8014 matches found
HijackClick 3
Note: This vulnerability as well as several more can be found at http://www.greyhats.cjb.net HijackClick 3!!! Took the name from Liu Die Yu : Tested IEXPLORE.EXE file version 6.0.2800.1106 MSHTML.DLL file version 6.00.2800.1400 Microsoft Windows XP sp2 Discussion The HijackClick series have been...
RHEL 2.1 : vnc (RHSA-2003:068)
Updated VNC packages are available to fix a weak cookie vulnerability. VNC is a tool for providing a remote graphical user interface. The VNC server acts as an X server, but the script for starting it generates an MIT X cookie which is used for X authentication without using a strong enough rando...
Spam-protection
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFCLOUD-1469. panel We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It...
Spam-protection
We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It shouldn't be too hard to do - we already track URL links. The UI will need some thought though what do you do if you define a URL as spam, and it's in a page? Revert the page back t...
Spam-protection
panel:bgColor=e7f4fa NOTE: This suggestion is for Confluence Cloud. Using Confluence Server? See the corresponding suggestion|http://jira.atlassian.com/browse/CONFSERVER-1469. panel We need something like MT-Blacklist: the ability to define URL patterns that flag a page and/or comment as spam. It...
vBulletin 1.02.x3.0 - index.php User Interface Spoofing
vBulletin 1.02.x3.0 - index.php User Interface Spoofing source: https://www.securityfocus.com/bid/10362/info A weakness has been reported to exist in the VBulletin software that may allow an attacker to spoof parts of the VBulletin interface. The issue exists due to improper validation of...
vBulletin 1.0/2.x/3.0 - 'index.php' User Interface Spoofing
source: https://www.securityfocus.com/bid/10362/info A weakness has been reported to exist in the VBulletin software that may allow an attacker to spoof parts of the VBulletin interface. The issue exists due to improper validation of user-supplied data. Remote attackers may potentially exploit th...
[SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 477-1 [email protected] http://www.debian.org/security/ Martin Schulze April 6th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 477-1] New xine-ui packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 477-1 [email protected] http://www.debian.org/security/ Martin Schulze April 6th, 2004 http://www.debian.org/security/faq -...
Invision Power Top Site List SQL Injection Vulnerability
Vendor : Invision Power Services URL : http://www.invisiontsl.com Version : Invision Power Top Site List v1.1 RC 2 && Earlier Risk : SQL Injection Vulnerability Description: Invision Power Top Site List is a flexible site ranking script written in PHP, the popular programming choice for web...
Webdeskpro role modify vulnerability
Webdeskpro has 4 role authority levels- author, editor, administrator, master We found a vulnerability in Webdeskpro UI. After login, if we modify some role variables as follows , we can read upper role level?s files. Role Modification FRAME...
Important: Red Hat Security Advisory: : Updated XFree86 4.1.0 packages are available
Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Linux 7.1 and 7.2. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. for...
Important: Red Hat Security Advisory: ggv security update
Updated packages for gv, ggv, and kdegraphics fix a local buffer overflow when reading malformed PDF or PostScript files. Updated 07 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 Gv and ggv are user interface...
Asked to re-authenticate to delete issue
/jira/secure/DeleteIssue!default.jspa?id=10012 everything seems to work ok, but I try to delete previously existing issue and I get redirected to the URL above. instead of a delete issue page, I get a login page, only it looks messed up - it's the login form table miniwindow except spread 100%...
Buffer overflow in Microsoft Windows Shell
Overview A remotely exploitable buffer overflow exists in the Microsoft Windows Shell. Description There is a buffer overflow in the Microsoft Windows Shell. The Shell provides the basic human-computer interface for Windows systems. Quoting from Microsoft Security Bulletin MS02-014:The Windows...
CVE-2000-0313
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations...
SGI IRIX 6.5.4 - midikeys Root
SGI IRIX 6.5.4 - midikeys Root source: https://www.securityfocus.com/bid/262/info The setuid root "midikeys" executable can be used to edit arbitrary files via its graphical user interface. This grants malicious users root access to the system. Running the midikeys application, clicking in sounds...
Security update 1970-01-01
...
Security update 1970-01-01
...
Security update 1970-01-01
...