1102 matches found
RedHat Update for libexif RHSA-2007:1166-01
Check for the Version of libexif OpenVAS Vulnerability Test RedHat Update for libexif RHSA-2007:1166-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
JOnAS Cross Site Scripting
Digital Security Research Group DSecRG Advisory DSECRG-09-008 ------------------link to original advisory -------------------------- http://www.dsecrg.com/pages/vul/show.php?id=81 Application: JOnAS Java Open Application Server Versions Affected: JOnAS4.10.3 / Apache Tomcat 5.5.26 Vendor URL:...
Constructed of no-man's environment: Exploiting the Realtek RTL8139 single-chip Ethernet Controller-vulnerability warning-the black bar safety net
Author: Azy Finish: 2008-10-22 Excellent rootkit hereinafter abbreviated as rk usually should have hidden a stable communication function. As good programmers have been pursuing with the most simple code to complete the functional requirements of the same, excellent rk coder also has been adherin...
Certain characters can be used to allow cross-site scripting
When accepting HTML content from untrusted users, Web sites sometimes employ some kind of filtering to ensure that the content cannot contain scripts. If the content is to be used inside an HTML attribute, characters that separate attributes need to be filtered out to prevent scripted attributes...
MySQL privilege escalation
It's possible to specify file of different database in CREATE TABLE...
CGIWrap Charset Specification Weakness Error Message XSS
The remote host is running CGIWrap, a wrapper for CGI scripts to provide enhanced security. The version of CGIWrap installed on the remote host does not specify a charset when responses are for error pages. An attacker may be able to leverage this issue to inject arbitrary HTML and script code in...
Multiple XSS vulnerabilities from character encoding — Mozilla
WebKit developer Alexey Proskuryakov reported that the Mozilla HTML parser treated the backspace character as whitespace contrary to the HTML specification and different from other browsers. This difference might lead to Cross-site Scripting XSS risks on sites which filtered input in accordance...
SA-2008-016 - OpenID - Incorrect claimed_id returned for OpenID 2.0
The OpenID module has a vulnerability which allows OpenID version 2.0 positive assertions that are not properly verified to return an invalid or impersonated claimedid. To exploit this vulnerability an attacker could set up an OpenID provider, example1.com, that claimed to be the authority for...
CVE-2007-4595
Cross-site scripting XSS vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving 1 lack of charset specification within a META element or 2 a META element that specifies an unrecognized charset, which trigger automatic...
CVE-2007-4595
CVE-2007-4595 is a cross-site scripting vulnerability in Mayaa prior to 1.1.12. The issue arises when a page lacks a charset in a META element or specifies an unrecognized charset, triggering automatic browser charset recognition and improper handling of UTF-7 data, allowing remote attackers to i...
Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit
No description provided by source. ?php // Exploit Name: Php Blue Dragon CMS 3.0.0 Code Execution Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc...
[Reversemode Advisory] Microsoft DirectX RLE Compressed Targa Image File Heap Overflow
Microsoft DirectX Direct3D 9 Microsoft DirectX RLE Compressed Targa Image File Heap Overflow Ruben Santamarta rubenatreversemodedotcom 07.18.2007 Affected products: + Microsoft DirectX Direct3D 9 runtime libraries. + D3dx928.dll – D3dx9d28.dll and earlier Microsoft DirectX is prone to a heap...
Code injection
Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of service website suppression and resource consumption, aka "Internet Explorer Zone Domain Specification D...
[Full-disclosure] Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing.
Advisory : Internet Explorer Zone Domain Specification Dos and Page Suppressing Severity : Intermediate Version : IE 6.0 - 7.0 Dated : 18 June 2007 Explanation: The vulnerability is present in handling of domain names with different parameters sub domains when specified in the Intranet zone and...
DEBIAN-CVE-2007-3393
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service crash via crafted DHCP-over-DOCSIS packets...
Assign Groups to Project Role screen allows entry of users as groups
When assigning groups to a project role, the screen allows the user to specify a group that is really a user name...
Mandrake Linux Security Advisory : tetex (MDKSA-2007:022)
The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service infinite loop, arbitrary code execution, or memory corruption, via a PDF file with a 1 craft...
CVE-2006-2220
phpBB 2.0.20 does not properly verify user-specified input variables used as limits to SQL queries, which allows remote attackers to obtain sensitive information via a negative LIMIT specification, as demonstrated by the start parameter to memberlist.php, which reveals the SQL query in the...
CVE-2006-2220
PHPBB 2.0.20 is vulnerable to an information disclosure due to improper validation of user-supplied inputs used as SQL LIMIT bounds. The issue allows remote attackers to reveal sensitive data via a negative LIMIT (demonstrated through memberlist.php), producing an error message that exposes the q...
Weaknesses in Pingback Design
Advisory: Weaknesses in Pingback Design Advisory ID: 4tphi-sa-20070111-pingback Release Date: 01-24-2007 Author: Blake Matheny [email protected] Software: Multiple Impact: Remote DoS Overview: From Wikipedia, "A Pingback is one of three types of Linkbacks, methods for Web authors to request...