157 matches found
DEBIAN-CVE-2014-6268
The evtchnfifosetpending function in Xen 4.4.x allows local guest users to cause a denial of service host crash via vectors involving an uninitialized FIFO-based event channel control block when 1 binding or 2 moving an event to a different VCPU...
CVE-2014-6268
The evtchnfifosetpending function in Xen 4.4.x allows local guest users to cause a denial of service host crash via vectors involving an uninitialized FIFO-based event channel control block when 1 binding or 2 moving an event to a different VCPU...
SquirrelMail 1.2.11 move_messages.php Arbitrary File Moving
No description provided by source. source: http://www.securityfocus.com/bid/7952/info Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation. The problems appear to occur due to insufficient sanitization...
WordPress Plugin BP Group Documents 1.2.1 - Multiple Vulnerabilities
Details ================ Software: BP Group Documents Version: 1.2.1 Homepage: http://wordpress.org/plugins/bp-group-documents/ CVSS: 8 High; AV:N/AC:L/Au:S/C:P/I:P/A:C Description ================ Stored XSS vulnerability in BP Group Documents 1.2.1 Vulnerability ================ “Display name”...
Researchers Reverse Engineer Dropbox
Researchers have cracked open cloud storage service Dropbox, reverse engineering the encryption protecting the client in order to open it up to further security analysis. The engineers, Dhiru Kholia of Openwall and Przemyslaw Wegrzyn of CodePainters, also managed to demonstrate how to use...
Debian DSA-2500-1 : mantis - several vulnerabilities
Several vulnerabilities were discovered in Mantis, an issue tracking system. - CVE-2012-1118 Mantis installation in which the privatebugviewthreshold configuration option has been set to an array value do not properly enforce bug viewing restrictions. - CVE-2012-1119 Copy/clone bug report actions...
How to Move the VBRCatalog Folder
Purpose This article documents the procedure for moving the VBRCatalog folder. Solution VBRCatalog Location Requirements The VBRCatalog folder must be on the root of a given drive letter. Example: C:\VBRCatalog\ or D:\VBRCatalog\ The VBRCatalog cannot be redirected to a CIFS share or mapped netwo...
Inside the Business of Malware
Malware is big business. Malware writers and attackers are just the most visible parts of the ecosystem; there are many invisible moving parts behind the scenes that are rarely seen or described. Now, a complete picture of the business model and inner workings of the malware industrial complex is...
Concrete CMS 5.4.1.1 XSS / Code Execution
!/usr/bin/python Concrete CMS v5.4.1.1 xss/remote code execution exploit Download: http://www.concrete5.org/ Special Zeitgeist pre release - "Moving Forward" - 15th Jan 2011 "They must find it difficult, those who take authority as the truth instead of truth as the authority"...
Joomla Bookmarks Cross Site Scripting
x Joomla Component Bookmarks x Date: 16/05/2010 x Author: s4r4d0 x Contact: [email protected] x Team: Fatal Error x Bug: XSS on Component Bookmarks x Example: http://www.site.com/index.php?option=combookmarks=XSS x Demo:http://www.movinganthropology.de/index.php?option=combookmarks="XSS By Fatal...
ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability
ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-063 April 5, 2010 -- CVE ID: CVE-2010-1121 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- TippingPointTM IPS Customer...
CVE-2009-3387
Bugzilla 3.3.1 through 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote attackers to obtain sensitive information via a request for a bug in opportunistic circumstances...
Moving-2 0 0 6 a few small flaws-vulnerability warning-the black bar safety net
The author of the article: the falling leaves swirlingJJSEX Information source: http://hi.baidu.com/jluoye Now they move easy companies are taking action easy content management system open source, Hey However with the move-2 0 0 6 people is still a lot, my hand on the SWI 0day almost never used,...
CVE-2008-4108
Tools/faqwiz/move-faqwiz.sh aka the generic FAQ wizard moving tool in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directo...
CVE-2008-4108
Tools/faqwiz/move-faqwiz.sh aka the generic FAQ wizard moving tool in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directo...
CVE-2008-4108
Tools/faqwiz/move-faqwiz.sh aka the generic FAQ wizard moving tool in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directo...
CVE-2008-4108
Tools/faqwiz/move-faqwiz.sh aka the generic FAQ wizard moving tool in Python 2.4.5 might allow local users to overwrite arbitrary files via a symlink attack on a tmp$RANDOM.tmp temporary file. NOTE: there may not be common usage scenarios in which tmp$RANDOM.tmp is located in an untrusted directo...