reflected xss in the pageId request parameter in 500page.jsp

A scanner picked up that the pageId parameter in 500page.jsp is a potentially reflected xss bug. This can be exploited through a url like the following: https://example.com/pages/viewtrash.vm;editpage?pageId=%22%3E%3Cscript%3Ealert1%3C/script%3E code /images/icons/emoticons/warning.png" You can...

PolarisCMS Cross Site Scripting

PolarisCMS blog.aspx Remote URI Based Cross-Site Scripting Vulnerability Vendor: PolarisCMS Product web page: http://www.polariscms.com Affected version: 2012 Summary: PolarisCMS is a White Label CMS content management System providing more features, functions and flexibility to global web...

Open Constructor - datafileedit.php?result Cross-Site Scripting

Open Constructor - datafileedit.php?result Cross-Site Scripting source: https://www.securityfocus.com/bid/54822/info Open Constructor is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. Exploiting these vulnerabilities could allow an...

Mandriva Update for mozilla MDVSA-2012:022 (mozilla)

Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2012:022 mozilla Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for mozilla MDVSA-2012:022 (mozilla)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for mozilla MDVSA-2012:066 (mozilla)

Check for the Version of mozilla OpenVAS Vulnerability Test Mandriva Update for mozilla MDVSA-2012:066 mozilla Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for mozilla MDVSA-2012:032-1 (mozilla)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

JSDependentString::undepend string conversion results in memory corruption — Mozilla

Security researcher Bill Keese reported a memory corruption. This is caused by JSDependentString::undepend changing a dependent string into a fixed string when there are additional dependent strings relying on the same base. When the undepend occurs during conversion, the base data is freed,...

Oracle Outside In contains multiple exploitable vulnerabilities

Overview Oracle Outside In contains multiple exploitable vulnerabilities in its parsers, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Oracle Outside In is a set of libraries that can decode over 500 different file formats...

Python-wrapper Untrusted Search Path / Code Execution

python-wrapper untrusted search path/code execution vulnerability Python-wrapper executes any test.py script within the current working directory, when supplied with help'modules'. A non-priviledged user may gain code execution by tricking root to help'modules' or help and then modules from withi...

Lattice Diamond Programmer Buffer Overflow

Exploit for windows platform in category dos / poc Lattice Diamond Programmer Buffer Overflow 1. Advisory Information Title: Lattice Diamond Programmer Buffer Overflow Advisory ID: CORE-2012-0530 Advisory URL: http://www.coresecurity.com/content/lattice-diamond-programmer-buffer-overflow Date...

Lattice Diamond Programmer Buffer Overflow

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Lattice Diamond Programmer Buffer Overflow 1. Advisory Information Title: Lattice Diamond Programmer Buffer Overflow Advisory ID: CORE-2012-0530 Advisory URL:...

Lattice Diamond Programmer 1.4.2 - Buffer Overflow (PoC)

Lattice Diamond Programmer 1.4.2 - Buffer Overflow PoC Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Lattice Diamond Programmer Buffer Overflow 1. Advisory Information Title: Lattice Diamond Programmer Buffer Overflow Advisory ID: CORE-2012-0530 Advisory URL:...

Fedora 15 : asterisk-1.8.12.2-1.fc15 (2012-8685)

The Asterisk Development Team has announced the release of Asterisk 1.8.12.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.12.2 resolves an issue reported by the community and would have not been possible...

Fedora 16 : asterisk-1.8.12.2-1.fc16 (2012-8692)

The Asterisk Development Team has announced the release of Asterisk 1.8.12.2. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk The release of Asterisk 1.8.12.2 resolves an issue reported by the community and would have not been possible...

CSNC-2012-004 Generic XSS in AdNovum nevisProxy

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: NevisProxy Vendor: AdNovum CVD ID: CSNC-2012-004 Subject: Cross-site scripting XSS within 302 Redirections Risk: High Effect: Remotely exploitable Author: Alexandre Herzog [email protected] Date: 02/23/2012...

MS12-042: Vulnerabilities in Windows Kernel could allow elevation of privilege: June 12, 2012

Resolves vulnerabilities in Microsoft Windows that could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted application that exploits the vulnerability. An attacker must have valid logon credentials and be able to log on locally to exploit this...

Buffer overflow and use-after-free issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-fr...

SAP NetWeaver Dispatcher - Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Dispatcher Multiple Vulnerabilities 1. Advisory Information Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL:...

PHP Group Set to Release Another Patch for CVE-2012-1823 Flaw

The PHP Group on Tuesday is planning to release another new version of the scripting language that’s designed to address, again, the remotely exploitable flaw that came to light last week. That bug, which requires no authentication, was supposed to have been fixed in new releases pushed out on Ma...