ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability

ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-290 October 15, 2011 - -- CVE ID: CVE-2011-2001 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Microsoft - -- Affected Products:...

Arbitrary File Upload in '1 Flash Gallery' Wordpress Plugin

====Vulnerability==== The '1 Flash Gallery' WordPress plugin http://wordpress.org/extend/plugins/1-flash-gallery/ is vulnerable to an arbitrary file upload vulnerability. This vulnerability is present from version 1.30 until version 1.5.7. The plugin has been downloaded an estimated 460,000 times...

Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Chezola Systems display-section.php?id AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://chezolasystems.com/ Persian Gulf 4 Ever! Dork : "Powered by Chezola Systems Canada Inc"...

NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability

NSFOCUS Security AdvisorySA2011-01 Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability Release Date: 2011-06-15 CVE ID: CVE-2011-1250 http://www.nsfocus.com/en/advisories/1101.html Affected Software and System: ============================= Microsoft Internet...

[USN-1129-1] Perl vulnerabilities

========================================================================== Ubuntu Security Notice USN-1129-1 May 03, 2011 perl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...

Microsoft Windows multiple security vulnerabilities

OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...

Mozilla Foundation Security Advisory 2010-81

Mozilla Foundation Security Advisory 2010-81 Title: Integer overflow vulnerability in NewIdArray Impact: Critical Announced: December 9, 2010 Reporter: regenrecht Products: Firefox, SeaMonkey Fixed in: Firefox 3.6.13 Firefox 3.5.16 SeaMonkey 2.0.11 Description Security researcher regenrecht...

[eVuln.com] sitename XSS in Hot Links Lite

New eVuln Advisory: sitename XSS in Hot Links Lite Summary: http://evuln.com/vulns/143/summary.html Details: http://evuln.com/vulns/143/description.html -----------Summary----------- eVuln ID: EV0143 Software: Hot Links Lite Vendor: Mrcgiguy Version: 1.0 Critical Level: low Type: Cross Site...

[ MDVSA-2010:224 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:224 http://www.mandriva.com/security/ Package : php Date : November 9, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: A vulnerability was discovered...

Microsoft Security Bulletin MS10-068 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege (983539)

Microsoft Security Bulletin MS10-068 - Important Vulnerability in Local Security Authority Subsystem Service Could Allow Elevation of Privilege 983539 Published: September 14, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability ...

Nuance OmniPage 16 Professional installs multiple vulnerable Microsoft runtime libraries

Nuance Communications, Inc. offer on their german web page http://www.nuance.de/kostenlose-ocr-software-test/download.asp a trial version of OmniPage 16 Professional for download. The installer OPPro16TD.exe a self-extracting RAR archive was published "Tue, 30 Jun 2009 14:38:28 GMT" according to...

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

[Onapsis Security Advisory 2010-004] SAP J2EE Authentication Phishing Vector

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-004: SAP J2EE Authentication Phishing Vector This advisory can be downloaded from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you will gain access to beforehand...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance Advisory ID: cisco-sa-20100210-ironport Revision 1.0 For Public Release 2010 February 10 1600 UTC GMT...

US-CERT Technical Cyber Security Alert TA10-012A -- Oracle Updates for Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-012A Oracle Updates for Multiple Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected Oracle Database 11g, version 11.1.0.7 Oracle Database 10g Release...

[ MDVSA-2009:344 ] perl-DBD-Pg

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:344 http://www.mandriva.com/security/ Package : perl-DBD-Pg Date : December 28, 2009 Affected: 2008.0 Problem Description: Multiple vulnerabilities was discovered and corrected in perl-DBD-Pg: Heap-based...

dstat privilege escalation

share libraries are searched in the working directory...

Apache Tomcat for Windows backdoor account

admin account with empty password is created during installation...

[ONSEC-09-017] Blogolet PHP including

ONSEC-09-017 Blogolet PHP including Цель: Blogolet CMS Тип: PHP инъекция Угроза: Высокая Дата обнаружения: 21.09.2009 Дата оповещения разработчика: 21.09.2009 Дата выхода исправления: 21.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимость существует...

[security bulletin] HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux (ICE-LX) Cross Site Request Forgery (CSRF) , Remote Execution of Arbitrary Code, Denial of Service (DoS), and Other Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01820968 Version: 1 HPSBMA02447 SSRT090062 rev.1 - Insight Control Suite For Linux ICE-LX Cross Site Request Forgery CSRF , Remote Execution of Arbitrary Code, Denial of Service DoS, and Other...

ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability

ZDI-09-049: Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-049 August 5, 2009 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- Vulnerability Details: This vulnerability allow...

User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5-->

!/usr/bin/perl ----------------------------------------------------------------------------- User options changer SQLi EXPLOIT --Bigace CMS -stable release- 2.5-- ----------------------------------------------------------------------------- CMS INFORMATION: --WEB: http://www.bigace.de/ --DOWNLOAD...

ftpdmin v. 0.96 RNFR remote buffer overflow exploit

?php / ftpdmin v. 0.96 RNFR remote buffer overflow exploit xp sp3 / case study by Nine:Situations:Group::surfista software site: http://www.sentex.net/mwandel/ftpdmin/ our site: http://retrogod.altervista.org/ bug found by rgod in 2006, RNFR sequences can trigger a simple eip overwrite. We can us...

Microsoft Security Bulletin MS08-074 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Microsoft Security Bulletin MS08-074 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution 959070 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves three privately reported vulnerabilities in Microsoft...

İltaweb Kolay Site (urundetay) Sql injection Vulnerability (Tr)

Author: BiLGi ASD Contact: [email protected] Home: Bilgi-Asd.Ch Script: ltaweb Kolay Site Tr Sql injection Vulnerability http://www.aspindir.com/goster/5665 $Price$: 100 Exploit: urundetay.asp?id=67+union+select+0,1,sifre,kullaniciadi,4,5,6,7,8,9,10,11,12+from+uyeler Demo:...

CS-Cart <= 1.3.5 SQL Injection

GulfTech Security Research September 02, 2008 Vendor : CS-Cart.com URL : http://www.cs-cart.com/ Version : CS-Cart = 1.3.5 Risk : SQL Injection Description: CS-Cart Cart is a full featured online ecommerce application written in php that allows users to build, run and promote an online store. The...

Null Byte Local file Inclusion in FAR - PHP Project version:1.0

. . | / | | | / / | |/ // / / / |/ / // | / | | / / / // / |/| || /| / / / / / / / / | | / / / | // est.2007 / / forum.darkc0de.com Web Application: FAR - PHP Project version:1.0 Vendor's Address :www.far-php.ro Author: Beenu Arora Address: www.beenuarora.com Python Dark Scripts:...

[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1619-1 [email protected] http://www.debian.org/security/ Devin Carraway July 27, 2008 http://www.debian.org/security/faq -...

Mozilla Foundation Security Advisory 2008-35

Mozilla Foundation Security Advisory 2008-35 Title: Command-line URLs launch multiple tabs when Firefox not running Impact: Critical Announced: July 15, 2008 Reporter: Billy Rios, Ben Turner, Dan Veditz Products: Firefox Fixed in: Firefox 3.0.1 Firefox 2.0.0.16 Description Security researcher Bil...

[Full-disclosure] Opera - heap based buffer overflow (CVE-2007-6521)

============================================ ||| Security Advisory AKLINK-SA-2008-006 ||| ||| CVE-2007-6521 CVE candidate ||| ============================================ Opera - heap-based buffer overflow ================================== Date released: 28.05.2007 Date reported: 05.10.2007...

BosNews 2002-2006 Remote add user admin

-------------------------------------------------------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo ---------------------------------------------------------...

joomla com_activities sql injection

allinurl :"comactivities" index.php?option=comactivities&Itemid=51&func=detail&id=-1//union//select//0,1,password,3,4,5,6,7,8,9,10,11,12,13,14,15,username//from//mosusers/...

Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search

------------------------------------------------------------------------ Cross-Site Scripting XSS in phpWebSite 1.4.0 search ------------------------------------------------------------------------ Author: Audun Larsen larsen at xqus dot com Date: Dec 29, 2007 --AFFECTED...

PHP-Nuke NSN Script Depository module <= 1.0.3 Remote Source / DB Credentials Disclosure

--------------------------------------------------------------- / | | / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / / | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...

[Full-disclosure] Advisory SE-2007-01: TikiWiki Remote PHP Code Evaluation Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: TikiWiki Remote PHP Code Evaluation Vulnerability Release Date: 2007/10/29 Last Modified: 2007/10/29 Author: Stefan Esser stefan.esseratsektioneins.de Application: TikiWiki = 1.9.8....

