30 matches found
Open-Xchange Server 6 - Multiple Vulnerabilities
Open-Xchange Server 6 - Multiple Vulnerabilities Multiple security issues for Open-Xchange Server have been discovered and fixed. The vendor has chosen responsible full disclosure to publish security issue details. Users of the software have already been provided with patched versions. Proof...
Cross-Site Scripting (XSS) vulnerability in gpEasy
Advisory ID: HTB23137 Product: gpEasy Vendor: gpeasy Vulnerable Versions: 3.5.2 and probably prior Tested Version: 3.5.2 Vendor Notification: January 2, 2013 Vendor Patch: January 2, 2013 Public Disclosure: January 23, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...
Samsung Kies 2.5.0.12114_1 Buffer Overflow Vulnerability
Samsung Kies version 2.5.0.121141 suffers from a buffer overflow vulnerability. Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Versions: 2.5.0.121141 Tested Version: 2.5.0.121141 on Windows 7 SP1 and Internet Explorer 9.0 Vendor Notification: December 19, 2012 Vendor Patch: December...
Buffalo Linkstation Privilege Escalation
Release Date. 5-Dec-2012 Last Update. - Vendor Notification Date. - Product. Linkstation & Others Platform. Buffalo Technology Affected versions. Including Actual Version Severity Rating. High Impact. Admin Password Reset Attack Vector. From remote Solution Status. Don't use Buffalo CVE reference...
CMS Made Simple 1.11.2 Cross Site Request Forgery
Advisory ID: HTB23121 Product: CMS Made Simple Vendor: cmsmadesimple.org Vulnerable Versions: 1.11.2 and probably prior Tested Version: 1.11.2 Vendor Notification: October 17, 2012 Public Disclosure: November 7, 2012 Vulnerability Type: Cross-Site Request Forgery CWE-352 CVE Reference:...
Samsung Kies 2.3.2.12054_20 - Multiple Vulnerabilities
Samsung Kies 2.3.2.1205420 - Multiple Vulnerabilities Advisory ID: HTB23099 Product: Samsung Kies Vendor: Samsung Electronics Vulnerable Versions: 2.3.2.1205420 and probably prior Tested Version: 2.3.2.1205420 Vendor Notification: June 25, 2012 Public Disclosure: October 15, 2012 Vulnerability...
WmsCMS < = 2.0 Multiple XSS Vulnerabilities
Application: WmsCMS Vendors Url: http://www.web-master.biz Bug Type: Multiple URL Handling Remote Cross-Site Scripting Vulnerabilities Exploitation: Remote Severity: Less Critical Solution Status: Unpatched Introduction: WmsCMS is a web-based CMS system Google Dork: "Powered by WMS-CMS" Affected...
Macromedia Flash 9 (IE Plugin) Remote Denial of Service Crash Exploit
Exploit for unknown platform in category dos / poc ===================================================================== Macromedia Flash 9 IE Plugin Remote Denial of Service Crash Exploit ===================================================================== / Macromedia flash crash Bug discovere...
MS Internet Explorer (createTextRang) Download Shellcoded Exploit
Exploit for unknown platform in category remote exploits ================================================================= MS Internet Explorer createTextRang Download Shellcoded Exploit ================================================================= / Internet Explorer "createTextRang" Downloa...
Microsoft Windows Media Player ActiveX control allows execution of javascript in "already open" frames
Overview A vulnerability in the Windows Media Player may allow remote attackers to view the contents of local files on the victim's computer. Description Using the "LaunchURL" method of the Windows Media Player ActiveX control, a web page author may be able to circumvent the frame security featur...