web page: http://www.ashampoo.com Affected version: 10.0.9 Summary: Ashampoo Burning Studio Elements offers you everything you need ...

Lanius CMS <= 0.5.2 - Remote Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------- Lanius CMS = 0.5.2 Remote Arbitrary File Upload Exploit -------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.laniuscms.org/...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-2807)

This update brings Mozilla Firefox to the 3.6.8 security release. It fixes following security bugs: MFSA 2010-34 / CVE-2010-1211 / CVE-2010-1212: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of thes...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:0008-1)

This update fixes the following security issues with SeaMonkey : - update to SeaMonkey 2.23 bnc854370 - requires NSPR 4.10.2 and NSS 3.15.3.1 - MFSA 2013-104/CVE-2013-5609/CVE-2013-5610 Miscellaneous memory safety hazards - MFSA 2013-105/CVE-2013-5611 bmo771294 Application Installation doorhanger...

openSUSE Security Update : MozillaFirefox / MozillaThunderbird / seamonkey / etc (openSUSE-2011-101)

Mozilla Firefox and Thunderbird version 9 and seamonkey version 2.6 updates fix several security issues : - MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards - MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library - MFSA...

Microsoft Internet Explorer Js::PathTypeHandlerBase Improper Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2014-3949

Cross-site scripting XSS vulnerability in the layout wizard in the Grid Elements gridelements extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in the layout wizard in the Grid Elements gridelements extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-3949

Cross-site scripting XSS vulnerability in the layout wizard in the Grid Elements gridelements extension before 1.5.1 and 2.0.x before 2.0.3 for TYPO3 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2014-3949

CVE-2014-3949 describes a cross-site scripting (XSS) vulnerability in the Grid Elements (gridelements) TYPO3 extension. The issue affects the layout wizard in versions before 1.5.1 and 2.0.x before 2.0.3, allowing a remote authenticated backend user to inject arbitrary script or HTML via unspecif...

CVE-2013-2019

Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple filesignature elements...

DEBIAN-CVE-2013-2019

Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple filesignature elements...

Stack overflow

Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple filesignature elements...