47153 matches found
Dr. Web Control Center Admin UI Remote Script Code Injection
Dr. Web Control Center Admin UI Remote Script Code Injection ============================================================= Affected Products/Versions -------------------------- Product Name: Dr. Web Enterprise Server Version Number: 6.00.3.201111300 Product/Company Information...
Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities
Title: ====== Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities Date: ===== 2012-07-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=659 VL-ID: ===== 659 Common Vulnerability Scoring System: ==================================== 8.3 Introduction:...
[USN-1552-1] OpenStack Keystone vulnerabilities
========================================================================== Ubuntu Security Notice USN-1552-1 September 03, 2012 keystone vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives...
[USN-1545-1] Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1545-1 August 22, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Google Chrome 19 metro_driver.dll mishandling
Security Advisory - Google Chrome 19 metrodriver.dll mishandling ======================================================================== Summary : Google Chrome 19 is prone to unqualified DLL loading Date : 28 June 2012 Affected versions : Google Chrome v19.0.1084.21 up-to v20.0.1132.23 ID :...
BookNux 0.2 <= Multiple Vulnerabilities
BookNux 0.2 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...
[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability
CVE-2012-2138 : Apache Sling denial of service vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: org.apache.sling.servlets.post bundle up to 2.1.0 Description: The @CopyFrom operation of the Sling POST servlet allows for copying a parent node to one of it...
[SECURITY] [DSA 2414-1] fex security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2413-1 [email protected] http://www.debian.org/security/ Nico Golde February 21, 2012 http://www.debian.org/security/faq -...
CSRF (Cross-Site Request Forgery) in DClassifieds
Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...
[SECURITY] [DSA 2407-1] cvs security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2407-1 [email protected] http://www.debian.org/security/ Florian Weimer February 09, 2012 http://www.debian.org/security/faq -...
Apache mod_proxy unauthorized internal network access
Invalid processing for URI with preceeding @ sign...
OpenKM 5.1.7 Privilege Escalation
COMPASS SECURITY ADVISORY http://www.csnc.ch/ ID: COMPASS-2012-001 Product: OpenKM Document Management System 5.1.7 1 Vendor: OpenKM http://www.openkm.com/ Subject: Privilege Escalation, Improper Access Control Risk: High Effect: Remotely exploitable Author: Cyrill Brunschwiler...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
AdaptCMS 2.x SQL Injection Vulnerability
========================================================================= AdaptCMS 2.x SQL Injection Vulnerability =========================================================================...
[ GLSA 201111-04 ] phpDocumentor: Function call injection
Gentoo Linux Security Advisory GLSA 201111-04 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory October 20, 2011 Risk Level: Medium Affected versions: Oracle Database Server version 10gR1, 10gR2 and 11gR1 Remote exploitable: Yes Authentication to Database Server is needed Credits: This vulnerability was discovered a...
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Advisory ID: cisco-sa-20110928-nat Revision 1.0 For Public Release 2011 Sep 28 1600 UTC GMT +--------------------------------------------------------------------...
APPLE-SA-2011-08-03-1 QuickTime 7.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2011-08-03-1 QuickTime 7.7 QuickTime 7.7 is now available and addresses the following: QuickTime Available for: Mac OS X v10.5.8, Mac OS X Server v10.5.8, Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted pict file may...
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009
Sense of Security - Security Advisory - SOS-11-009 Release Date. 19-Jul-2011 Last Update. - Vendor Notification Date. 23-Mar-2011 Product. Oracle Sun GlassFish Enterprise Server Platform. Java EE Affected versions. 2.1.1 v2.1 Patch069.102 Patch12 build b31g-fcs verified and possibly others Severi...
phpMyAdmin 3.x preg_replace RCE POC
I'm flooded with requests for a POC and many doubt that these vulnerabilities are exploitable. And since this vulnerability is rather technically interesting I believe many could learn from it. http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html...
XSS vulnerability in TWiki < 5.0.2
Information ----------------------------------- Name : XSS vulnerability in TWiki Software : TWiki 5.0.1 and possibily below. Vendor Hompeage : http://twiki.org/ Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity dot com Advisory Reference...
