5622 matches found
WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities
WeBid - Multiple Cross-Site Scripting LDAP Injection Vulnerabilities source: https://www.securityfocus.com/bid/68519/info WeBid is prone to multiple cross-site-scripting vulnerabilities and an LDAP injection vulnerability. An attacker may leverage these issues to compromise the application, acces...
ARM Loader Port 0x1337
No description provided by source. / Title: arm-loader Brief: Bind port 0x1337 on any local interface, listen for a connection receive a payload, and pass execution to it Author: Daniel Godas-Lopez gmail account dgodas / / socdes = socketAFINET, SOCKSTREAM, IPPROTOTCP; / mov %r0, $2 / AFINET / mo...
Rational ClearCase 3.2/4.x DB Loader TERM Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a local user gaining elevated privileges. The...
Vikingboard <= 0.2 Beta (task) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Vikingboard = 0.2 Beta Local File Inclusion Vulnerability Script: Vikingboard is a PHP-based discussi...
Puzzle Apps CMS 3.2 - Local File Inclusion
No description provided by source. ------------------------------------------------------------------------ Software................ Puzzle Apps CMS 3.2 Vulnerability........... Local File Inclusion Site.................... http://www.puzzleapps.org/ Download Link...
Linux Kernel < 2.4.20 Module Loader Local Root Exploit
No description provided by source. / Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include stdio.h include stdlib.h include signal.h include fcntl.h include errno.h include unistd.h include sys/types.h include sys/stat.h include sys/ptrace.h include sys/wait.h...
TERASOLUNA Server Framework for Java(Web) vulnerable to ClassLoader manipulation
Overview TERASOLUNA Server Framework for JavaWeb provided by NTT DATA Corporation is a software framework for creating Java web applications. TERASOLUNA Server Framework for JavaWeb bundles Apache Struts 1.2.9, which contains a vulnerability where the ClassLoader may be manipulated CVE-2014-0114...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0715-1)
update to 1.3.2 bnc815596 - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin is...
openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)
This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0897-1)
update to 1.3.2 bnc815596 - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin is...
openSUSE Security Update : gdk-pixbuf-loader-rsvg (openSUSE-SU-2011:1090-1)
Specially crafted SVG files could make librsvg dereference a function pointer which potentially allows to execute arbitrary code CVE-2011-3146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : libmodplug (openSUSE-SU-2011:0943-1)
This update of libmodplug0 fixes the following issues : 1 An integer overflow error exists within the 'CSoundFile::ReadWav' function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted W...
openSUSE Security Update : gdk-pixbuf-loader-rsvg (openSUSE-SU-2011:1090-1)
Specially crafted SVG files could make librsvg dereference a function pointer which potentially allows to execute arbitrary code CVE-2011-3146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...
OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...
OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: incorrect caching of data initialized via TCCL (JAXB, 8025030)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXB...
OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...
OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026188)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0452 and CVE-2014-0458...
OpenJDK: incorrect caching of data initialized via TCCL (JAXWS, 8026801)
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS, a different vulnerability than CVE-2014-0458 and CVE-2014-2423...