SolarWinds Orion Network Performance Monitor 10.2.2 - Multiple Vulnerabilities

/ Exploit Title: SolarWinds Orion Network Performance Monitor 10.2.2 Multiple Vulnerabilities Date: Jul 21 2012 Author: muts Version: SolarWinds Orion Network Performance Monitor 10.2.2 Vendor URL: http://www.solarwinds.com/ Timeline: 29 May 2012: Vulnerability reported to CERT 30 May 2012:...

AtMail Email Server Appliance 6.4 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Remote Code Execution

Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail administrative interface open, we can call a remote JavaScript file that will initiate the installation of a special...

php5. 4. 3 remote code execution vulnerabilities, and provide the right kind of work-vulnerability warning-the black bar safety net

PHP comprinttypeinfovulnerability through PHP code to call"exec"to run the SHELL command With this mention of the right is not very convenient? // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant...

PHP 5.4.3 'com_print_typeinfo()'远程代码执行漏洞

PHP是一种HTML内嵌式的语言 PHP comprinttypeinfo存在一个安全漏洞，允许攻击者执行任意代码。此漏洞影响windows平台上的php版本，在windows平台上其"COM"函数作为PHP核心的一部分。攻击者需要上传恶意PHP代码到服务器，攻击者可以通过"exec"使用PHP运行SHELL命令 0 PHP 5.4.3 厂商解决方案 目前没有详细解决方案提供： http://www.php.net/ // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in...

PHP 5.4 Win32 Code Execution

// Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish =================== offset-brute.html...

Mozilla Products Security Bypass Vulnerability - May12 (Windows)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to security bypass vulnerability OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnmay12win.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Security Bypass Vulnerability - May12 Windows Authors: Rachan...

Mozilla Products Security Bypass Vulnerability (May 2012) - Mac OS X

Mozilla Firefox/Thunderbird/Seamonkey is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Mozilla Products Security Bypass Vulnerability - May12 (Mac OS X)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to security bypass vulnerability OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnmay12macosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Security Bypass Vulnerability - May12 Mac OS X Authors:...

Mozilla Products Security Bypass Vulnerability (May 2012) - Windows

Mozilla Firefox/Thunderbird/Seamonkey is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2012-0475

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site 1 XMLHttpRequest or 2 WebSocket operation involvin...

Cross site scripting

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site 1 XMLHttpRequest or 2 WebSocket operation involvin...

CVE-2012-0475

Mozilla Firefox 4.x through 11.0, Thunderbird 5.0 through 11.0, and SeaMonkey before 2.9 do not properly construct the Origin and Sec-WebSocket-Origin HTTP headers, which might allow remote attackers to bypass an IPv6 literal ACL via a cross-site 1 XMLHttpRequest or 2 WebSocket operation involvin...

Debian DSA-2406-1 : icedove - several vulnerabilities

Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base. - CVE-2011-3670 Icedove does not not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls throu...

DSA-2406-1 icedove - several

Bulletin has no description...

Mandriva Update for mozilla MDVSA-2012:013 (mozilla)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mozilla Foundation Security Advisory 2012-02

Mozilla Foundation Security Advisory 2012-02 Title: Overly permissive IPv6 literal syntax Impact: Low Announced: January 31, 2012 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.26 Thunderbird 7.0 Thunderbird 3.1.18 SeaMonkey 2.4 Description...

Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability - Windows

Mozilla Firefox/Thunderbird/Seamonkey is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (MAC OS X)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsipv6literalsyntaxinfodiscvulnmacosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products IPv6 Literal Syntax Cross Domain...

Mozilla Products IPv6 Literal Syntax Cross Domain Information Disclosure Vulnerability (Windows)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsipv6literalsyntaxinfodiscvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products IPv6 Literal Syntax Cross Domain Informatio...

Mozilla Foundation Security Advisory 2012-02

Mozilla Foundation Security Advisory 2012-02 Title: Overly permissive IPv6 literal syntax Impact: Low Announced: January 31, 2012 Reporter: Gregory Fleischer Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 7.0 Firefox 3.6.26 Thunderbird 7.0 Thunderbird 3.1.18 SeaMonkey 2.4 Description...