1616 matches found
[SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability
SEC-1 LTD www.sec-1.com Security Advisory Advisory Name: HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability Release Date: 04/04/2006 Application: HP Colour LaserJet 2500 and 4600 Toolbox Platform: Microsoft Windows all supported versions Severity: Remote Arbitrary File...
Evolution Emailer DoS
About 7 weeks ago an automated mailing list spewed a large but valid email containing a lot of URLS and other formatting. When this email is fed into evolution the behaviour it causes leads evolution to expand dramatically in size and eat vast amounts of CPU time. If you've got a lot of patience...
[SECURITY] [DSA 970-1] New kronolith packages fix cross-site scripting
-------------------------------------------------------------------------- Debian Security Advisory DSA 970-1 [email protected] http://www.debian.org/security/ Martin Schulze February 14th, 2006 http://www.debian.org/security/faq -...
DSA-970-1 kronolith - missing input sanitising
Bulletin has no description...
[Full-disclosure] SEC Consult SA-20051202-1 :: GMX Webmail XSS
========================================================== SEC-CONSULT Security Advisory 20051202-0 GMX / MSIE XSS ========================================================== Product: GMX Webmail V ?.? in combination with MSIE maybe other browsers Remarks: no other Versions tested but very likely...
vTiger CRM 4.2 - SQL Injection
vTiger CRM 4.2 - SQL Injection source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML...
vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting
vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is pro...
vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting
source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...
[SA17471] toendaCMS Disclosure of Sensitive Information
TITLE: toendaCMS Disclosure of Sensitive Information SECUNIA ADVISORY ID: SA17471 VERIFY ADVISORY: http://secunia.com/advisories/17471/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: toendaCMS 0.x http://secunia.com/product/6059/ DESCRIPTION:...
[Full-disclosure] SEC Consult SA-20051107-1 :: Macromedia Flash Player ActionDefineFunction Memory Corruption
SEC-CONSULT Security Advisory 20051107-1 ======================================================================================= title: Macromedia Flash Player ActionDefineFunction Memory Corruption program: Macromedia Flash Plugin vulnerable version: flash.ocx v7.0.19.0 and earlier...
Microsoft Internet Explorer - javaprxy.dll COM Object Remote Overflow
Microsoft Internet Explorer - javaprxy.dll COM Object Remote Overflow Bindshell on port 28876 - Based on Berend-Jan Wever's IE exploit 01 July 2005 Description - http://www.frsirt.com/english/advisories/2005/0935 Workarounds - http://www.microsoft.com/technet/security/advisory/903144.mspx...
ieCrash-javaprxy.txt
SEC-CONSULT Security Advisory ================================================================================== title: IE6 javaprxy.dll COM instantiation heap corruption vulnerability program: Internet Explorer vulnerable version: 6.0.2900.2180 homepage: www.microsoft.com found: 2005-06-17 by:...
phpCMS12x.txt
SEC-CONSULT Security Advisory 20050602-1 ======================================================================= title: Arbitrary File Inclusion in phpCMS 1.2.x program: phpCMS vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1 homepage: www.phpcms.de found: 2005-05-31 by: sk0L / SEC-CONSULT /...
[Full-disclosure] Source Code Disclosure in Yaws Webserver <1.56
SEC-CONSULT Security Advisory 20050616-0 ======================================================================= title: Source Code Disclosure in Yaws Webserver program: Yaws Webserver vulnerable version: 1.55 and earlier homepage: http://yaws.hyber.org found: 2005-06-01 by: M. Eiszner /...
[Full-disclosure] SEC-CONSULT SA20050602-1 :: Arbitrary File Inclusion in phpCMS 1.2.x
SEC-CONSULT Security Advisory 20050602-1 ======================================================================= title: Arbitrary File Inclusion in phpCMS 1.2.x program: phpCMS vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1 homepage: www.phpcms.de found: 2005-05-31 by: sk0L / SEC-CONSULT /...
[Full-disclosure] [SEC-1 LTD] RSA SecurID Web Agent Heap Overflow
SEC-1 LTD. www.sec-1.com Security Advisory Advisory Name: RSA SecurID Web Agent Heap Overflow Release Date: 06-05-2005 Application: RSA SecurID Web Agent 5 RSA SecurID Web Agent 5.2 RSA SecurID web Agent 5.3 Platform: Windows 2000 / IIS Severity: Remote Code Execution Author: Gary O'leary-Steele...