9457 matches found
Oracle Fixes 78 Flaws, Including Remotely Exploitable DB Server Bug
Oracle on Tuesday unleashed its quarterly critical patch update, which included just two fixes for vulnerabilities in its Oracle Database Server, one of the lower totals seen from the company in recent years. There are a total of 78 patches for a wide variety of Oracle products available today,...
Cloupia End-to-end FlexPod Management - Directory Traversal
Cloupia End-to-end FlexPod Management - Directory Traversal Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes...
Cloupia End-to-end FlexPod Management - Directory Traversal
Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...
Cloupia End-to-end FlexPod Management Directory Traversal
Exploit for jsp platform in category web applications Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides end-to-end FlexPod management and...
Cloupia End-To-End FlexPod Management Directory Traversal
Cloupia End-to-end FlexPod Management - Directory Traversal Vulnerability Advisory Information Advisory ID: KUSTODIAN-2011-011 Date published: Jan 13, 2011 Vulnerability Information Class: Directory Traversal Remotely Exploitable: Yes Locally Exploitable: Yes Software Description Provides...
spamdyke -- Buffer Overflow Vulnerabilities
Secunia reports: Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...
Siemens Scalance S Multiple Security Vulnerabilities
Overview ICS-CERT has received a report from Siemens regarding two security vulnerabilities in the Scalance S Security Module firewall. This vulnerability was reported to Siemens by Adam Hahn and Manimaran Govindarasu for coordinated disclosure. The first issue is a brute-force credential guessin...
Kayako Support Suite 3.70.02 PHP Code Execution
----------------------------------------------------------------- PT-2011-02 Positive Technologies Security Advisory PHP code Injection in Kayako Support Suite ----------------------------------------------------------------- --- Vulnerable software Kayako Support Suite Version: 3.70.02-stable an...
ABB Multiple Components Buffer Overflow
Overview Independent researchers Terry McCorkle and Billy Rios identified a buffer overflow vulnerability in multiple components of the ABB WebWare Server application. These components have been found to contain vulnerabilities in the COM and scripting interfaces. Follow-up investigation by ABB...
Posse Softball Director CMS SQL Injection
.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-=--=-=--=-. Posse Softball Director CMS Blind SQL Injection Vulnerability team.php .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-=--=-=--=-. + Autor: easy laster + Vulnerabilities Blind SQL Injection + Page:...
MyStore Tienda Virtual SQL Injection Vulnerability
Exploit for php platform in category web applications .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. SQL Injection MyStore Tienda Virtual .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Autor: easy laster + Vulnerabilities SQL Injection + Page:...
Dede CMS All Versions SQL Injection Vulnerability
Exploit for php platform in category web applications Dede Cms All Versions Sql Vulnerability Exploit Date: 30/12/2011 - 13:00 Author: CWH | Finded By : Nafsh We Are : Mr.M4st3r , Nafsh , SkoteVahshat , HijaX Support: Cyberwh.org Mail: email protected Software Website: http://www.dedecms.com...
FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)
The Mozilla Project reports : MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...
Carberp and Black Hole Exploit Kit Wreaking Havoc
The Black Hole exploit kit and the Carberp Trojan have a lovely, symbiotic relationship and they’ve recently decided to take that relationship to the next level. In the last month, there has a been a major spike in the volume of Carberp infections related to attacks from sites hosting Black Hole,...
[PT-2011-43] Database information disclosure in Kayako Fusion
---------------------------------------------------------------------- PT-2011-43 Positive Technologies Security Advisory Database information disclosure in Kayako Fusion ---------------------------------------------------------------------- --- Vulnerable software Kayako Fusion Link:...
Apache HTTP Server 403 Error Page UTF-7 Encoded XSS
According to its banner, the version of Apache HTTP Server running on the remote host can be used in cross-site scripting XSS attacks. Making a specially crafted request can inject UTF-7 encoded script code into a 403 response page, resulting in XSS attacks. This is actually a web browser...
V-CMS 1.0 SQL Injection
------------------------------------------------------------------------ Software................V-CMS 1.0 Vulnerability...........SQL Injection Threat Level............Critical 4/5 Download................http://v-cms.org/ Discovery Date..........11/13/2011 Tested On...............Windows Vista ...
Apple OS X Sandbox Predefined Profiles Bypass
No description provided by source. Apple OS X Sandbox Predefined Profiles Bypass 1. Advisory Information Title: Apple OS X Sandbox Predefined Profiles Bypass Advisory ID: CORE-2011-0919 Advisory URL: http://www.coresecurity.com/content/apple-osx-sandbox-bypass Date published: 2011-11-10 Date of...
Apple OS X Sandbox Predefined Profiles Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Apple OS X Sandbox Predefined Profiles Bypass 1. Advisory Information Title: Apple OS X Sandbox Predefined Profiles Bypass Advisory ID: CORE-2011-0919 Advisory URL:...
Memory corruption while profiling using Firebug — Mozilla
Marc Schoenefeld reported a crash when using Firebug to profile a JavaScript file with many functions. It may be possible to trigger this crash without the use of debugging APIs, and if so this could be exploitable...