Lucene search
K

551 matches found

securityvulns
securityvulns
added 2007/02/25 12:0 a.m.69 views

Advisory 03/2007: Multiple Browsers Cross Domain Charset Inheritance Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple Browsers Cross Domain Charset Inheritance Vulnerability Release Date: 2007/02/23 Last Modified: 2007/02/23 Author: Stefan Esser [email protected] Application:...

6.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/02/24 2:41 a.m.6 views

security flaw

The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

5.8CVSS7.3AI score0.02058EPSS
Exploits0References4
security_vulns
security_vulns
added 2007/01/01 12:0 a.m.11 views

QQLan : XSS - WEB = Cross-Applications Scripting

July 25, 2005| coded by [email protected] XSS - WEB = Cross-Applications Scripting Buffer overflows are getting tough now. Users have set up all sorts of "personal firewalls", compilers are introducing all sorts of tricky preprocessors that go crazy at the sight of strcpy and control overwriting...

5.7AI score
Exploits0
NVD
NVD
added 2006/12/20 12:28 a.m.20 views

CVE-2006-6641

Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001179060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple...

7.5CVSS6.6AI score0.02489EPSS
Exploits0References8
CVE
CVE
added 2006/12/20 12:0 a.m.46 views

CVE-2006-6641

CA CleverPath Portal before maintenance 4.71.001_179_060830 (and related products BrightStor Portal r11.1, CleverPath Aion BPM r10–r10.2, eTrust Security Command Center r1/r8, Unicenter) is affected by a vulnerability where multiple Portal servers sharing a single data store can cause a Portal us...

7.5CVSS7AI score0.02489EPSS
Exploits0References8Affected Software11
myhack58
myhack58
added 2006/11/28 12:0 a.m.52 views

Hack tricks with QQ skin to do a backdoor invasion-vulnerability warning-the black bar safety net

A few days ago lcx prompted to say and QQ overflow vulnerability, and then suddenly the reminders I used to have a few QQ. vbs file didn't seriously go read it. So into the directory looking for it, this look does not matter Ah, almost weighs that. The original We for QQ of operation is like this...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.24 views

BEA WebLogic Server/WebLogic Express Java RMI不正确会话继承漏洞

BEA Systems WebLogic包含多种应用系统集成方案,包括Server/Express/Integration等。 BEA WebLogic的对Java Remote Method Invocation RMI文档描述存在问题,遵从此文档开发的产品可导致权限提升问题。 问题发生在当客户多次以不同用户登录WebLogic服务器时,文档描述客户的行为是:当RMI请求提交时是没有当前用户关联客户线程的,这对RMI通过T3协议来说是正确的,但针对RMI通过IIOP协议走的情况下是不正确的,任意依赖此文档描述的行为可导致在RMI调用中获得其他用户的验证信息。 BEA Systems...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2004/05/08 12:0 a.m.35 views

Bug in IO bitmap handling? Probably exploitable (2.6.5)

Hello. The attached is the small program that tries to write 0x20 to port 0x20. Normally this should cause SIGSEGV, so the program should crash. I think there is a bug in the 2.6 kernels though, which makes it to not crash if some trivial conditions are met. Basically it seems that if any process...

Exploits0
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.32 views

CVE-2001-0739

Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges...

6.5AI score0.00393EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2001/12/31 12:0 a.m.5 views

PT-2001-2600 · Microsoft · Windows 2000 Sp1

Name of the Vulnerable Software and Affected Versions: Windows 2000 SP1 Description: The issue arises when Macintosh clients use NT file system volumes on Windows 2000 SP1. In this scenario, the creation of subdirectories automatically modifies the inherited NTFS permissions, potentially resultin...

7.5CVSS6.3AI score0.04004EPSS
Exploits0References4
exploitpack
exploitpack
added 2000/10/18 12:0 a.m.14 views

Oracle Internet Directory 2.0.6 - oidldap

Oracle Internet Directory 2.0.6 - oidldap // source: https://www.securityfocus.com/bid/1828/info Oracle Internet Directory 2.0.6 is a pre-alpha development release, available as both an addon package and in the Oracle Database Software release 8.1.6. A vulnerability has been found in the oidldap...

0.3AI score
Exploits0
Rows per page
Query Builder