PR10-17 Various XSS and information disclosure flaws within KeyFax response management system
PR10-17: Various XSS and information disclosure flaws within KeyFax response management system http://www.omfax.co.uk Vulnerability found: 25th August 2010 Vendor informed: Vulnerability fixed: Severity: Medium/High Description: KeyFax response management system provides professional management o...
About the security content of Safari 5.0.5
About the security content of Safari 5.0.5 Last Modified: April 14, 2011 Article: HT4596 Email this article Print this page Summary This document describes the security content of Safari 5.0.5. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until...
Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003
Sense of Security - Security Advisory - SOS-11-003 Release Date. 28-Mar-2011 Last Update. - Vendor Notification Date. 25-Mar-2011 Product. Wordpress Plugin BackWPup Platform. Independent Affected versions. 1.6.1 verified, possibly others Severity Rating. High Impact. System Access Attack Vector...
HTB22890: XSS in Rating-Widget wordpress plugin
Vulnerability ID: HTB22890 Reference: http://www.htbridge.ch/advisory/xssinratingwidgetwordpressplugin1.html Product: Rating-Widget wordpress plugin Vendor: Vova Feldman http://rating-widget.com/ Vulnerable Version: 1.3.1 Vendor Notification: 03 March 2011 Vulnerability Type: XSS Cross Site...
[SECURITY] Oracle JVM bug causes denial of service in Apache Tomcat
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The original report is 1. Tomcat is affected when accessing a form based security constrained page or any page that calls javax.servlet.ServletRequest.getLocale or javax.servlet.ServletRequest.getLocales. Work-arounds have been implemented in the...
[SECURITY] [DSA 2137-1] Security update for libxml2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-2137-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 26, 2010 http://www.debian.org/security/faq -...
Path disclosure in KaiBB
Vulnerability ID: HTB22746 Reference: http://www.htbridge.ch/advisory/pathdisclosureinkaibb.html Product: KaiBB Vendor: Mi-Dia http://www.mi-dia.co.uk/ Vulnerable Version: 1.0.1 Vendor Notification: 09 December 2010 Vulnerability Type: Path disclosure Status: Not Fixed, Vendor Alerted, Awaiting...
[ MDVSA-2010:226 ] dhcp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:226 http://www.mandriva.com/security/ Package : dhcp Date : November 10, 2010 Affected: 2009.1, 2010.0, 2010.1 Problem Description: A vulnerability was discovered and corrected in ISC dhcp: ISC DHCP server 4...
Microsoft Security Bulletin MS10-088 - Important Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)
Microsoft Security Bulletin MS10-088 - Important Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution 2293386 Published: November 09, 2010 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Offi...
[ MDVSA-2010:155-1 ] mysql
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:155-1 http://www.mandriva.com/security/ Package : mysql Date : November 8, 2010 Affected: 2009.1 Problem Description: Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allow...
Mozilla Foundation Security Advisory 2010-66
Mozilla Foundation Security Advisory 2010-66 Title: Use-after-free error in nsBarProp Impact: Critical Announced: October 19, 2010 Reporter: Sergey Glazunov Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.11 Firefox 3.5.14 Thunderbird 3.1.5 Thunderbird 3.0.9 SeaMonkey 2.0.9...
Mozilla Foundation Security Advisory 2010-61
Mozilla Foundation Security Advisory 2010-61 Title: UTF-7 XSS by overriding document charset using object type attribute Impact: High Announced: September 7, 2010 Reporter: David Huang, Collin Jackson Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1...
CSRF, Information Leakage and Full path disclosure vulnerabilities in WordPress
Hello 3APA3A! I want to warn you about new security vulnerabilities in WordPress which I published at 30.07.2010 during my Day of bugs in WordPress 2 project. This is second advisory for this project. ------------------------------ Advisory: Day of bugs in WordPress 2: CSRF, Information Leakage a...
