CVE-2015-0845

The CVE-2015-0845 vulnerability affects Movable Type family (Pro, Open Source, Advanced) with a format-string injection in the localisation of templates, enabling unauthenticated remote code execution as the web server user. Publicly documented activity indicates exploitation via template localiz...

CVE-2015-0845

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related to localization of templates...

CVE-2015-1142

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

Code injection

LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service Finder crash via crafted localization data...

CVE-2015-1142

CVE-2015-1142 affects Apple OS X LaunchServices prior to 10.10.3, where crafted localization data can trigger a local denial-of-service (Finder crash). The NVD entry lists the impact as Denial of Service with partial availability impact, and the recommended remediation is to update to the latest ...

CVE-2 0 1 1-2 4 6 1 principles of analysis and case studies-vulnerability and early warning-the black bar safety net

0x00 vulnerability background From the CVE numbers it can be seen that this vulnerability has been for some years 1。 Because this vulnerability occurs in the Flex SDK, rather than the Flash Player. So for developers, as long as they used to have the defects of the Flex SDK to compile FLASH, then ...

Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability

Document Title: =============== Wifi Drive Pro v1.2 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1447 Release Date: ============= 2015-03-13 Vulnerability Laboratory ID VL-ID: ====================================...

Ghiro 0.2 - Automated Digital Image Forensics Tool

Sometime forensic investigators need to process digital images as evidence. There are some tools around, otherwise it is difficult to deal with forensic analysis with lot of images involved. Images contain tons of information, Ghiro extracts these information from provided images and display them...

CVE-2014-3627

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...

CVE-2014-3627

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during...

Backend Localization 1.6.1 - wp-login.php kau-boys_backend_localization_language Parameter XSS

The Backend Localization WordPress plugin was affected by a wp-login.php kau-boysbackendlocalizationlanguage Parameter XSS security vulnerability...

Oracle Solaris Critical Patch Update : jan2014_SRU11_1_15_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Localization L10N. The supported version that is affected is 11.1. Difficult to exploit vulnerability requiring...

Foswiki MAKETEXT Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0893-1)

Changes in icedtea-web with update to 1.4 bnc818768 : - Added cs, de, pl localization - Splash screen for javaws and plugin - Better error reporting for plugin via Error-splash-screen - All IcedTea-Web dialogues are centered to middle of active screen - Download indicator made compact for more th...

openSUSE Security Update : roundcubemail (openSUSE-SU-2014:0365-1)

roundcubemail was updated to 0.9.5 to fix bugs and security issues. Fixed security issues : - CVE-2013-6172: vulnerability in handling session argument of utils/save-prefs New upstream release 0.9.5 bnc847179 CVE-2013-6172 - Fix failing vCard import when email address field contains spaces - Fix...

Localize: XSS in main page (invitation)

If a project name is saved with a XSS string such as: “!-- and a translator visits and requests and invite, it'll result in the xss executing in the main page, due to the fact that it shows your requests. Screen: http://prntscr.com/3awwuv...

Fedora Update for perltidy FEDORA-2014-3891

Check for the Version of perltidy OpenVAS Vulnerability Test Fedora Update for perltidy FEDORA-2014-3891 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for perltidy FEDORA-2014-3874

Check for the Version of perltidy OpenVAS Vulnerability Test Fedora Update for perltidy FEDORA-2014-3874 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Perl, Locale Maketext Perl module: Multiple vulnerabilities

Background Perl is Larry Wall’s Practical Extraction and Report Language. Locale::Maketext is a Perl module - framework for localization. Description Multiple vulnerabilities have been discovered in Perl and Locale::Maketext Perl module. Please review the CVE identifiers referenced below for...

Fedora Update for rubygem-i18n FEDORA-2013-23062

Check for the Version of rubygem-i18n OpenVAS Vulnerability Test Fedora Update for rubygem-i18n FEDORA-2013-23062 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...