EUVD-2009-2643

Malware in sbrugna...

cargo-download.iata.org Cross Site Scripting vulnerability OBB-3108869

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Airline DMARC Policies Lag, Opening Flyers to Email Fraud

More than half of global airlines do not have DMARC policies in place, opening their customers up to email fraud attacks, a new report found. DMARC Domain-based Message Authentication, Reporting & Conformance is considered the industry standard for email authentication to prevent attackers from...

iata.biz XSS vulnerability

Open Bug Bounty ID: OBB-533437 Description| Value ---|--- Affected Website:| iata.biz Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:| Coordinated Disclosure based on I...

portal.iata.org XSS vulnerability

Vulnerable URL: http://portal.iata.org/faq/pkbHome?l=%3C/title%3E%3C/script/%22-alert%280%29-%22--%3E%22%3E%3Csvg/onload=prompt%28/OPENBUGBOUNTY/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly...

iata.org XSS vulnerability

Vulnerable URL: http://www.iata.org/whatwedo/passenger/tariffs/Pages/multilateral-interline-system.aspx?x" Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:16 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

iata.org XSS vulnerability

Vulnerable URL: http://www.iata.org/whatwedo/workgroups/pages/calendar.aspx?x" Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:16 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 23472 Google Pagerank| 0 VIP...

iata.org XSS vulnerability

Vulnerable URL: http://www.iata.org/whatwedo/workgroups/pages/index.aspx?x" Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:16 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 23472 Google Pagerank| 0 VIP...

iata.org XSS vulnerability

Vulnerable URL: http://www.iata.org/about/members/Pages/airline-list.aspx?All=true'-alert/XSSPOSED/-' Details: Description| Value ---|--- Patched:| Yes, at 30.01.2016 Latest check for patch:| 30.01.2016 23:16 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 23472...

FreeBSD IATA驱动本地拒绝服务漏洞

CVECAN ID: CVE-2009-2649 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 FreeBSD所使用的IATA（ATA）驱动中存在安全漏洞。如果本地用户能够读访问/dev的话，就可以通过特制的IOCTL请求触发用很大的值调用malloc，导致内核忙碌。 FreeBSD FreeBSD 8.0 FreeBSD FreeBSD 6.0 厂商补丁： FreeBSD ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Cross site request forgery (csrf)

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

CVE-2009-2649

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...

CVE-2009-2649

The IATA ata driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service kernel panic via a certain IOCTL request with a large count, which triggers a malloc call with a large value...