47153 matches found
Cisco IOS XR DoS
DoS on malcrafted packets...
FreeBSD Security Advisory FreeBSD-SA-12:02.crypt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-12:02.crypt Security Advisory The FreeBSD Project Topic: Incorrect crypt hashing Category: core Module: libcrypt Announced: 2012-05-30 Credits: Rubin Xu, Joseph...
FreeBSD crypt() implementation vulnerability
8-bit characters are ignored during DES hash calculation...
AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability
Asterisk Project Security Advisory - AST-2012-008 Product Asterisk Summary Skinny Channel Driver Remote Crash Vulnerability Nature of Advisory Denial of Service Susceptibility Remote authenticated sessions Severity Minor Exploits Known No Reported On May 22, 2012 Reported By Christoph Hebeisen...
Asterisk security vulnerabilities
DoS conditions on Skinny and IAX2 parsing...
[security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized
Access and Increased Privileges -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03333494 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID:...
sudo protection bypass
It's possible to bypass IP limitations...
The story of the Linux kernel 3.x...
The story of the Linux kernel 3.x... In 2005 everybody was exited about possibility of bypass ASLR on all Linux 2.6 kernels because of the new concept called VDSO Virtual Dynamic Shared Object. More information about this story can be found at the following link:...
PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version
?php www.bugreport.ir Title: PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version Vendor: http://www.php.net Vulnerable Version: PHP up to version 5.3.12 and 5.4.2 Exploitation: Remote Original Advisory: http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/ Original Exploit URL:...
[SECURITY] [DSA 2476-1] pidgin-otr security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2476-1 [email protected] http://www.debian.org/security/ Jonathan Wiltshire May 19, 2012 http://www.debian.org/security/faq -...
Pidgin otr plugin format string vulnerability
No description provided...
FlashPeak SlimBrowser buffer overflow
Buffer overflow via TITLE tag...
[PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem
PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2012-03 Released on: 10 May 2012 Affected product: Linux Kernel 3.3.x = 3.3.4 2.6.x = 2.6.35.13 Impact: code execution / privilege escalation Origin: HFS plus file system Credit: Timo Warns PRESENSE Technologies GmbH CVE...
Linux kernel multiple security vulnerabilities
DoS conditions, protection bypass, buffer overflow...
HP OpenVMS ACMELOGIN privilege escalation
No description provided...
FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability
Title: FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability Software : FlashPeak SlimBrowser Software Version : 6.0.1.38 Vendor: FlashPeak Inc.www.flashpeak.com/ Vulnerability Published : 2012-05-16 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 5.0,...
PHP multiple security vulnerabilities
DoS conditions, code execution, SQL injections...
CVE-2012-2149 OpenOffice.org memory overwrite vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-2149 OpenOffice.org memory overwrite vulnerability Reference: http://www.openoffice.org/security/cves/CVE-2012-2149.html Severity: Important Vendor: The Apache Software Foundation Versions Affected: OpenOffice.org 3.3 and 3.4 Beta, on all...
CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object Reference: http://www.openoffice.org/security/cves/CVE-2012-1149.html Severity: Important Vendor: The Apache Software...
OpenOffice multiple security vulnerabilities
Multiple memory corruptions...
OpenSSL DoS
Invalid memory dereference in CBC mode...
SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149
SEC Consult Vulnerability Lab Security Advisory 20120518-0 ======================================================================= title: libwpd WPXContentListener::closeTableRow memory overwrite product: OpenOffice.org vulnerable version: 3.3.0/3.4 Beta 1 and probably earlier versions fixed...
Apple Quicktime Memory Corruption (CVE-2012-0671)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Qualys Vulnerability & Malware Research Labs VMRL http://www.qualys.com http://www.dissect.pe Memory corruption when Apple Quicktime parsers .pct file CVE-2012-0671 INTRODUCTION Apple Quicktime does not properly parse .pct media files, which causes a...
CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0 Reference: http://www.openoffice.org/security/cves/CVE-2012-2334.html Severity: Important Vendor: The Apache Software Foundation Versions Affected:...
