925 matches found
opera -- multiple vulnerabilities
Opera reports: Certain constructs are not escaped correctly by Opera's History Search results. These can be used to inject scripts into the page, which can then be used to look through the user's browsing history, including the contents of the pages they have visited. These may contain sensitive...
Unfixed XSS vulnerability at www.locasite.com.br
Security researcher mygotmanoel, has submitted on 26/12/2007 a cross-site-scripting XSS vulnerability affecting www.locasite.com.br, which at the time of submission ranked 99968 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/02/2008. It is...
IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow
IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow !/use/bin/perl Test on Imail 20069.10, imap4d32.exe6.8.8.1, windows 2003 Chinese SP1 Code by yunshu, our team: www.ph4nt0m.org Mail list: http://list.ph4nt0m.org F:\perl imailSUBSCRIBE.pl 192.168.1.2 testuser testpass OK IMAP4 Server IMa...
IPSwitch IMail Server 2006 9.10 - Subscribe Remote Overflow
!/use/bin/perl Test on Imail 20069.10, imap4d32.exe6.8.8.1, windows 2003 Chinese SP1 Code by yunshu, our team: www.ph4nt0m.org Mail list: http://list.ph4nt0m.org F:\perl imailSUBSCRIBE.pl 192.168.1.2 testuser testpass OK IMAP4 Server IMail 9.10 0 OK LOGIN completed FLAGS \Answered \Flagged \Delet...
IPSwitch IMAIL IMAP server buffer overflow
Buffer overflow in SEARCH and SUBSCRIBE commands and also during authentication procedure...
CVE-2007-3927
Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 1 allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and 2 allow attackers to have an unknown impact via an unspecified vector related to "subscribe."...
Buffer overflow
Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 1 allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and 2 allow attackers to have an unknown impact via an unspecified vector related to "subscribe."...
CVE-2007-3927
Multiple buffer overflows in Ipswitch IMail Server 2006 before 2006.21 1 allow remote attackers to execute arbitrary code via unspecified vectors in Imailsec and 2 allow attackers to have an unknown impact via an unspecified vector related to "subscribe."...
MERCUR imapd SUBSCRIBE command buffer overflow
Added: 03/27/2007 CVE: CVE-2007-1579 BID: 23050 OSVDB: 33546 Background MERCUR Messaging Server is an e-mail server supporting the SMTP, POP3, and IMAP protocols for Windows platforms. Problem A buffer overflow vulnerability allows remote, authenticated attackers to execute arbitrary commands by...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in SubHub 2.3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the searchtext parameter to a /search, or the 2 message parameter to b /calendar or c /subscribe...
CVE-2007-1646
Multiple cross-site scripting XSS vulnerabilities in SubHub 2.3.0 allow remote attackers to inject arbitrary web script or HTML via 1 the searchtext parameter to a /search, or the 2 message parameter to b /calendar or c /subscribe...
**SubHub v2.3.0**
SubHub v2.3.0 Site: http://www.subhub.com/ & others that use this software Type of Expliot: XSS Version : 2.3.0 Discover: T--T Bug in : /search?searchtext=insert xss here /calendar/?message=insert xss here /subscribe?message=insert xss here - - - - - - - - - - - - - - - - Exploit POC...
Atrium Mercur Mailserver IMAPD buffer overflow
Multiple buffer overflows in IMAP NTLM authentication implementation. Buffer overflow in SUBSCRIBE command...
Atrium Mercur IMap Subscribe请求远程栈溢出漏洞
Mercur是Atrium Software推出的系列邮件服务器产品。 Mercur的NTLM认证机制实现上存在漏洞,远程攻击者可能利用此漏洞控制服务器或导致服务崩溃。 Mercur的IMAPD在实现NTLM的代码中盲目使用用户提供的长度数据作为memcpy调用的参数,远程攻击者可能利用此问题触发一个栈溢出,导致拒绝服务或执行任意指令。 Atrium Software Mercur v5.00.14 win32 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.atrium-software.com/...
Mercur Messaging 2005 IMAP (SUBSCRIBE) Remote Exploit (win2k SP4)
No description provided by source. !/usr/bin/python Remote exploit for the stack overflow vulnerability in Mercur Messaging 2005 SP3 IMAP service. The exploit was tested on windows 2000 server SP4 in a Vmware environment. At the time of overflow EBX points to our shellcode. However this buffer in...
Stack overflow
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...
CVE-2007-1579
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...
CVE-2007-1579
Stack-based buffer overflow in Atrium MERCUR IMAPD allows remote attackers to have an unknown impact via a certain SUBSCRIBE command...
CVE-2007-1579
The CVE-2007-1579 issue affects Atrium MERCUR Messaging Server (MERCUR IMAPD) on Windows, where the IMAP SUBSCRIBE command processing has a stack-based buffer overflow in the IMAP service. The vulnerability allows remote attackers to trigger arbitrary actions via a crafted SUBSCRIBE request, with...
Mercur Messaging 2005 (Windows 2000 SP4) - IMAP 'Subscribe' Remote Overflow
!/usr/bin/python Remote exploit for the stack overflow vulnerability in Mercur Messaging 2005 SP3 IMAP service. The exploit was tested on windows 2000 server SP4 in a Vmware environment. At the time of overflow EBX points to our shellcode. However this buffer into which EBX points will give a...