Mozilla Foundation Security Advisory 2010-48
Mozilla Foundation Security Advisory 2010-48 Title: Dangling pointer crash regression from plugin parameter array fix Impact: Critical Announced: July 20, 2010 Reporter: Daniel Holbert Products: Firefox 3.6.7 Fixed in: Firefox 3.6.8 Description Mozilla developer Daniel Holbert reported that the f...
Mozilla Foundation Security Advisory 2010-40
Mozilla Foundation Security Advisory 2010-40 Title: nsTreeSelection dangling pointer remote code execution vulnerability Impact: Critical Announced: July 20, 2010 Reporter: regenrecht via TippingPoint's Zero Day Initiative Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.7 Firefox...
ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability
ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-114 June 25, 2010 -- CVE ID: CVE-2010-2160 -- Affected Vendors: Adobe -- Affected Products: Adobe Flash Player -- TippingPointTM IPS Customer Protection:...
Microsoft Security Bulletin MS10-036 - Important Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)
Microsoft Security Bulletin MS10-036 - Important Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution 983235 Published: June 08, 2010 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in COM...
VUPEN Security Research - Adobe Shockwave 3D Blocks Field Code Execution Vulnerability (CVE-2010-1283)
VUPEN Security Research - Adobe Shockwave 0xFFFFFF49 3D Block Code Execution Vulnerability CVE-2010-1283 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to...
Microsoft Security Bulletin MS10-021 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683)
Microsoft Security Bulletin MS10-021 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege 979683 Published: April 13, 2010 Version: 1.0 General Information Executive Summary This security update resolves several privately reported vulnerabilities in Microsoft Windows...
Mozilla Foundation Security Advisory 2010-22
Mozilla Foundation Security Advisory 2010-22 Title: Update NSS to support TLS renegotiation indication Impact: Low Announced: March 30, 2010 Reporter: Mozilla developers and community Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.2 Firefox 3.5.9 Thunderbird 3.0.4 SeaMonkey 2.0.4...
ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability
ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-033 April 2, 2010 -- CVE ID: CVE-2010-0492 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- TippingPointTM IPS Customer...
DynPG CMS Multiple Remote File Inclusion Vulnerability
fucking the Web Apps attack edition / / / / L /' / , / / /' , / /' /' / /' / / / / / / L / / / // // // ///////////L // ////// // // Hack0wn! Security Project / /&...
Chaton <= 1.5.2 Local File Include Vulnerability
================================================ Chaton = 1.5.2 Local File Include Vulnerability ================================================ + Chaton = 1.5.2 Local File Include Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,...
Oracle Siebel 7.x CRM Cross Site Scripting Vulnerability
======================================================= Yaniv Miron aka "Lament" Advisory Feb 27, 2010 Oracle Siebel 7.x CRM 7.7, 7.8 tested Cross Site Scripting Vulnerability ======================================================= ===================== I. BACKGROUND ===================== Siebel...
TinyMCE - Javascript WYSIWYG Editor xss/sql injection vurnerebility
=================================================================== TinyMCE - Javascript WYSIWYG Editor xss/sql injection vurnerebility =================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0...
PHP 5.3.1 open_basedir bypass
hi, in php 5.3.1 security changelog, we can read, that safemode bypass in tempnam has been already fixed. But safemode in 5.3 line is deprecated. We can understand security fix for openbasedir bypass, but not for safemode in 5.3. Annoying is the fact, that exploit for bypass openbasedir or safemo...
[ MDVSA-2009:302 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:302 http://www.mandriva.com/security/ Package : php Date : November 21, 2009 Affected: 2010.0 Problem Description: Some vulnerabilities were discovered and corrected in php-5.3.1: - Added maxfileuploads INI...
VUPEN Security - Adobe Shockwave Player Multiple Code Execution Vulnerabilities
VUPEN Vulnerability Research - Adobe Shockwave Player Multiple Code Execution Vulnerabilities I. BACKGROUND --------------------- "Over 450 million Internet-enabled desktops have installed Adobe Shockwave Player. These people now have access to some of the best the Web has to offer including...
Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution (975682)
Microsoft Security Bulletin MS09-051 - Critical Vulnerabilities in Windows Media Runtime Could Allow Remote Code Execution 975682 Published: October 13, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Windows Media...