47153 matches found
Siemens SIMATIC S7-1200 controllers DoS
Malformed data to TCP/102 port causes device to crash...
Microsoft Internet Explorer 9.x <= Remote Stack Overflow Vulnerability
----------------------------------------------------------------------- Microsoft Internet Explorer 9.x = Remote Stack Overflow Vulnerability ----------------------------------------------------------------------- Author: Jean Pascal Pereira [email protected] Vendor: Microsoft Internet Explorer 9...
Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability
OVERVIEW Open-Realty CMS 3.x versions are vulnerable to Cross Site Request Forgery. 2. BACKGROUND Open-Realty is the world's leading real estate listing marketing and management CMS application, and has enjoyed being the real estate web site software of choice for professional web site...
CubeCart 5.0.7 and lower | Open URL Redirection Vulnerability
OVERVIEW CubeCart 5.0.7 and lower versions are vulnerable to Open URL Redirection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful online...
[SECURITY] [DSA 2594-1] virtualbox-ose security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2594-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 30, 2012 http://www.debian.org/security/faq -...
CubeCart 4.4.6 and lower | Multiple SQL Injection Vulnerabilities
OVERVIEW The CubeCart 4.4.6 and lower versions are vulnerable to SQL Injection. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful online...
EMC Data Protection Advisor information leakage
It's possible to access files remotely...
Oracle VirtualBox DoS
Incorrect interrupt handling...
CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities
OVERVIEW CubeCart 5.x versions are vulnerable to Cross Site Scripting. 2. BACKGROUND CubeCart is an "out of the box" ecommerce shopping cart software solution which has been written to run on servers that have PHP & MySQL support. With CubeCart you can quickly setup a powerful online store which...
Multiple XSS vulnerabilities in Cerberus FTP Server <= 5.0.5.1 [CVE-2012-6339]
Overview =============== Cerberus FTP Server http://www.cerberusftp.com/ is a secure and reliable FTP server with many features and available functionality. It was discovered that the Web Administration interface has multiple persistent Cross Site Scripting XSS vulnerabilities. In the log viewer...
Foswiki Security Alert CVE-2012-6329, CVE-2012-6330 Remote code execution and other vulnerabilities in MAKETEXT macro
---+ Security Alert: Code injection vulnerability in MAKETEXT macro, Denial of Service vulnerability in MAKETEXT macro. This advisory alerts you of a potential security issue with your Foswiki installation. A vulnerability has been reported against the core Perl module CPAN:Locale::Maketext, whic...
OpenDocMan 1.2.6.2 - 3 Vulnerabilities
1 - Unprotected id parameter ----------------------------- In check-in.php the id variable is not filtered so that one can put in additional SQL statements. I have been able to get a UNION SELECT query to run but I do not think it's exploitable because there is a second query that runs with the i...
Multiple vulnerabilities in RokBox for WordPress
Hello 3APA3A! I want to warn you about multiple security vulnerabilities in plugin Rokbox for WordPress. These are Cross-Site Scripting, Full path disclosure, Abuse of Functionality, Denial of Service, Arbitrary File Upload, Content Spoofing and Information Leakage vulnerabilities. Rokbox uses...
FCKEditor File Upload Vulnerability
Description: There is no validation on the extensions when FCKEditor 2.6.8 ASP version is dealing with the duplicate files. As a result, it is possible to bypass the protection and upload a file with any extension. - Reference: http://www.exploit-db.com/exploits/23005/ vulnerable versions: prior...
Addressbook v8.1.24.1 Group Name XSS
Instructions. After authentication, click on the Group tab at the top. Click on the New Group Button on the group page. For the group name the first field enter the following XSS test string: SCRIPTalertString.fromCharCode88,83,83/SCRIPT Then call the XSS string from the URL -- technically one...
TinyBrowser Upload Shell Vulnerability
Hello guys! I'll draw your attention to one exploit at 1337day.com and other their domains: http://1337day.com/exploit/19732. I've wrote to 1337day.com about it already at 19.11.2012. So it should concern every list, which posted that exploit from 1337day.com. This is AFU vulnerability in...
aptdaemon key validation vulnerability
PPA GPG key is validated incorrectly...
File Upload Concern in Front Account 2.3.13 and OpenDocMan 1.2.6.2
I have put this in a separate report since they are not strictly vulnerabilities. By default, both software apps allow the end user to upload any HTML file they wish. This means that files with malicious javascript may be uploaded to the server. The issue is that when a user clicks view for these...
'portable-phpMyAdmin (WordPress Plugin)' Authentication Bypass (CVE-2012-5469)
I. DESCRIPTION --------------------------------------- portable-phpMyAdmin doesn't verify an existing WordPress session privileged or not when accessing the plugin file path directly. Because of how this plugin works, a default installation will provide a full phpMyAdmin console with the privileg...
