7974 matches found
Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow
====================================================================== Secunia Research 31/03/2010 - Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow - ====================================================================== Table of Contents Affected...
Simple Machines Forum 1.1.11 Session Fixation
======================================================================================== | Title : Simple Machines Forum 1.1.11 Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.sec-war.com | Web Site : http://www.simplemachines.org/ | Dork : Powered by SMF...
Dangling pointer vulnerability in nsPluginArray — Mozilla
Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could resu...
afp-path-vuln NSE Script
Detects the Mac OS X AFP directory traversal vulnerability, CVE-2010-0533. This script attempts to iterate over all AFP shares on the remote host. For each share it attempts to access the parent directory by exploiting the directory traversal vulnerability as described in CVE-2010-0533. The scrip...
Employee TimeClock Software 0.99 - SQL Injection
Employee TimeClock Software 0.99 - SQL Injection source: http://www.securityfocus.com/archive/1/509995 ====================================================================== Secunia Research 10/03/2010 - Employee Timeclock Software SQL Injection Vulnerabilities -...
PhpBB 'feed.php' Security Bypass Vulnerability
PhpBB is prone to a security-bypass vulnerability. Attackers may exploit the issue to bypass certain security restrictions, view restricted content, and perform unauthorized actions. PhpBB 3.0.7 is vulnerable; other versions may also be affected. OpenVAS Vulnerability Test $Id: gbphpbb38599.nasl...
RedHat Update for cups RHSA-2010:0129-01
Check for the Version of cups OpenVAS Vulnerability Test RedHat Update for cups RHSA-2010:0129-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Apache Tomcat Directory Traversal
Vulnerability description: An input validation error can be exploited to download arbitrary files via directory traversal attacks. Successful exploitation requires that a context is configured with allowLinking="true" and that the connector is configured with URIEncoding="UTF-8". Affected version...
Google Chrome Multiple Vulnerabilities - (Windows)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnwin01.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities - Windows Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod,...
Google Chrome Multiple Vulnerabilities - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TLS Renegotiation Exploit
!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...
TLS - Renegotiation
TLS - Renegotiation !/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21...
TLS - Renegotiation
!/usr/bin/env python RedTeam Pentesting GmbH [email protected] http://www.redteam-pentesting.de PoC exploit for the TLS renegotiation vulnerability CVE-2009-3555 License ------- CC-BY-SA http://creativecommons.org/licenses/by-sa/3.0/ Timeline -------- 2009-12-21 initial public release...
HTTPDX h_handlepeer() Function Buffer Overflow
This module exploits a stack-based buffer overflow vulnerability in HTTPDX HTTP server 1.4. The vulnerability is caused due to a boundary error within the "hhandlepeer" function in http.cpp. By sending an overly long HTTP request, an attacker can overrun a buffer and execute arbitrary code. This...
OWASP Con Begets Top 10 Threats List
Injection attacks top the 2010 OWASP Top 10 list of Web application security threats, including SQL, OS, and LDAP injection, followed by cross-site scripting XSS, broken authentication and session management, insecure direct object references, cross-site request forgery CSRF, security...
DEBIAN-CVE-2009-3627
The decodeentities function in util.c in HTML-Parser before 3.63 allows context-dependent attackers to cause a denial of service infinite loop via an incomplete SGML numeric character reference, which triggers generation of an invalid UTF-8 character...
CVE-2009-1563
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0689. Reason: This candidate is a duplicate of CVE-2009-0689. Certain codebase relationships were not originally clear. Notes: All CVE users should reference CVE-2009-0689 instead of this candidate. All references and...
SLES9: Security update for Apache 2
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2 apache2-devel apache2-doc apache2-example-pages apache2-prefork apache2-worker libapr0 For more information, please visit the referenced security...
Snort 2.8.5 IPv6 Remote Denial Of Service
============================================= - Date: October 22th, 2009 - Discovered by: Laurent Gaffié - Severity: Low ============================================= I. VULNERABILITY ------------------------- Snort TCP 2 works x86,x64 /usr/bin/env python from scapy.all import z = "Q" 30...
[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation
2009-016 Poppler, Xpdf integer overflows during heap allocation Description: Poppler and Xpdf are two popular open source projects for processing PDF files. Both projects are vulnerable to an integer overflow during heap memory allocation when processing a PDF file. In general, this results in...