Fedora 17 : java-1.7.0-openjdk-1.7.0.3-2.2.1.fc17.8 (2012-9590)

S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel stability improveme...

CVE-2012-3557

CVE-2012-3557 affects Opera prior to 11.65. The issue is improper restriction in reading JSON strings, enabling a crafted site to trigger cross-domain loading of JSON resources and potentially disclose sensitive information. The vulnerability is associated with Opera’s JSON handling; affected pla...

CVE-2011-1768

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

Code injection

The tunnels implementation in the Linux kernel before 2.6.34, when tunnel functionality is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

Code injection

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

CVE-2011-1767

net/ipv4/ipgre.c in the Linux kernel before 2.6.34, when ipgre is configured as a module, allows remote attackers to cause a denial of service OOPS by sending a packet during module loading...

CVE-2011-1768

The CVE-2011-1768 entry affects the Linux kernel, specifically the tunnels implementation. It states that when tunnel functionality is compiled as a module (pre-2.6.34), a remote attacker can trigger a denial of service (OOPS) by sending a packet during module loading. This is tied to the kernel’...

Mictosoft Lync multiple security vulnerabilities

Font parsing vulnerabilities, unsafe DLL loading, crossite scripting...

ZDI-12-081 : Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-081 : Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-081 June 6, 2012 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Oracle - --...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...

CVE-2012-1849

Untrusted search path vulnerability in Microsoft Lync 2010, 2010 Attendee, and 2010 Attendant allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .ocsmeet file, aka "Lync Insecure Library Loading...

Microsoft Lync CVE-2012-1849 DLL Loading Arbitrary Code Execution Vulnerability

Description Microsoft Lync is prone to vulnerability that lets attackers execute arbitrary code. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location which contains a specially crafted Dynamic Link Library...

Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the Java GlueGen library...

Oracle Java OpenGL Arbitrary Native Library Loading Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the Java OpenGL JOGL...

CVE-2012-1942

The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context...

WellinTech KingView 6.53 < 2012-03-22 Multiple Vulnerabilities

Binary data scadakingview6532012-03-22.nbin...

Hexamail Server 4.4.5 Cross Site Scripting

Title: Hexamail Server meal.txt XSS pop up alert'Hi, what is this?'; root@bt:/ Send email to the victim: root@bt:/ sendemail -f [email protected] -t [email protected] -xu [email protected] \ -xp bob123 -u "Want some meal..?" -o message-file=meal.txt -s mail.examp...

rmi-vuln-classloader NSE Script

Tests whether Java rmiregistry allows class loading. The default configuration of rmiregistry allows loading classes from remote URLs, which can lead to remote code execution. The vendor Oracle/Sun classifies this as a design feature. Based on original Metasploit module by mihi. References: Scrip...

Through the Zend directory permissions are not strict get execute permissions-bug warning-the black bar safety net

On the server a lot have installed Zend Even if C:\Program Files\ set permissions, install Zend, Zend will auto-configure directory permissions C:\Program Files\Zend\ZendOptimizer-3.3.0\ under the directory permissions for the Everyone full,which leads to the intruder can be written into the file...

Google Chrome < 19.0.1084.46 Multiple Vulnerabilities

Binary data 800898.prm...