Path Traversal Vulnerability on Secure Transport versions 5.1 SP2 and earlier
Secure Transport Path Traversal Vulnerability Public Disclosure Date: November 11, 2012 Vendors Affected: Axway http://www.axway.com Systems Affected: Secure Transport Problem: A path traversal vulnerability was identified in SecureTransport versions 5.1 SP2 and earlier on the Microsoft Windows...
Wordpress Pingback Port Scanner
Hi folks, Wordpress 3.5 has it's XML-RPC Interface enabled by default. See here for more information: http://www.ethicalhack3r.co.uk/security/introduction-to-the-wordpress-xml-rpc-api/ http://codex.wordpress.org/Version3.5Settings I read through the article and took a look at the Pinback API sinc...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[USN-1666-1] Aptdaemon vulnerability
========================================================================== Ubuntu Security Notice USN-1666-1 December 17, 2012 aptdaemon vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...
unity firefox extension crossorigin policy bypass
No description provided...
Nova information leakage
LVM images are not cleared on reallocation...
[USN-1663-1] Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1663-1 December 12, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
[USN-1665-1] unity-firefox-extension vulnerability
========================================================================== Ubuntu Security Notice USN-1665-1 December 13, 2012 unity-firefox-extension vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its...
btrfs DoS
DoS via reproducable hash collisions...
DDIVRT-2012-48 VMware View Connection Server Directory Traversal (CVE-2012-5978)
Title ----- DDIVRT-2012-48 VMware View Connection Server Directory Traversal CVE-2012-5978 Severity -------- High Date Discovered --------------- September 26, 2012 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...
[btrfs] is vulnerable to a hash-DoS attack
Hello folk, The btrfs file system, part of the linux kernel, is vulnerable to a trivial hash-DoS attack. More details can be found here: http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/ Enjoy! Pascal Junod -- http://crypto.junod.info @cryptopathe...
Password Disclosure in D-Link IP Cameras (CVE-2012-4046)
A password disclosure vulnerability in the D-Link DCS-9xx series IP cameras allows attackers to gain administrator level access to the camera when on the same broadcast domain. CVE-2012-4046 Details:...
VMWare View directory traversal
VMware View Connection Server directory traversal...
Microsoft Word memory corruption
Memory corruption on RTF parsing...
Microsoft Internet Explorer multiple security vulnerabilities
Few use-after-free vulnerabilities...
Microsoft Windows multiple security vulnerabilities
Buffer overflow on OpenType and TrueType fonts parsing, memory corruption on filname handling, DirectPlay buffer overflow, DirectAccess IP-HTTPS insufficient certificate check...
Microsoft Exchange DoS
Invalid RSS feeds processing...
apt information leakage
Weak term.log file permission...
gobofilter buffer overflow
Buffer overflow on base64 parsing...
[security bulletin] HPSBOV02834 SSRT101055 rev.1 - HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03599086 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03599086 Version: 1 HPSBOV02834...
Multiple critical vulnerabilities in Maxthon and Avant browsers
Hi, Below you can find a short summary of discovered vulnerabilities in Maxthon and Avant browsers. Such vulnerabilities were demonstrated during HITBAMS2012 security conference and more recently at HackPra. Affected Products - Maxthon www.maxthon.com - Avant Browser www.avantbrowser.com Security...
Maxthon and Avant browsers multiple security vulnerabilities
Crossite scripting, information leakage, code execution...
Internet Explorer information leakage
Page can track any mouse movements, even behind the page...
HP OpenVMS DoS
DoS via LOGIN and ACMELOGIN...
[SECURITY] [DSA 2585-1] bogofilter security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2585-1 [email protected] http://www.debian.org/security/ December 11, 2012 http://www.debian.org/security/faq -...
Information disclosure (mouse tracking) vulnerability in Microsoft Internet Explorer versions 6-10
Summary: Unprivileged attackers can track your system-wide mouse movements from any IE page, even when the page is unfocused or minimised. Package: Microsoft Internet Explorer Affected: Tested on versions 6–10 Introduction ----------------- A security vulnerability in Internet Explorer, versions...
[USN-1660-1] Linux kernel vulnerability
========================================================================== Ubuntu Security Notice USN-1660-1 December 11, 2012 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Linux kernel IPv6 filterin bypass
It's possible to bypass filtering with overlapping fragments...
Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework
Advisory ID: HTB23127 Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: 0.1.3, 0.1.4 and probably prior Tested Versions: 0.1.3, 0.1.4 Vendor Notification: November 19, 2012 Public Disclosure: December 10, 2012 Vulnerability Type: OS Command Injection CWE-78...
XSS vulnerability in swfupload in ExpressionEngine
Hello 3APA3A! Here is information about Cross-Site Scripting vulnerability in swfupload in ExpressionEngine. After publication of my advisory XSS vulnerability in web applications with swfupload: AionWeb, Magento, Liferay Portal, SurgeMail, symfony http://securityvulns.ru/docs28761.html and after...
GNU GIMP memory corruption
Memory corruption on XWD files parsing...