47153 matches found
Fortify Software Security Center
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03447895 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03447895 Version: 1 HPSBMU02802...
CVE-2011-0340
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-155 August 22, 2012 - -- CVE ID: CVE-2011-0340 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affecte...
Apple WebKit (iTunes, iPhone, Safari, Google Chrome) multiple security vulnerabilities
70 of different memory corruption vulnerabilities, crossite scripting, information leakage...
ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-156 August 22, 2012 - -- CVE ID: CVE-2012-2493 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -...
ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-158 August 22, 2012 - -- CVE ID: CVE-2012-1891 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-160 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
EMC Autostart buffer overflow
Multiple buffer overflows...
ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-159 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-161 August 22, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
Microsoft Office multiple security vulnerabilities
Memory corruption on RTF parsing, multiple Excel memory corruptions, memory corruption in Visio Viewer...
ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-157 August 22, 2012 - -- CVE ID: CVE-2012-1847 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
Microsoft Windows multiple security vulnerabilities
Microsoft XML Services memory corruption, ADO memory corruption, kernel drivers vulnerabilities, Window Shell command injection, TLS vulnerabilities...
Microsoft Visio buffer overflow
Buffer overflow on DXF files prasing...
ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-144 August 17, 2012 - -- CVE ID: CVE-2012-0409 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
[SECURITY] [DSA 2530-1] rssh security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2530-1 [email protected] http://www.debian.org/security/ Florian Weimer August 15, 2012 http://www.debian.org/security/faq -...
rssh restrictions bypass
It's possible to execute shell commands...
ZDI-12-137 : Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-137 : Apple Mac OS X libsecuritycdsaplugin Malloc Integer Truncation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-137 August 17, 2012 - -- CVE ID: CVE-2012-0651 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C...
Internet Explorer Script Interjection Code Execution
Internet Explorer Script Interjection Code Execution Derek Soeder [email protected] Reported: January 26, 2012, to SecuriTeam Secure Disclosure http://www.beyondsecurity.com/ssd.html Published: August 16, 2012 AFFECTED VENDOR --------------- Microsoft Corporation AFFECTED ENVIRONMENTS...
libotr multiple buffer overflows
multiple heap overflows...
ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-143 August 17, 2012 - -- CVE ID: CVE-2012-1888 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors: Microsoft ...
Apple QuickTime multiple security vulnerabilities
Multiple memory corruption on different multimedia formats parsing, crossite scripting...
Apple Mac OS X multiple security vulnerabilities
Multiple vulnerabilities in different subsystems...
NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3
High Risk Vulnerability in Microsoft Windows Remote Desktop 17 August 2012 Edward Torkington of NCC Group has discovered a High risk vulnerability in Microsoft Windows Remote Desktop Impact: Remote Code Execution Versions affected: Windows XP SP3 An updated version of the software has been releas...
McAfee SmartFilter Administration Server code execution
Code excution via RMI services...
GIMP Scriptfu Python Remote Command Execution
Summary ======= There is an arbitrary command execution vulnerability in the scriptfu network server console in the GIMP 2.6 branch. It is possible to use a python scriptfu command to run arbitrary operating-system commands and potentially take full control of the host. The advisory is posted her...
Microsoft Windows multiple security vulnerabilities
RDP user-after-free, Remote Administration Protocol multiple security vulnerabilities, Print Spooler Service format string vulnerability, user-after-free in win32k.sys...
Microsoft Exchange Server WebReady Document Viewing multiple security vulnerabilities
Multiple vulnerabilities in embedded Oracle Outside In technology...
Microsoft Windows multiple security vulnerabilities
Code execution via .Net, kernel and different kernel drivers privilege escalation...
ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-142 August 17, 2012 - -- CVE ID: CVE-2012-1713 - -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C - -- Affected...
ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-136 August 17, 2012 - -- CVE ID: CVE-2011-3220 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected...
[USN-1541-1] libotr vulnerability
========================================================================== Ubuntu Security Notice USN-1541-1 August 16, 2012 libotr vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
emacs protection bypass
"enable-local-variables" doesn't work...
Microsoft Internet Explorer multiple security vulnerabilities
Memory corruptions, integer overflow, function pointer corruption...
SAP Business Objects Financial Consolidation ActiveX buffer overflow
CtAppReg.dll buffer overflow...
ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-141 August 17, 2012 - -- CVE ID: CVE-2012-1855 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-140 August 17, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - --...
[ MDVSA-2012:135 ] wireshark
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:135 http://www.mandriva.com/security/ Package : wireshark Date : August 16, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities was found and corrected in Wireshark: The DCP ET...
GIMP script-fu buffer overflow
Buffer overflow on message parsing, shell execution...
ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-138 August 17, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-139 August 17, 2012 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: SAP - ...
Cisco IOS XR DoS
Crash on received packet processing...
SAP Crystal Reports buffer overflow
Buffer overflow on network data parsing...
[slackware-security] emacs (SSA:2012-228-02)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security emacs SSA:2012-228-02 New emacs packages are available for Slackware 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: +--------------------------+...
Oracle Java multiple security vulnerabilities
14 different vulnerabilities...
Wireshark security vulnerabilities
Few different DoS conditions in NFS and PPP dissectors...
Inout Mobile Webmail APP - Multiple Web Vulnerabilities
Title: ====== Inout Mobile Webmail APP - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=609 VL-ID: ===== 609 Common Vulnerability Scoring System: ==================================== 3.5 Abstract: ========= The...
Dir2web3 Mutiple Vulnerabilities
Title: ====== Dir2web3 Multiple Vulnerabilities Date: ===== 05/08/2012 Author: ======= Daniel Correa http://www.sinfocol.org/ Vulnerable software: ==================== Dir2web v3.0 http://www.dir2web.it/ CVE: ==== CVE-2012-4069 CVE-2012-4070 Details: ======== There are two vulnerabilities...
[PRE-SA-2012-05] Multiple heap-based buffer overflows in LibreOffice / OpenOffice
PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2012-05 Released on: 6 August 2012 Affected product: LibreOffice 3.5.5 Apache OpenOffice = 3.4.0 Impact: code execution Origin: encrypted office files CVSS Base Score: 9.3 Impact Subscore: 10 Exploitability Subscore: 8.6 CVSS...
iAuto Mobile Application 2012 - Multiple Web Vulnerabilities
Title: ====== iAuto Mobile Application 2012 - Multiple Web Vulnerabilities Date: ===== 2012-07-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=658 VL-ID: ===== 658 Common Vulnerability Scoring System: ==================================== 3.5 Introduction: ===========...
Oracle Sun Solaris Update Manager symbolic links vulnerability
Insecure temporary files creation...