47153 matches found
DoS vulnerability in WordPress
Hello 3APA3A! I want to warn you new about security vulnerability in WordPress. This is Denial of Service vulnerability. Which exists in security functionality, which protects against Abuse of Functionality vulnerability in WordPress, which I've disclosed in 2009 and which was not fixed correctly...
seditio_PmOS_plugin_XSS_vuln
============================================================================ Vulnerable Software: PmOS - Pm Okuma Sistemi plugin for Seditio CMS. http://seditio-eklenti.com/datas/users/1-pmoku.rar MD5 SUM: 88235c2b4b0613bff87545d2d887f042 1-pmoku.rar...
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites
Title: ====== ACC PHP eMail v1.1 - Multiple Web Vulnerabilites Date: ===== 2012-04-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=505 VL-ID: ===== 505 Introduction: ============= Acc PHP eMail is a email subscription and management script. Manage subscribers them an...
XSS and Blind SQL Injection Vulnerabilities in ExponentCMS
Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Y?lmaz...
sfquickban_plugin_CSRF
================================================================ Vulnerable Software: SF - Quick Ban sfquickban version 1.0 is Plugin for Seditio CMS. http://www.seditioforge.com/plugins/administration/sf-quick-ban-i65.html http://www.seditioforge.com/page.php?id=65&a=dl MD5 SUM:...
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities
Title: ====== Netjuke 1.0 RC1 - SQL Injection Vulnerabilities Date: ===== 2012-04-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=506 VL-ID: ===== 506 Introduction: ============= The Netjuke is a Web-Based Audio Streaming Jukebox powered by PHP 4, a database and all...
DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities
Title: ====== DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=507 VL-ID: ===== 507 Introduction: ============= To demonstrate the rich possibilities of DHTMLX controls and to show how they work...
phpMyBible 0.5.1 Mutiple XSS
Exploit Title: phpMyBible 0.5.1 Mutiple XSS Date: 04/15/12 Author: G13 Twitter: @g13net Software http://sourceforge.net/projects/phpmybible/?source=directory Version: 0.5.1 Category: webapps php Description phpMyBible is an online collaborative project to make an e-book of the Holy Bible in as...
[SECURITY] [DSA 2455-1] typo3-src security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2455-1 [email protected] http://www.debian.org/security/ Nico Golde April 20, 2012 http://www.debian.org/security/faq -...
OCIPasswordChange API leaks information of password hash (CVE-2012-0511)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory OCIPasswordChange API leaks information of password hash. Risk Level: High Affected versions: Oracle Database Server version 10gR1, 10gR2 10.2.0.4 and previous patchsets and 11gR1 11.1.0.7 and previous patchset...
Adobe Flash Player multiple security vulnerabilities
Different memory corruptions...
[SECURITY] [DSA 2454-1] openssl security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2454-1 [email protected] http://www.debian.org/security/ Raphael Geissert April 19, 2012 http://www.debian.org/security/faq -...
Samsun TV and BD-players security vulnerabilities
DoS, buffer overflow in Remote Controller protocol...
Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Oracle Enterprise Manager vulnerable to Session fixation. Risk Level: Low Affected versions: Oracle Enterprise Manager Database Control 10.2.0.5, 11.1.0.7 and previous patchsets Remote exploitable: Yes Credits:...
VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability (APSB12-07 / CVE-2012-0773)
VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability APSB12-07 / CVE-2012-0773 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Adobe Flash Player is a cross-platform browser-based...
Vulnerabilities in Samsung TV (remote controller protocol)
Luigi Auriemma Application: Samsung devices with support for remote controllers http://www.samsung.com Versions: current Platforms: the vulnerable protocol is used on both TV and blue-ray devices so both of them should be vulnerable my tests were performed only on a D6000 TV with the latest...
SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager searchPage web page. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 and previous patchsets Oracle Enterprise Manager...
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Incomplete protection of Oracle Database locked accounts. Risk Level: Low Affected versions: Oracle Database Server version 10gR1, 10gR2 10.2.0.5 and previous patchsets and 11gR1 11.1.0.7 and previous patchsets...
The history of a -probably- 13 years old Oracle bug: TNS Poison
tl;dr - Patch your database ASAP with Oracle Critical Patch Update April 2012. Introduction ------------ The following advisory explains a vulnerability I found in 2008 in all versions of Oracle Database server until very recently. The bug is probably available in any Oracle Database version sinc...
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory HTTP Response Splitting in Oracle Enterprise Manager pageName parameter. Risk Level: Medium Affected versions: Oracle Enterprise Manager Database Control 10.2.0.5, 11.1.0.7, 11.2.0.3 and previous patchsets Orac...
OCIPasswordChange API leaks information of password hash (CVE-2012-0511)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory OCIPasswordChange API leaks information of password hash. Risk Level: High Affected versions: Oracle Database Server version 10gR1, 10gR2 10.2.0.4 and previous patchsets and 11gR1 11.1.0.7 and previous patchset...
