47153 matches found
EMC RSA Archer multiple security vulnerabilities
Code execution, crosite scripting, authorization bypass...
XSS vulnerability in JW Player and JW Player Pro
Hello 3APA3A! I want to warn you about new XSS vulnerability in JW Player and JW Player Pro. Last year I've written about multiple Content Spoofing and Cross-Site Scripting vulnerabilities in JW Player and JW Player Pro, and this is new Cross-Site Scripting vulnerability about which I've not wrot...
Censornet Professional multiple security vulnerabilities
Crossite scripting, SQL injections...
WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability
The WordPress plugin Advanced XML Reader v0.3.4 published here: http://wordpress.org/extend/plugins/advanced-xml-reader/ is susceptible to XXE XML eXternal Entity processing attacks. After installing the plugin on a Windows machine, I created a text file in the root of C: named "test.txt", which...
OWASP WAF protection bypass
It's possible to bypass protection by using non-standard URL encodings...
Remote command execution in Ruby Gem Command Wrap
Remote command execution in Ruby Gem Command Wrap 3/15/2013 http://rubygems.org/gems/commandwrap Commands executed if the remote URL or filename contains the shell character ';'. The commands will be executed as the client user if tricked into using the malicious URL or filename. Examining the...
[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE
Hello All, Today, a vulnerability report with an accompanying Proof of Concept code was sent to Oracle notifying the company of a new security weakness affecting Java SE 7 software. The new flaw was verified to affect all versions of Java SE 7 including the recently released 1.7.021-b11. It can b...
Vulnerability in Microsoft Security Essentials <v4.2
Hi @ll, versions of Microsoft Security Essentials before the current v4.2 see https://support.microsoft.com/kb/2805304 have a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account almost like https://support.microsoft.com/kb/2781197 alias...
[waraxe-2013-SA#101] - Update Spoofing Vulnerability in Royal TS 2.1.5
waraxe-2013-SA101 - Update Spoofing Vulnerability in Royal TS 2.1.5 =============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-101.html Description of vulnerable...
Apache VCL improper input validation
CVE-2013-0267: Apache VCL improper input validation Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache VCL 2.1, 2.2, 2.2.1, 2.3, 2.3.1 Description: Some parts of VCL did not properly validate input data. This problem was present both in the Privileges portion of...
[ISecAuditors Security Advisories] Multiple Full Path Disclosure Vulnerabilities in TinyWebGallery <= v1.8.9
============================================= INTERNET SECURITY AUDITORS ALERT 2013-012 - Original release date: March 19th, 2013 - Last revised: April 6th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 5/10 CVSS Base Score - CVE-ID: CVE-2013-2631...
[CVE-2013-1814] Apache Rave exposes User over API
CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to...
SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum
SEC Consult Vulnerability Lab Security Advisory 20130311-0 ======================================================================= title: Persistent cross-site scripting vulnerability product: jforum vulnerable version: 2.1.9 fixed version: - impact: medium homepage: http://jforum.net/ found:...
Path Traversal in AWS XMS
Advisory ID: HTB23147 Product: AWS XMS Vendor: http://www.aws-dms.com Vulnerable Versions: 2.5 and probably prior Tested Version: 2.5 Vendor Notification: March 6, 2013 Vendor Patch: March 16, 2013 Public Disclosure: March 27, 2013 Vulnerability Type: Path Traversal CWE-22 CVE Reference:...
libarchive integer overflow
Integer overflow on zip file creation leads to buffer overflow...
[ MDVSA-2013:147 ] libarchive
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:147 http://www.mandriva.com/en/support/security/ Package : libarchive Date : April 19, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and...
Multiple Vulnerabilities in KrisonAV CMS
Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free MS13-028 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as par...
Cisco/Linksys E1200 N300 Reflected XSS
Summary -------------------- Software : Cisco/Linksys Router OS Hardware : E1200 N300 others currently untested Version : 2.0.04 others currently untested Website : http://www.linksys.com Issue : Reflected XSS Severity : Medium Researcher: Carl Benedict theinfinitenigma Product Description...
NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)
High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Invalid pointer read Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...
Personal File Share HTTP Server Remote Overflow Vulnerability
Title: Personal File Share HTTP Server Remote Overflow Vulnerability Software : Personal File Share HTTP Server Software Version : UNKNOWN Vendor: http://www.srplab.com/ Vulnerability Published : 2013-04-28 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0,...
