Mitel Audio and Web Conferencing (AWC) Remote Arbitrary Shell Command Injection Vulnerability

Mitel Audio and Web Conferencing AWC is prone to a remote command-injection vulnerability because it fails to adequately sanitize user-supplied input data. Remote attackers can exploit this issue to execute arbitrary shell commands with the privileges of the user running the application. OpenVAS...

CVE-2010-4536

Multiple cross-site scripting XSS vulnerabilities in KSES, as used in WordPress before 3.0.4, allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 the & ampersand character, 2 the case of an attribute name, 3 a padded entity, and 4 an entity that is not in...

Fedora Update for xfig FEDORA-2010-18589

Check for the Version of xfig OpenVAS Vulnerability Test Fedora Update for xfig FEDORA-2010-18589 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

[waraxe-2010-SA#078] - Multiple Vulnerabilities in CruxCMS 3.0.0

waraxe-2010-SA078 - Multiple Vulnerabilities in CruxCMS 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 27. December 2010 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-78.html Affected Software: CruxCMS is a...

[SECURITY] Fedora 14 Update: xfig-3.2.5-25.b.fc14

Xfig is an X Window System tool for creating basic vector graphics, including bezier curves, lines, rulers and more. The resulting graphics can be saved, printed on PostScript printers or converted to a variety of other formats e.g., X11 bitmaps, Encapsulated PostScript, LaTeX. You should install...

CVE-2010-3772

Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV element within a treechildren element...

Fedora Update for banshee FEDORA-2010-17021

Check for the Version of banshee OpenVAS Vulnerability Test Fedora Update for banshee FEDORA-2010-17021 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

NoScript Cross Site Scripting Via SQL Injection

Hi List NoScript fails to detect the reflective XSS from trusted domains when an attack is conducted through SQLXSSI. The bypass in NoScript has been successfully conducted by using "Reflective XSS" through Union SQL poisoning attacks by exploiting the reverted errors in the browser. The attack...

UBUNTU-CVE-2010-3826

WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of colors in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial o...

Social-Engineer Toolkit v1.0 - Latest Version Download

The Social Engineer Toolkit SET has been updated to version 1.0! We wrote about the Social Engineer's Toolkit in our old post here. This release is called the Devolution Release. "The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the hum...

GSPlayer 1.83a Win32 Release - Local Buffer Overflow

GSPlayer 1.83a Win32 Release - Local Buffer Overflow Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Test...

GSPlayer 1.83a Win32 Release - Local Buffer Overflow

Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Tested on: Windows XP SP3 En VM my $file = "GSPlayer.m3u"...

CVE-2010-3700: Spring Security bypass of security constraints

CVE-2010-3700 - Spring Security - Bypassing of security constraints Severity: Important Vendor: SpringSource, a division of VMware Versions affected: Spring Security 3.0.0 to 3.0.3 Spring Security 2.0.0 t0 2.0.5 Acegi Security 1.0.0 to 1.0.7 Description: Spring Security does not consider URL path...

LES PACKS - 'ID' SQL Injection

source: https://www.securityfocus.com/bid/44457/info LES PACKS is prone to an SQL-injection vulnerability. An attacker can exploit this SQL-injection issue to carry out unauthorized actions on the underlying database, which may compromise the application and aid in further attacks...

Ubuntu: Security Advisory (USN-1008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows Common Control Library Remote Code Execution Vulnerability (2296011)

This host is missing a critical security update according to Microsoft Bulletin MS10-081. OpenVAS Vulnerability Test $Id: secpodms10-081.nasl 5361 2017-02-20 11:57:13Z cfi $ Windows Common Control Library Remote Code Execution Vulnerability 2296011 Authors: Sooraj KS Copyright: Copyright c 2010...

Windows Common Control Library Remote Code Execution Vulnerability (2296011)

This host is missing a critical security update according to Microsoft Bulletin MS10-081. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft IIS FTP Server NLST Response Overflow

$Id: ms09053ftpdnlst.rb 10558 2010-10-05 23:39:14Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Tiki Wiki CMS Groupware 5.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/43507/info Tiki Wiki CMS Groupware is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using...

Fedora Update for lib3ds FEDORA-2010-14644

Check for the Version of lib3ds OpenVAS Vulnerability Test Fedora Update for lib3ds FEDORA-2010-14644 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...