PHMe CMS 0.0.2 local File Include Vulnerabilitiy

Tilte: PHMe CMS 0.0.2 local File Include Vulnerabilitiy www.Aria-security.Com For English www.Aria-Security.net For Persian Author: YouYou Software: PHMe CMS Site Script: http://sourceforge.net/projects/phme proof Of Concept : www.example.com/path/resources/functionlist.php?action=Local Script00...

[CVE-2007-1355] Tomcat documentation XSS vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2007-1355: Tomcat documentation XSS vulnerabilities Severity: Moderate Cross-site scripting Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.23 Tomcat...

Microsoft Security Bulletin MS07-026 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

Microsoft Security Bulletin MS07-026 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution 931832 Published: May 8, 2007 Version: 1.0 Summary Who Should Read this Document: Customers who use Microsoft Exchange Server Impact of Vulnerability: Remote Code Execution Maximum Severit...

Web Slider 0.6(path)Remote File Inclusion Vulnerabilities

Web Slider 0.6pathRemote File Inclusion Vulnerabilities D.Script: http://sourceforge.net/projects/webslider/ Discovered by: GolDM = Mahmoodali Homepage: http://Www.Tryag.Com/cc Exploit:Path/index.php?path=Shell Exploit:Path/modules/pdf.php?path=Shell Exploit:Path/plugins/highlight.php?path=Shell...

[Full-disclosure] [OPENADS-SA-2007-003] Openads 2.0.11 vulnerability fixed

======================================================================== Openads security advisory OPENADS-SA-2007-003 ------------------------------------------------------------------------ Advisory ID: OPENADS-SA-2007-003 Date: 2007-Apr-11 Security risk: medium risk Applications affetced:...

McGallery 0.5b Arbitrary File Download Vulnerability

Piker McGallery 0.5b Arbitrary File Download Vulnerability Affected software: McGallery 0.5b Vendor: http://sourceforge.net/projects/mcgallery/ Dork: allintitle: "MCgallery 0.5b" http://target/path/download.php?filename=main.php Found by Piker The Am0s Team Greetz: KX-T33, kakalake, nAzGuL, Putus...

PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability

Title : PHPFootball 1.6 show.php Remote Database Disclosure Vulnerability Author : ajann Contact : : S.Page : http://phpfootball.sourceforge.net $$ : Free Dork : inurl:/phpfootball/ DBREAD--------------------------------------------------------- http://target/path//show.php VARIABLES Example:...

[Full-disclosure] [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation

Gentoo Linux Security Advisory GLSA 200611-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...

[Full-disclosure] ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability

ZDI-06-039: Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-039.html November 10, 2006 -- CVE ID: CVE-2006-5487 -- Affected Vendor: Marshal -- Affected Products: MailMarshal SMTP 5.x MailMarshal SMTP 6.x MailMarshal SMTP 2006...

ADOdb Date Library Full path Bugs

Hello,, ADOdb Date Library, part of the ADOdb abstraction library Full path bugs Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] ADOdb Date Library, part of the ADOdb abstraction library Full path adodb/server.php...

LoudBlog <= 0.4 arbitrary remote inclusion

------------- LoudBlog = 0.4 arbitrary remote inclusion ----------- software: site: http://loudblog.de/ description: "Loudblog is a sleek and easy-to-use Content Management System CMS for publishing media content on the web. It automatically generates a skinnable website and an RSS-Feed for...

[UNIX] Kmail HTML Support Allows Spoofing of Emails' Content

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Gadu-Gadu, another two bugs

Product: Gadu-Gadu, build 155 and older Vendor: SMS-EXPRESS.COM http://www.gadu-gadu.pl Impact: Script execution in local zone, Remote DoS Severity: High Authors: Blazej Miga [email protected], Jaroslaw Sajko [email protected] Date: 17/12/04 ISSUE Gadu-Gadu is the first Polish instant messenger...

Skype buffer overflow

callto: URL buffer overflow...

NOVL-2003-2966205 - iChain 2.2 Field Patch 1a

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2003-2966205 Title: iChain 2.2 Field Patch 1a Date: 05-Jun-2003 Revision: Original Product Name: iChain 2.2 OS/Platforms: Netware...