How to relieve Microsoft XML vulnerability risk-the vulnerability warning-the black bar safety net

Recently reported, Microsoft XML Core Services vulnerability is still computer users face the biggest risk, and more than 4 3% of users are running a vulnerable version. Can you explain why these problems still exist as well as to alleviate the problem the best way? ! How to relieve Microsoft XML...

plib -- remote code execution via buffer overflow

Secunia reports: A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a boundary error within the "ulSetError" function src/util/ulError.cxx when creating the error message, which...

moinmoin -- cross-site scripting vulnerabilities

Secunia reports: Input passed via multiple parameters to action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site...

[SA34275] ZyXEL G-570S Multiple Vulnerabilities

---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: Vulnerability Research Software Inspection Results Secunia Research Highlights Secunia Advisory Statistics...

pivot-weblog -- file deletion vulnerability

Secunia reports: A vulnerability has been discovered in Pivot, which can be exploited by malicious people to delete certain files. Input passed to the "refkey" parameter in extensions/bbclonetools/count.php is not properly sanitised before being used to delete files. This can be exploited to dele...

dovecot-managesieve -- Script Name Directory Traversal Vulnerability

Secunia reports: The security issue is caused due to an input validation error when processing script names. This can be exploited to read or modify arbitrary files having ".sieve" extensions via directory traversal attacks, with the privileges of the attacker's user id...

libxml2 -- multiple vulnerabilities

Secunia reports: Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS Denial of Service or to potentially compromise an application using the library. 1 An integer overflow error in the "xmlSAX2Characters" function can be exploited to trigge...

smbftpd -- format string vulnerability

Secunia reports: Format string vulnerability in the SMBDirList function in dirlist.c in SmbFTPD 0.96 allows remote attackers to execute arbitrary code via format string specifiers in a directory name...

MT -- Search Unspecified XSS

Secunia reports: Arai has reported a vulnerability in Movable Type and Movable Type Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks. Some unspecified input passed via the search functionality isn't properly sanitised before being returned to the user...

mplayer -- Multiple integer overflows

Secunia reports: The vulnerabilities are caused due to integer overflow errors in "libmpdemux/asfheader.c" within the handling of an ASF file, and in "libmpdemux/aviheader.c" when parsing the "indx" chunk in an AVI file. This can be exploited to cause heap-based buffer overflows via a malicious A...