APPLE-SA-2012-05-15-1 QuickTime 7.7.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-05-15-1 QuickTime 7.7.2 QuickTime 7.7.2 is now available and addresses the following: QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Visiting a maliciously crafted website may lead to an unexpected application...
[SECURITY] [DSA-2471-1] ffmpeg security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2471-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 13, 2012 http://www.debian.org/security/faq -...
libtasn1 / GnuTLS memory corruption
Memory corruption on some malformed values...
[USN-1439-1] Horizon vulnerabilities
========================================================================== Ubuntu Security Notice USN-1439-1 May 07, 2012 horizon vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability
Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability download url of a test version: http://www.adobe.com/cfusion/tdrc/index.cfm?product=photoshop Note: Found three weeks before the CS6 release. I could not reproduce against CS6, cannot say if the...
Adobe Photoshop security vulnerabilities
Memory corruptions on files processing...
Apache POI memory exhaustion
Memory exhaustion on Microsoft Word documents processing...
[SECURITY] [DSA 2468-1] libjakarta-poi-java security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2468-1 [email protected] http://www.debian.org/security/ Florian Weimer May 09, 2012 http://www.debian.org/security/faq -...
[USN-1436-1] Libtasn1 vulnerability
========================================================================== Ubuntu Security Notice USN-1436-1 May 02, 2012 libtasn1-3 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Dispatcher Multiple Vulnerabilities 1. Advisory Information Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL:...
SAP NetWeaver multiple security vulnerabilities
Multiple vulnerabilities in Dispatcher service...
Nova DoS
Resources exhaustion via oversized username. Resources exhaustion by quota limitatations bypass...
chevreto_XSS_file_existence_enum_vulns
======================================================================================== Vulnerable Software: Chevereto upload script Downloaded from: http://code.google.com/p/chevereto/downloads/list http://code.google.com/p/chevereto/downloads/detail?name=cheveretonb1.91.zip&can=2&q= Official...
ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities. EMC Identifier: ESA-2012-019 CVE Identifiers: CVE-2012-2276, CVE-2012-2277 Severity Rating: CVSS v2 Base Score: 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C Affected products: EMC...
[SECURITY] [DSA 2469-1] linux-2.6 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ---------------------------------------------------------------------- Debian Security Advisory DSA-2469-1 [email protected] http://www.debian.org/security/ Dann Frazier May 10, 2012 http://www.debian.org/security/faq -...
Drupal 7.14 <= Full Path Disclosure Vulnerability
Drupal 7.14 = Full Path Disclosure Vulnerability Discovered by: Jean Pascal Pereira [email protected] About Drupal: "Drupal is an open source content management platform powering millions of websites and applications. It's built, used, and supported by an active and diverse community of people...
EMC Documentum Information Rights Management Server DoS
Few different DoS conditions...
[USN-1438-1] Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1438-1 May 03, 2012 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu...
[SECURITY] [DSA 2466-1] rails security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2466-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst May 09, 2012 http://www.debian.org/security/faq -...
[ MDVSA-2012:071 ] php
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:071 http://www.mandriva.com/security/ Package : php Date : May 10, 2012 Affected: Enterprise Server 5.0 Problem Description: This is a bugfix and security advisory that upgrades php to the latest 5.3.13...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[security bulletin] HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03301267 Version: 1 HPSBMU02770 SSRT100848 rev.1 - HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery CSRF, Cross Site Scripting XSS, URL Redirection, Unauthorized...
[security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03301871 Version: 1 HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code NOTICE: The information in this Security...
[ MDVSA-2012:067 ] samba
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:067 http://www.mandriva.com/security/ Package : samba Date : May 1, 2012 Affected: 2010.1, 2011. Problem Description: A vulnerability has been found and corrected in samba: Security checks were incorrectly...
HP Insight Management Agents multiple security vulnerabilities
Cross Site Request Forgery CSRF, Cross Site Scripting XSS, URL Redirection, Unauthorized Modification, Denial of Service DoS...
Lan Messenger DoS
Crash on network packet parsing...