apache-commons-configuration: Apache Commons Configuration insecure interpolation defaults

A flaw was found in Apache Commons Configuration's variable interpolation, which by default included several lookup actions that could permit script invocation on remote servers. This issue could allow an attacker to use one of these actions to send a request to execute arbitrary code on the serv...

Zabbix Server Active Proxy Trapper Remote Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X . A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this...

CGIScript.NET csMailto Hidden Form Field Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4579/info CGIScript.NET csMailto is a Perl script designed to support multiple mailto: forms. A vulnerability has been reported in some versions of this script. Reportedly, configuration values used by the script are...

Firefox < 10.0.8 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 10.0.8 and thus, is affected by the following vulnerabilities : - Several memory safety bugs exist in the browser engine used in Mozilla-based products that could be exploited to execute arbitrary code. CVE-2012-3983 - Some methods of a feature use...

security flaw

The mbparsestr function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal registerglobals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with registerglobals functionality that is not...