673 matches found
DEBIAN-CVE-2013-1990
Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XvMCListSurfaceTypes and 2 XvMCListSubpictureTypes functions...
Fedora Update for mc FEDORA-2012-19349
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 17 : mc-4.8.6-2.fc17 (2012-19349)
sanitize of MCEXTSELECTED variable when viewing multiple files, CVE-2012-4463 862814 https://www.midnight-commander.org/ticket/2913 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
CVE-2012-4463
Affected software: GNU Midnight Commander (mc) 4.8.5 and similar releases. Vulnerability: improper handling/sanitization of environment variables MC_EXT_SELECTED and MC_EXT_ONLYTAGGED when multiple files are selected, enabling a user‑assisted remote attacker to execute arbitrary commands via a cr...
Slackware: Security Advisory (SSA:2004-136-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandrake Linux Security Advisory : mc (MDKSA-2000:078)
A problem was found in the cons.saver program by Maurycy Prodeus. The cons.saver program is a screensaver for the console that is included in the mc package. cons.saver does not check if it is started with a valid stdout, which combined with a bug in its check to see if its argument is a tty it...
Microsoft Office 2008 SP0 (Mac) - RTF pFragments
RTF Pfragments exploit for MAC office 2008 Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Office 2007 for MC SP 0...
Sielco Sistemi Winlog Buffer Overflow
$Id: winlogruntime.rb 13000 2011-06-21 22:42:53Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
XSS, AoF и IAA уязвимости в MC Content Manager
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: Уязвимости на страницах регистрации и восстановления пароля. http://websecurity.com.ua/uploads/2011/MC20Content20Manager20XSS.html...
MC Content Manager 10.1.1 Cross Site Scripting
Hello list! I want to warn you about Cross-Site Scripting, Abuse of Functionality and Insufficient Anti-automation vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions o...
Balitbang CMS 3.3 - Multiple Vulnerabilities
!===========================================================================! CMS Balitbang Edit File Vulnerability Author : Xr0b0t [email protected] Homepage : www.indonesiancoder.com | xrobot.mobi | mc-crew.net | exploit-id.com Date : 18 Mart, 2010 Tested on : BlackBuntu RC2...
Cross-Site Scripting уязвимости в MC Content Manager
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: POST запрос на странице http://site/ru/cms/search "scriptalertdocument.cookie/script В поле поиска. XSS WASC-08:...
MC Content Manager Cross Site Scripting
Hello list! I want to warn you about Cross-Site Scripting vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are previous versions of MC Content Manager before version v.10.1.1. ---------- Details...
MC Content Manager Path Disclosure / SQL Injection
------------------------- Affected products: ------------------------- Vulnerable are only not the latest versions of MC Content Manager. ---------- Details: ---------- Full path disclosure WASC-13: http://site/article.php?root=a SQL Injection WASC-19:...
Full path disclosure и SQL Injection уязвимости в MC Content Manager
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Full path disclosure и SQL Injection уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. Full path disclosure WASC-13: http://site/article.php?root=a SQL Injection WASC-19: http://site/article.php?root=-120and20version=4...
Уязвимости в xAjax и xajax_jquery_plugin
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Full path disclosure уязвимостях в xAjax и xajaxjqueryplugin. XSS WASC-08: http://site/cms/’;alertdocument.cookie;/ Это DOM Based XSS. Данная уязвимость в частности имеет место в MC Content Manager которая использует xAjax...
xAjax Cross Site Scripting / Path Disclosure
Hello list! I want to warn you about Cross-Site Scripting and Full path disclosure vulnerabilities in xAjax and xajaxjqueryplugin. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions of xAjax. Vulnerable are all versions of...
Vulnerabilities in MC Content Manager
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Cross-Site Scripting, Brute Force и Full path disclosure уязвимостях в MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: http://site/cms/’;alertdocument.cookie;/ Brute Force WASC-11: http://site/admin/ Full path disclosure WASC-13:...
MC Content Manager 10.1.1 Cross Site Scripting / Path Disclosure
Hello list! I want to warn you about Cross-Site Scripting, Brute Force and Full path disclosure vulnerabilities in MC Content Manager. It's Ukrainian commercial CMS. ------------------------- Affected products: ------------------------- Vulnerable are potentially all versions of MC Content Manage...
Amitabh Bacchan's fan website hacked by 'Cyber Stonepelters Force' !
A group of hackers, claiming to be from Kashmir, on Thursday night hacked a website dedicated to the Bollywood superstar, Amitabh Bacchan. The group calling itself 'Cyber Stone Pelters Force or Cyber Sangbaaz Force' hacked www. amitabhbachchanonline.com last night and posted pro-independence,...