Whisper: Error stack trace

Open wid param broken http://prod.whisper.sh/whispers/replies?uid=050e3617a744474140874730dbe5055367c5c5&wid=04d27d987de7f897580096b099815691cd4a89%27%22&sme=false and got error stack trace...

Enter: Error stack trace

Make request removed csrf token in POST data POST /settings HTTP/1.1 Host: wallet.robocoin.com User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10.9; rv:34.0 Gecko/20100101 Firefox/34.0 Accept: / Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate Content-Type:...

Design/Logic Flaw

Zenoss Core through 5 Beta 3 allows remote attackers to obtain sensitive information by attempting a product-rename action with an invalid new name and then reading a stack trace, as demonstrated by internal URL information, aka ZEN-15382...

CVE-2 0 1 4-1 7 7 2 – Internet Explorer Use After Free vulnerability detailed analysis-vulnerability warning-the black bar safety net

http://blog.trendmicro.com/trendlabs-security-intelligence/root-cause-analysis-of-cve-2014-1772-an-internet-explorer-use-after-free-vulnerability/ Translated from TrendLabs ! /Article/UploadPic/2014-11/2014111310206615.jpg We often see a wide variety of vulnerabilities, from the user-after-free...

CVE-2014-8526

McAfee Network Data Loss Prevention NDLP before 9.3 allows local users to obtain sensitive information by reading a Java stack trace...

Stack overflow

McAfee Network Data Loss Prevention NDLP before 9.3 allows local users to obtain sensitive information by reading a Java stack trace...

CVE-2014-8526

McAfee Network Data Loss Prevention NDLP before 9.3 allows local users to obtain sensitive information by reading a Java stack trace...

CVE-2014-8526

McAfee Network Data Loss Prevention (NDLP) prior to version 9.3 is affected by a local information-disclosure vulnerability where an attacker can read a Java stack trace to obtain sensitive information. The available documents confirm the affected product and symptom (stack trace exposure) and th...

Mozilla Firefox 3.6.16 mChannel Use-After-Free漏洞

漏洞分析 此漏洞是由于Mozilla Firefox的xul.dll在处理mChannel标签时，在OnChannelRedirect中对mChannel对象进行创建，但在随后调用Release释放，在释放对象过后没有对该指针进行标记，从而导致在随后的调用用中引用mChannel标签时，由于指针已经被释放，导致call地址不可读，从而引发漏洞，下面对此漏洞进行详细分析。 首先打开PoC，火狐浏览器崩溃，附加调试器，到达漏洞现场。 858.85c: Access violation - code c0000005 first chance First chance exceptions a...

KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation

Title: Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation Advisory ID: KL-001-2014-002 Publication Date: 2014-07-18 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2014-002.txt 1. Vulnerability Details Affected Vendor: Microsoft Affected Product: Bluetooth...

Localize: PHP PDOException and Full Path Disclosure

hi phrasekey , agian! in phraseChange action if set to array pdo quote show error! line 755 index.php Warning: PDO::quote expects parameter 1 to be string, array given in /srv/data/web/vhosts/www.localize.im/htdocs/classes/Database.php on line 30 Fatal error: Uncaught exception 'PDOException' wit...

CVE-2014-0871

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...

Information disclosure

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...

CVE-2014-0871

RICOS in IBM Algo Credit Limits aka ACLM 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character...

CVE-2014-0871

CVE-2014-0871 affects IBM Algorithmics RICOS (ACLIM) versions 4.5.0–4.7.0. The issue allows information disclosure via Tomcat error messages that leak environment details, triggered by non-printing characters (e.g., 0x00) in a cookie to the /classes/ URI. IBM’s SEC Consult advisory and the IBM Se...

CVE-2013-6741

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration...

Information disclosure

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration...

CVE-2013-6741

The CVE-2013-6741 issue affects IBM Maximo Asset Management and related IBM Tivoli products, allowing remote authenticated users to obtain potentially sensitive stack-trace information by triggering a Birt error. Affected products include Maximo Asset Management 7.x (before 7.1.1.7 LAFIX.20140319...

CVE-2013-6741

IBM Maximo Asset Management 7.x before 7.1.1.7 LAFIX.20140319-0837 and 7.5.x before 7.5.0.5 IFIX006; SmartCloud Control Desk 7.x before 7.5.0.3 and 7.5.1.x before 7.5.1.2; and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration...

Jira outputs a stack trace to the screen when an error is encountered

panel h3. Problem When users are greeted by the error 500 page, they can click on the Request assistance link to expand and see the long stack trace of the error that occurs. The information is not useful to most of the end users but it's not possible to hide it from them. h3. Suggestion To have ...