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028)
VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free MS13-028 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as part of the...
ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability
ESA-2013-035.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability EMC Identifier: ESA-2013-035 CVE Identifier: CVE-2013-0945 Severity Rating: CVSS v2 Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C Affected products: EMC Avamar...
[security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03748875 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03748875 Version: 1 HPSBMU02872...
nginx integer overflow
Integer overflow leads to code execution...
[USN-1813-1] Linux kernel vulnerabilities
========================================================================== Ubuntu Security Notice USN-1813-1 May 02, 2013 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
ClamAV multiple security vulnerabilities
Buffer overflow on UPX decompression, array overflow on PDF parsing...
Microchip controllers IPv6 implementation buffer overflow
Buffer overflow on fragmented packets parsing...
WowzaMediaServer SecureToken bypass (and worse)
Product: Wowza Media Server URL: http://www.wowza.com/ Description: WMS is a quite popular RTMP/HLS/HDS/RTSP streaming server Issue: By default all installations of WMS use four modules in their application's config file: base, properties, logging, flvplayback. I've found out that the properties...
Wowza Media Server security vulnerabilities
Directory traversal, authentication bypass...
Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution
Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution ============================= ==== General Information ==== ============================= == Executive Summary == The function TCPIPIPV6ProcessFragmentationHeader does not correctly validate the "fragment offset" field i...
NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)
High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Null Pointer Dereference Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...
Oracle / Sun / MySQL / PeopleSoft multiple applications security vulnerabilities
128 vulnerabilities in different application...
Cisco Linksys E1200 / N300 XSS
XSS in Web interface...
stunnel integer overflow
Integer overflow leads to buffer overflow...
EMC Avamar server / client security vulnerabilities
Unauthorized files access, insufficient certificate validation...
ESA-2013-034: EMC Avamar Improper Authorization vulnerability
ESA-2013-034.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-034: EMC Avamar Improper Authorization vulnerability EMC Identifier: ESA-2013-034 CVE Identifier: CVE-2013-0944 Severity Rating: CVSS v2 Base Score: 7.5 AV:N/AC:M/Au:S/C:C/I:P/A:P Affected products: • EMC Avamar Server 5.x •...
Microsoft Internet Explorer multiple security vulnerabilities
Use-after-free vulnerabilities...
D-Link IP cameras multiple security vulnerabilities
Code execution, authentication bypass, hardcoded credentials, information leakage...
EMC Networker privilege escalation
Weak file permissions...
SRPLab Personal File Share buffer overflow
Buffer overflow on oversized request in HTTP server...
[USN-1816-1] ClamAV vulnerabilities
========================================================================== Ubuntu Security Notice USN-1816-1 May 03, 2013 clamav vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection
High Risk Vulnerability in Oracle Retail Central Office 1 May 2013 Andrew Davies of NCC Group has discovered a High risk vulnerability in Oracle Retail Central Office Impact: SQL Injection Versions affected: Oracle Retail Central Office, versions 13.1, 13.2, 13.3, 13.4 Security patch information...
Re: Nginx ngx_http_close_connection function integer overflow
Hello, On Thu, 25 Apr 2013, 06:52-0000, [email protected] wrote: ... II. DESCRIPTION --------------------- Qihoo 360 Web Security Research Team discovered a critical vulnerability in nginx. The vulnerability is caused by a int overflow error within the Nginx ngxhttpcloseconnection function when...
HP Service Manager security vulnerabilities
XSS, information leakage...
[ MDVSA-2013:154 ] util-linux
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:154 http://www.mandriva.com/en/support/security/ Package : util-linux Date : April 29, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and...
CORE-2013-0303 - D-Link IP Cameras Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ D-Link IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: D-Link IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0303 Advisory URL:...
WowzaMediaServer StorageDir escape (regression)
Product: Wowza Media Server URL: http://www.wowza.com/ Description: WMS is a quite popular RTMP/HLS/HDS/RTSP streaming server Issue: In early 2009 I reported problem with processing of requests with relative paths. The issue surfaced again. In a nutshell, you can escape Applications StorageDir...
ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability
ESA-2013-028.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability EMC Identifier: ESA-2013-028 EMC Identifier: NW147983 CVE Identifier: CVE-2013- 0940 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected product...
FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver [REVISED]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:05.nfsserver Security Advisory The FreeBSD Project Topic: Insufficient input validation in the NFS server Category: core Module: nfsserver Announced: 2013-04-2...