9454 matches found
Openfire Server <= 3.6.0a (Auth Bypass/SQL/XSS) Multiple Vulnerabilities
No description provided by source. Advisory: Openfire Server Multiple Vulnerabilities Advisory ID: AKADV2008-001 Release Date: 2008/11/07 Revision: 1.0 Last Modified: 2008/11/07 Date Reported: 2008/05/17 Author: Andreas Kurtz mail at andreas-kurtz.de Affected Software: Openfire Server = 3.6.0a...
Mac OSX Server DirectoryService Buffer Overflow
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Mac OSX Server DirectoryService buffer overflow 1. Advisory Information Title: Mac OSX Server DirectoryService buffer overflow Advisory ID: CORE-2013-0103 Advisory URL:...
TransSoft Broker FTP Server 3.0/4.0/4.7/5.x CWD Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2851/info Broker is a Windows FTP server from TransSoft. Versions of Broker are vulnerable to a denial of service. A CD or CWD command, argumented by an invalid '. .' dot-space-dot sequence can, if repeatedly issued, crea...
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities
No description provided by source. =================================================== Secur-I Research Group Security Advisory SV-2011-004 =================================================== Title: NetSaro Enterprise Messenger v2.0 Multiple Vulnerabilities Product: Enterprise Messenger Server...
Cloupia End-to-end FlexPod Management Directory Traversal
No description provided by source. Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes...
PHPCalendars - Multiple Vulnerabilities
No description provided by source...
SAP Router - Timing Attack Password Disclosure
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Router Password Timing Attack 1. Advisory Information Title: SAP Router Password Timing Attack Advisory ID: CORE-2014-0003 Advisory URL:...
HP Tru64/OSF1 DXTerm Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5746/info The HP Tru64/OSF1 dxterm utility is prone to a locally exploitable buffer overflow condition. This issue is due to insufficient checking of command line input supplied via the -xrm parameter. This parameter serv...
Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19584/info The lmtgmyhomepage component for Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitra...
Virtual PC Hypervisor Memory Protection Vulnerability
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Virtual PC Hypervisor Memory Protection Vulnerability 1. Advisory Information Title: Virtual PC Hypervisor Memory Protection...
OpenSSH 2.x/3.x Kerberos 4 TGT/AFS Token Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4560/info A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require valid user credentials ...
Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability
No description provided by source. ============================================================== Secur-I Research Group Security Advisory SV-2012-005 ============================================================== Title: Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability Product:...
Softbiz Recipes Portal Script (showcats.php) SQL Injection Vulnerability
----------------------------Information------------------------------------------------ +Name : Softbiz Recipes Portal Script SQL Injection showcats.php +Autor : Easy Laster +Date : 25.02.2010 +Script : Softbiz Recipes Portal Script +Price : 99$ +Language : PHP +Discovered by Easy Laster +Securit...
OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2...
SapporoWorks Black JumboDog 2.6.4/2.6.5 HTTP Proxy Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long expires, if-modified-since, and LastModified strings...
Tarantella Enterprise 3 Symbolic Link Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4115/info Tarantella Enterprise 3 contains a locally exploitable symbolic link vulnerability during it's installation procedure. This vulnerability can be exploited to elevate privileges. An attacker anticipating the...
Microsoft Windows Media Player 7.0 .WMS Arbitrary Script Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1976/info Windows Media Player is an application used for digital audio, and video content viewing. It is possible for a user running Windows Media Player 7 to enable a skin .wms file and unknowingly execute an embedded...
dreamlive auktionshaus script news.php - (id) SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : dreamlive Auktionshaus script news.php id SQL Injection +Autor : Easy Laster +Date : 12.03.2010 +Script : dreamlive Auktionshaus script +Language :PHP +Discovered by...
Half-Life StatsMe 2.6.x Plug-in CMD_ARGV Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6575/info The Half-Life StatsMe plug-in is prone to an exploitable buffer overflow condition. This issue may be exploited by an attacker who can authenticate with the rcon-password of the Half-Life server to execute...
SumatraPDF 2.1.1/MuPDF 1.0 Integer Overflow
No description provided by source. Sumatra 2.1.1/MuPDF 1.0 Integer Overflow ======================================= There is an integer overflow on the MuPDF in the lexnumber function which can be triggered using a corrupt PDF file with ObjStm. I'm attaching a file that reproduces the problem wit...