272 matches found
Sun Microsystems Cross Site Scripting
Title: ====== Sun Microsystems Print - Cross Site Scripting Vulnerability Date: ===== 2012-02-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=404 VL-ID: ===== 404 Introduction: ============= Sun Microsystems, Inc. was a company that sold computers, computer component...
Sun Microsystems (Print) - Cross Site Scripting Vulnerabilities
Sun Microsystems Print - Cross Site Scripting Vulnerabilities Today Ucha Gobejishvili longrifle0x a Pentester from Georgia reported 3 More important Cross Site Scripting Vulnerabilities in Sun Microsystem's and Java Printer Webpages. Java's Vulnerable Link : Click Here Sun's Vulnerable Link 1 :...
Sun Microsystems (Print) - Cross Site Scripting Vulnerability
Document Title: =============== Sun Microsystems Print - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=404 Release Date: ============= 2012-01-31 Vulnerability Laboratory ID VL-ID: ====================================...
Sun Microsystems (Print) - Cross Site Scripting Vulnerability
Document Title: =============== Sun Microsystems Print - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=404 Release Date: ============= 2012-01-31 Vulnerability Laboratory ID VL-ID: ====================================...
MySql.com Site Hacked, Was Serving Malware
The main Web site of MySql.com has been compromised and on Monday afternoon was serving malware to visitors for a short time through the use of JavaScript redirects. The site, which is owned by Oracle, was sending victims off to a remote site that is using the BlackHole exploit kit to install...
CVE-2011-3143
Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified long strings that trigger heap memor...
CVE-2011-3144
Cross-site scripting XSS vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Memory corruption
Use-after-free vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified long strings that trigger heap memor...
CVE-2011-3143
CVE-2011-3143 is a use-after-free in Control Microsystems ClearSCADA 2005/2007/2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9. The vulnerability allows remote attackers to trigger heap memory corruption via unspecified long strings, causing a denial of service crash and pote...
CVE-2011-3144
Cross-site scripting XSS vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 before R2.3 and R1.4, as used in SCX before 67 R4.5 and 68 R3.9, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-3144
CVE-2011-3144 is an XSS vulnerability in Control Microsystems ClearSCADA 2005, 2007, and 2009 up to R2.3 and R1.4, used with SCX up to 67 R4.5 and 68 R3.9. Remote attackers can inject arbitrary web script/HTML via unspecified vectors. Affected components and exact vectors are not detailed in the ...
Oracle Solaris 10回滚补丁文件密码哈希泄露漏洞
CVE ID: CVE-2011-0412 Solaris是Sun Microsystems研发的计算机操作系统。 Oracle Solaris 10回滚补丁文件undo.Z包含未授权用户可读的密码哈希,本地用户可通过此漏洞泄露敏感信息。 此安全漏洞源于某些软件包的/var/sadm/pkg/pkgname/save/patchid/以不安全方式存储了"undo.Z"回滚文件,可导致提取包含root和其他用户的密码哈希的文件。 Sun Solaris 10.0 厂商补丁: Sun --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Solaris 8 (x86) : 110663-26
SunOS 5.8x86: ksh patch. Date this patch was last updated by Sun : Apr/06/11 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/09/17. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...
Sun.com (Oracle Sun Microsystems) vulnerable to SQL Injection
Sun.com Oracle Sun Microsystems vulnerable to SQL Injection Sun Microsystems, Inc. was a company selling computers, computer components, computer software, and information technology services. Sun was founded on February 24, 1982. Prior to the acquistition by Oracle its headquarters were in Santa...
Multiple Vendors Calendar Manager RPC Service Memory Corruption (CVE-2010-4435)
A memory corruption vulnerability has been reported in IBM's, Hewlett-Packard's and Sun Microsystems calendar manager product. The vulnerability is due to an error in the Calendar Manager Service Daemon rpc.cmsd when handling RPC requests...
Dozens of SCADA Exploits, Proof-of-concept Code Published
Exploits for scores of vulnerabilities in supervisory control and data acquisition software SCADA were made public on Monday, according to a report by The Register. 34 holes were published on Seclists.org’s Bugtraq mailing list for programs by Siemens, Iconics, 7-Technologies, Datac and Control...
ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability
ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-062 February 8, 2011 -- CVE ID: CVE-2010-4435 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard IBM Sun Microsystems -- Affect...
CVE-2011-0902
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
Path traversal
Multiple untrusted search path vulnerabilities in the Java Service in Sun Microsystems SunScreen Firewall on SunOS 5.9 allow local users to execute arbitrary code via a modified 1 PATH or 2 LDLIBRARYPATH environment variable...
CVE-2011-0902
CVE-2011-0902 relates to untrusted search path vulnerabilities in the Java Service of Sun Microsystems SunScreen Firewall on SunOS 5.9. The flaw allows local users to execute arbitrary code by manipulating environment variables PATH or LD_LIBRARY_PATH. The provided connected documents reiterate t...