3944 matches found
Microsoft Releases Security Advisory
Microsoft has released security advisory 2490606 to alert users of a vulnerability affecting the Windows Graphics Rendering Engine. Exploitation of this vulnerability may allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. US-CERT...
WordPress.org has released WordPress 3.0.4
WordPress.org has released WordPress 3.0.4 to address a vulnerability in the HTML sanitation library. Exploitation of this vulnerability may allow an attacker to insert arbitrary HTML and script code into the browser session. US-CERT encourages users and administrators to review the WordPress.org...
CVE-2010-4630
Cross-site scripting XSS vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter...
CVE-2010-4630
Cross-site scripting XSS vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz Tool plugin 1.2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the action parameter...
CVE-2010-4630
The CVE-2010-4630 entry affects the WordPress plugin WP Survey And Quiz Tool (1.2.1) . The vulnerability is a reflected XSS in pages/admin/surveys/create.php, exploitable via the action parameter, allowing remote attackers to inject arbitrary script/HTML. Impact described in sources is client-sid...
Internet-Based Crime Rises to 11%, Nearing Traditional Theft Rates
Americans are nearly as likely to be victimized by Internet-based crime as by other forms of nonviolent theft. This perception emerges from a recent survey on crimes committed against individuals and their families. According to a Gallup Poll released Monday, 11% of American adults reported that...
RIM Releases Security Advisory for BlackBerry Enterprise Server
RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. The vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and...
Google Releases Chrome 8.0.552.224
Google has released Chrome 8.0.552.224 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any...
Microsoft Releases December Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint, and Exchange as part of the Microsoft Security Bulletin Summary for December 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated...
RealNetworks Releases Security Update for RealPlayer
RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the RealNetworks notice released on December 10, 2010 and appl...
Mozilla Releases Firefox 3.6.13
The Mozilla Foundation has released Firefox 3.6.13 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, spoof the location bar, or operate with elevated privileges. The Mozilla foundation has also released...
Microsoft Releases Advance Notification for December Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating that its December release will contain 17 bulletins. Two of these bulletins will have a severity rating of critical and will be for Microsoft Windows and Internet Explorer. Fourteen of the bulletins will have a severity rati...
WordPress Releases Version 3.0.3
WordPress has released WordPress 3.0.3 to address a vulnerability. Execution of this vulnerability may allow an attacker to operate with elevated privileges. US-CERT encourages users and administrators to review the WordPress Codex document for version 3.0.3 and apply any necessary updates to hel...
Apple Releases QuickTime 7.6.9
Apple has released QuickTime 7.6.9 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users and administrators to review Apple article...
WordPress Releases WordPress 3.0.2
WordPress has released WordPress 3.0.2 to address a vulnerability that may allow a malicious Author-level user to gain further access to the site, to fix multiple software bugs, and to provide additional security enhancements. US-CERT encourages users and administrators to review the WordPress bl...
VMware Releases Security Patch for ESX
VMware has released a security patch for ESX to address a vulnerability. Exploitation of this vulnerability may allow a local user to gain additional privileges on the affected system. US-CERT encourages users and administrators to review VMware knowledgebase article 1029397 and apply any necessa...
Apple Releases Safari 5.0.3 and 4.1.3
Apple has released Safari 5.0.3 and 4.1.3 to address multiple vulnerabilities in the Safari and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4455...
OpenSSL Releases OpenSSL 1.0.0b
OpenSSL has released OpenSSL 1.0.0b to address a vulnerability that may allow an attacker to execute arbitrary code. US-CERT recommends that users and administrators of this product update to OpenSSL version 1.0.0b or apply the workaround provided in the OpenSSL security advisory. Because OpenSSL...
Adobe Releases Security Updates for Reader and Acrobat
Adobe has released security updates for Reader and Acrobat for Windows and Macintosh. These updates address multiple vulnerabilities including those described in security advisory APSA10-05, a recent Adobe PSIRT blog entry, and security bulletin APSB10-26. Exploitation of these vulnerabilities ma...
Pre Survey Poll Cross Site Scripting
In The Name Of GOD + Exploit Title: PRE SURVEY POLL XSS Vulnerability + Date: 2010-11-13 + Author : Cru3l.b0y + Software Link: http://www.preproject.com/poll.asp + Price : 28.00$ + Contact : [email protected] + Website : WwW.PenTesters.IR + Greeting: Behzad, Ahmad,...