CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ CORE-2012-1128 1. Advisory Information Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date...

[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2013-02-16 Date published: 2013-02-16 CVSSv2 Score: 6,8 AV:N/AC:M/Au:N/C:P/I:P/A:P...

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager streams queue February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote...

Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability

Exploit Title : Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/marekkis-watermark/ CVE Assigned - CVE-2013-1758 Marekkis...

TeamSHATTER Security Advisory: Oracle Database GeoRaster API overflow (CVE-2012-3220)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Database GeoRaster API overflow February 20, 2013 Risk Level: High Affected versions: Oracle Database 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes Credits: This vulnerability w...

Alt-N MDaemon multiple security vulnerabilities

Multiple web interface vulnerabilities...

Samsung Galaxy S3 screenlock bypass

Voice commands are available in locked state...

TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory HTTP Response Splitting in Oracle Enterprise Manager policyViewSettings February 20, 2013 Risk Level: Medium Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Y...

Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability

Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ CVE Assigned - CVE-2013-1759...

TeamSHATTER Security Advisory: SQL Injection in Oracle EM (SCPLBL_COLLECTED parameters) (CVE-2013-0353)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory SQL Injection in Oracle Enterprise Manager SCPLBLCOLLECTED parameters February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes...

[SECURITY] [DSA 2628-1] nss-pam-ldapd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2628-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 18, 2013 http://www.debian.org/security/faq -...

Multiple Vulnerabilities in Netgear DGN2200B

Device Name: DGN2200B Vendor: Netgear ============ Vulnerable Firmware Releases: ============ Hardwareversion DGN2200B Firmwareversion V1.0.0.367.0.36 - 04/01/2011 ============ Device Description: ============ Infos: http://www.netgear.com/home/products/wirelessrouters/work-and-play/dgn2200.aspx...

TeamSHATTER Security Advisory: Oracle EM Cross Site Scripting in XDBResource cancelURL parameter (CVE-2013-0352)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory Oracle Enterprise Manager Cross Site Scripting in XDBResource cancelURL parameter February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 10.2.0.3, 10.2.0.4; 10.2.0.5, 11.1.0.7,...

CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is a relatively minor issue, hence no embargo. Michael Scherer [email protected] of Red Hat found: Looking for incorrect /tmp/ usage, I found the following piece of code in /usr/share/gems/gems/rubyparser-2.0.4/lib/gauntletrubyparser.rb...

XSS vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS

Hello 3APA3A! After my previous list of vulnerable software with ZeroClipboard.swf, here is a list of software with ZeroClipboard10.swf. These are Cross-Site Scripting vulnerabilities in em-shorty, RepRapCalculator, Fulcrum, Django and aCMS. Earlier I've wrote about Cross-Site Scripting...

Multiple Cross-Site Scripting (XSS) in glFusion

Advisory ID: HTB23142 Product: glFusion Vendor: http://www.glfusion.org/ Vulnerable Versions: 1.2.2 and probably prior Tested Version: 1.2.2 Vendor Notification: January 30, 2013 Vendor Patch: January 30, 2013 Public Disclosure: February 20, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CV...

squid cachemanager DoS

cachemgr.cgi resources exhaustion...

Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities

Multiple memory corruptions, https response spoofing, information leakage, protection bypass, DoS...

TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cross-site scripting in Oracle Enterprise Manager advReplicationAdmin TeamSHATTER Security Advisory February 20, 2013 Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2, 11.2.0.3 Remote exploitable: Yes...

FreeBSD Security Advisory FreeBSD-SA-13:02.libc

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-13:02.libc Security Advisory The FreeBSD Project Topic: glob3 related resource exhaustion Category: core Module: libc Announced: 2013-02-19 Affects: All supported...

HP ArcSight multiple security vulnerabilities

Information leakage, code execution, crossite scripting...

Alt-N MDaemon Email Body HTML/JS Injection Vulnerability

============================================================== Alt-N MDaemon Email Body HTML/JS Injection Vulnerability ============================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Type: HTML/JS Injection Remot...

US-CERT Alert TA13-051A - Oracle Java Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA13-051A Oracle Java Multiple Vulnerabilities Original release date: February 20, 2013 Last revised: -- Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 13 and earlier JDK and...

Samsung Galaxy S3 partial screen-lock bypass

MTI Technology – Vulnerability Research Team www.mti.com ukpentestinfo"at"mti.com Samsung Galaxy S3 – partial screen-lock bypass Date found: 17th Feb 2012 Vendor Notified: 20th Feb 2012 Vendor Affected: Samsung Device: Galaxy S3 Model: GT-19300 OS: Android 4.1.2 Kernel Version: 3.0.31-742798...

