234 matches found
Microsoft Internet Explorer Improper Ref Counting Use-After-Free Remote Code Execution Vulnerability
Description Microsoft Internet Explorer is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
java-1.7.0-openjdk security and bug fix update
1.7.0.5-2.2.1.0.1.el6 - Modify DISTRONAME for Oracle 1.7.0.5-2.2.1.el6 - Updated priority to be 17000 and to depend on buildver variable - Variable buildver increased to 5 as it should be - Resolves: rhbz828759 1.7.0.3-2.2.1.el6 - Used newly prepared tarball with security fixes - Bump to...
Internet Systems Consortium Releases BIND-P1 Patches
The Internet Systems Consortium has released updates for BIND to address a vulnerability. This vulnerability may allow an attacker to cause a denial-of-service condition. Please refer to the Internet Systems Consortium advisory for additional information. US-CERT recommends that administrators of...
Oracle Java SE Multiple Vulnerabilities - Linux
Sun Java SE is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sun:jre"; ifdescription...
How to Get Owned in One Easy Step
As 2009 draws to a close, one thing has become clear: The most dangerous piece of software on your PC isn’t a banking Trojan or a bot; it’s your Web browser. The Web browser has become the main focal point of attackers’ attention and the frequency with which new vulnerabilities are found in all o...
[DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection
Digital Security Research Group DSecRG Advisory DSECRG-09-010 http://dsecrg.com/pages/vul/show.php?id=110 Application: Oracle Database 10G Versions Affected: Oracle 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 Vendor URL: http://oracle.com Bugs: PL/SQL Injections Exploits: YES Reported: 29.01.2008 Vend...
ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-09-059 -- CVE ID: CVE-2009-1978 -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- Vulnerability Details: This vulnerability...
Microsoft Office Works for Windows Document Converters Remote Code Execution Vulnerability
Description Microsoft Office Works for Windows document converters are prone to a remote code-execution vulnerability because the application fails to properly handle specially crafted files. An attacker could exploit this issue by enticing a victim to open a malicious '.wps' file. Successful...
Solaris 9 (x86) : 116569-99
Messaging Server 6.1x86: core patch. Date this patch was last updated by Sun : Feb/09/05 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if descriptio...
Solaris 4 (x86) : 104185-04
CDE 1.0.2x86: dtmail fixes. Date this patch was last updated by Sun : Dec/27/99 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 4 (x86) : 104663-10
CDE 1.0.2x86: dtfile patch. Date this patch was last updated by Sun : Apr/22/99 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 8 (sparc) : 120954-12
AM 7.0: Sun Java System Access Manager 2005Q4. Date this patch was last updated by Sun : Nov/03/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Oracle RDBms 10.2.0.311.1.0.6 - TNS Listener (PoC)
Oracle RDBms 10.2.0.311.1.0.6 - TNS Listener PoC TNS Listener Oracle RDBMS exploit, cause trap in Listener process more precisely: in function memcpy called from ncrfintn function which is located in oranro11.dll Successfully working with Oracle RDBMS Win32 11.1.0.6.0 and Oracle RDBMS Win32...
Oracle shops don't mandate use of security patches
A lack of corporate mandates to quickly install Oracle Corp.’s security patches may be leaving many Oracle database installations exposed to vulnerabilities for extended periods of time, according to survey results released last week. From the article: In a pair of online surveys jointly conducte...
Digital Security Research Group [DSecRG] Advisory #DSECRG-09-001
Digital Security Research Group DSecRG Advisory DSECRG-09-001 Application: Oracle Application Server SOA Versions Affected: Oracle Application Server SOA version 10.1.3.1.0 Vendor URL: http://www.oracle.com Bugs: XSS Exploits: YES Reported: 10.01.2008 Vendor response: 11.01.2008 Date of Public...
Solaris 9 (x86) : 119725-06
Sun JavaTM System LDAP Java Development Kit 4.21: patch for Sola. Date this patch was last updated by Sun : Sep/19/08 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc';...
Solaris 9 (sparc) : 121657-54
Calendar Server SunOS 5.9 5.10: Core patch. Date this patch was last updated by Sun : Aug/14/13 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)
No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by:  ...
Oracle 10g R1 pitrig_drop PLSQL Injection (get users hash)
No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGDROP / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: &...
The Trojan uses the“free kill”evading anti-virus techniques-vulnerability warning-the black bar safety net
Today, talk about horses can be described as color change. Trojan indeed than the conventional virus more ruthless, monitoring your operation, devouring your privacy, destroy your data. We install the latest antivirus software and daily patch updates, and the firewall is always protected, but why...