OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities

Document Title: =============== OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-15 Vulnerability Laboratory ID VL-ID: ==================================== 101 Product & Service Introduction: =============================== One Click Folder Protecti...

OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities

Document Title: =============== OmniSecure v7.x DLX - Multiple SQL Injection Vulnerabilities Release Date: ============= 2011-07-15 Vulnerability Laboratory ID VL-ID: ==================================== 101 Product & Service Introduction: =============================== One Click Folder Protecti...

SA-CONTRIB-2011-023 - Prepopulate - Multiple vulnerabilities

The Prepopulate module enables pre-populating forms in Drupal using the $REQUEST vairable. The module does not adequately validate user input leading to an cross-site scripting XSS possibility in certain circumstances. Users privileged to use forms with certain form fields can insert arbitrary HT...

Google Chrome < 11.0.696.57 Multiple Vulnerabilities (May 2011) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-0067

CVE-2011-0067 affects Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14. It stems from improper autocompletion for forms, allowing a Java applet to spoof interaction with autocomplete controls to read form history entries. Mitigation in the connected documents sho...

CVE-2011-1456

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

Design/Logic Flaw

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

CVE-2011-1456

CVE-2011-1456 affects Google Chrome earlier than 11.0.696.57. The vulnerability arises from Chrome’s handling of PDF forms, allowing remote attackers to cause a denial of service or potentially other unspecified impact via vectors that lead to “stale pointers.” Exploitation details are not provid...

CVE-2011-1456

Removed by vendor...

CVE-2011-1456

Google Chrome before 11.0.696.57 does not properly handle PDF forms, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to "stale pointers."...

CVE-2010-3260

oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...

Design/Logic Flaw

oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...

CVE-2010-3260

oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaratio...

Sqlmap v.0.9 - automatic SQL injection and database takeover tool !

Sqlmap v.0.9 - automatic SQL injection and database takeover tool ! sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a kick-ass detection engine, many niche features for...

JVN#97334690: IBM Lotus vulnerable to denial-of-service (DoS)

IBM Lotus product line contains a denial-of-service DoS vulnerability due to an issue in Java Runtime Environment JRE. Impact A remote attacker may cause a denial-of-service DoS. Solution Apply a patch Apply the appropriate patch according to the information provided by the developer. Products...

CVE-2011-1111

Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

Code injection

Google Chrome before 9.0.597.107 does not properly implement forms controls, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via unknown vectors...

CVE-2011-1111

CVE-2011-1111 affects Google Chrome before 9.0.597.107. The issue arises from improper implementation of forms controls, enabling a remote attacker to cause a denial of service (application crash) or possibly other unspecified impact via unknown vectors. Connected documents confirm Chrome is vuln...

CVE-2011-1111

Removed by vendor...

Google Fixes 19 Bugs in Chrome, Pays $14K in Bug Bounties

Google has released version 9.0.597.107 of its Chrome browser, fixing 19 security vulnerabilities and paying $14,000 in rewards to researchers in the process. The new version of Chrome, which Google released on Monday afternoon, includes fixes for 16 high-severity vulnerabilities and three bugs...