EUVD-2007-4804

Malware in sbrugna...

CVE-2007-5020

Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher...

Information disclosure

An unspecified function in the JavaScript implementation in Apple Safari creates and exposes a "temporary footprint" when there is a current login to a web site, which makes it easier for remote attackers to trick a user into acting upon a spoofed pop-up message, aka an "in-session phishing...

CVE-2009-0123

Apple Safari on Mac OS X 10.5 and Windows is affected by an information-disclosure vulnerability tied to RSS feed URL types (feed, feeds, feedsearch) that can allow remote attackers to read arbitrary files on a client. The associated OpenVAS/NVD entries label this as a RSS Feed Information Disclo...

CVE-2008-3553

Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague...

CVE-2008-3553

Multiple unspecified vulnerabilities in Nokia Series 40 3rd edition devices allow remote attackers to execute arbitrary code via unknown vectors, probably related to MIDP privilege escalation and persistent MIDlets, aka "ISSUES 3-10." NOTE: as of 20080807, the only disclosure is a vague...

Design/Logic Flaw

Unspecified vulnerability in BitDefender allows attackers to execute arbitrary code via unspecified vectors, aka EEYEB-20071024. NOTE: as of 20071029, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigne...

Buffer overflow

Oracle allows remote attackers to obtain server memory contents via crafted packets, aka Oracle reference number 7892711. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE...

Command injection

Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague...

CVE-2007-5560

Heap-based buffer overflow in the Juniper HTTP Service allows remote attackers to execute arbitrary code via a crafted HTTP packet. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being...

Buffer overflow

Multiple buffer overflows in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory...

CVE-2007-4824

Multiple cross-application scripting XAS vulnerabilities in Google Picasa have unspecified attack vectors and impact. NOTE: this information is based upon a vague pre-advisory...

Digital Armaments Security Pre-Advisory 11.01.2007: Grsecurity Kernel PaX - Local root vulnerability

Digital Armaments pre-advisory is 01.10.2007 http://www.digitalarmaments.com/pre2007-00018659.html Digital Armaments realease pre-advisory of vulnerabilties and exploit avaiable only to Platinum Subscriptors. The full-advisory will might be released to the public after 6 months. I. Background...

CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Remote Arbitrary File Removal

The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSRemoteArbitraryFileRemoval.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Remote Arbitrary File Removal ==================...

CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) Undocumented Features

The following pre-advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSEC-SecurityPre-AdvisorySAPIGSUndocumentedFeatures.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: SAP Internet Graphics Service IGS Undocumented Features ================== Vulnerability...

CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityPre-AdvisoryArbitraryFileReadorDeleteinSAPBC.pdf CYBSEC S.A. www.cybsec.com Pre-Advisory Name: Arbitrary File Read/Delete in SAP BC Business Connector Vulnerability Class: Improper Inp...