SQLi found in Kodak Insite

Hello ... While investigating a recent installation of Kodak's Insite Creative Workflow System for my current employer, an SQL Injection vulnerability was discovered in its "Forgot Your Password?" page. An example of this application can be seen on the Kodak site...

XSS vulnerabilities in YAML, Multiproject for Trac, UserCollections for Piwigo, TAO and TableTools for DataTables for jQuery

Hello 3APA3A! These are Cross-Site Scripting vulnerabilities in YAML, MultiProject extension for Trac, UserCollections extension for Piwigo, TAO and TableTools plugin for DataTables plugin for jQuery with ZeroClipboard.swf. Earlier I've wrote about Cross-Site Scripting vulnerabilities in...

OSEC-2013-01: nagios metacharacter filtering omission

Exploit Title: Wordpress pretty-link plugin XSS in SWF Release Date: 20/02/13 Author: hip Insight-Labs Contact: [email protected] | Website: http://insight-labs.org Software Link: http://downloads.wordpress.org/plugin/pretty-link.1.6.3.zip Vendor Homepage: http://prettylinkpro.com/ Tested on:...

Cisco Linksys routers multiple security vulnerabilities

Directory traversals, code execution, etc...

gnome screensaver protection bypass

Screensaver doesn't start automatically...

Qt multiple security vulnerabilities

Information leakage, incalid SSL error messages...

[SECURITY] [DSA 2623-1] openconnect security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2623-1 [email protected] http://www.debian.org/security/ Florian Weimer February 14, 2013 http://www.debian.org/security/faq -...

Pidgin multiple security vulnerabilities

Different vulnerabilities in MXit and IPnP implementations...

Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability

Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation of our DBI shim to error on semi-col...

Edimax access points multiple security vulnerabilities

Multiple web interface vulnerabilities...

PostgreSQL information leakage

Array index overflow...

[slackware-security] pidgin (SSA:2013-044-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security pidgin SSA:2013-044-01 New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution

A vulnerability exists in IRIS citations management tool which allows a low privileged attacker to execute arbitrary commands. Details can be found on my blog: https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/ PoC:...

Multiple Vulnerabilities in Linksys WRT160Nv2

Device Name: Linksys WRT160Nv2 Vendor: Linksys/Cisco ============ Device Description: ============ Best For: Delivers plenty of speed and coverage, so large groups of users can go online, transfer large files, print, and stream stored media Features: Fast Wireless-N connectivity frees you to do...

IBM Lotus Domino crossite scripting and open redirect

IBM Lotus Domino Web Server crossite scripting and open redirection...

Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND

Device Name: TL-WA701N / TL-WA701ND Vendor: TP-Link ============ Vulnerable Firmware Releases: ============ Firmware Version: 3.12.6 Build 110210 Rel.37112n Firmware Version: 3.12.16 Build 120228 Rel.37317n - Published Date 2/28/2012 Hardware Version: WA701N v1 00000000 Model No.: TL-WA701N /...

Atmel crypto co-processors information leakage

Keys may be leaked via JTAG interface...

Dell Sonicwall Scrutinizer multiple security vulnerabilities

Multiple web interface vulnerabilities...

[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119 Date found: 2013-02-14 Date published: 2013-02-14...

[USN-1722-1] jQuery vulnerability

========================================================================== Ubuntu Security Notice USN-1722-1 February 13, 2013 jquery vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack

The Atmel AT91SAM7XC series of microprocessors contain a crypto co-processor which is DES and AES capable. They include a write-only memory for key storage and multiple physical security measures to prevent decapping etc. However, due to poor memory management, in certain circumstances it is...

CSRF, XSS and Redirector vulnerabilities in IBM Lotus Domino

Hello 3APA3A! These are Cross-Site Request Forgery, Cross-Site Scripting and Redirector vulnerabilities in IBM Lotus Domino. At 30th of November IBM released the advisory concerning these vulnerabilities. CVE ID: CVE-2012-4842, CVE-2012-4844. SecurityVulns ID: 12789. IBM Security Bulletin for Ope...

TP-Link access points multiple security vulnereabilities

Multiple web interface vulnerabilities...

[USN-1723-1] Qt vulnerabilities

========================================================================== Ubuntu Security Notice USN-1723-1 February 14, 2013 qt4-x11 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...

OpenConnect buffer overflow

Buffer overflow on server response parsing...