Comodo Internet Ssecurity DoS
BSOD on PE execution if ImageBase points to kernel space...
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory HTTP Response Splitting in Oracle Enterprise Manager prevPage parameter. Risk Level: Medium Affected versions: Oracle Enterprise Manager Database Control 10.2.0.5, 11.1.0.7, 11.2.0.3 and previous patchsets Orac...
[CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64)
affected software Comodo Internet Security, until 5.9 description BSOD under Windows 7 x64 if a 32b PE with a kernel ImageBase is executed. such files are very unusual, but work perfectly if the PE contains relocations, as shown at http://pe.corkami.comImageBase and http://pe.corkami.comrelocatio...
SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory SQL Injection in Oracle Enterprise Manager compareWizFirstConfig web page. Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.2 and previous patchsets Oracle...
Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Incomplete protection of Oracle Database locked accounts. Risk Level: Low Affected versions: Oracle Database Server version 10gR1, 10gR2 10.2.0.5 and previous-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1...
[ MDVSA-2012:059 ] python-sqlalchemy
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:059 http://www.mandriva.com/security/ Package : python-sqlalchemy Date : April 16, 2012 Affected: 2011., Enterprise Server 5.0 Problem Description: It was discovered that SQLAlchemy did not sanitize values f...
Microsoft SQL Server privilege escalation
Privilege escalation via RESTORE DATABASE...
CVE-2012-0769, the case of the perfect info leak
Hi, During the last few months I have been researching Adobe's Flash vulnerabilities ranging from type confusion vulnerabilities, AS3 API vulnerabilities CVE-2012-0769, sandbox escapes CVE-2012-0724 & CVE-2012-0725, etc. I am pleased to announce the release of part of this research. In this case,...
SQLAlchemy SQL injection
SQL request data is not checked...
[security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03281869 Version: 1 HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service DoS NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date...
HP OpenVMS DoS
No description provided...
Adobe Flash Player security vulnerabilities
Few memory corruptions...
TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Privilege escalation via internal sql injection in RESTORE DATABASE command. Risk Level: Medium Affected versions: Microsoft SQL Server 2005, 2008, 2008 R2 Remote exploitable: Yes Credits: This vulnerability wa...
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172)
VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution MS12-023 / CVE-2012-0172 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft...
RealNetworks Helix Server security vulnerabilities
Information leakage, SNMP DoS...
ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting
Adobe issued an update for Adobe Reader X new version is 10.1.3, which, among other issues, fixes an outside-the-sandbox msiexec.exe EXE planting vulnerability we reported to them earlier this year. This article explains the vulnerability and how it could have been exploited...
Squid URL Filtering Bypass
Exploit Title: Squid URL Filtering Bypass Date: 16/04/2012 Author: Gabriel Menezes Nunes Version: Squid Proxy Tested on: Squid Proxy 3.1.19 CVE: CVE-2012-2213 I found a vulnerability in Squid Proxy that allows access to filtered sites. The software believes in the Host field of HTTP Header using...
Samba array index overflow
Array index overflow on RPC request processing...
Microsoft Internet Explorer multiple security vulnerabilities
Multple vulnerabilities allow remote code execution...
Adobe Acrobat / Reader multiple security vulnerabilities
Memory corruptions, integer overflow, code execution...
Squid / McAfee Web Gateway URL filtering bypass
Server trusts to Host: header in CONNECT request...
Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue
====================================================================== Secunia Research 09/04/2012 - RealNetworks Helix Server Credentials Disclosure Security Issue - ====================================================================== Table of Contents Affected...
[SECURITY] [DSA 2453-1] gajim security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2453-1 [email protected] http://www.debian.org/security/ Nico Golde April 16, 2012 http://www.debian.org/security/faq -...
gajim jabber client multiple security vulnerabilities
Unescaped shell characters, symbolic links vulnerability, SQL injections...
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability
The problem reported for Mathematica became worse at version 8.0.4, present for the command-line interface "math" also. Cheers, Paul Szabo [email protected] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia ---...
McAfee Web Gateway URL Filtering Bypass
Exploit Title: McAfee Web Gateway URL Filtering Bypass Date: 16/04/2012 Author: Gabriel Menezes Nunes Version: McAfee Web Gateway Tested on: McAfee Web Gateway 7.0 CVE: CVE-2012-2212 I found a vulnerability in McAfee Web Gateway 7 that allows access to filtered sites. The appliance believes in th...
Security updates available for Adobe Reader and Acrobat
Security updates available for Adobe Reader and Acrobat Release date: April 10, 2012 Last updated: April 17, 1012 Vulnerability identifier: APSB12-08 Priority rating: See table below CVE numbers: CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777 Platform: All SUMMARY Adobe released...
Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities
====================================================================== Secunia Research 09/04/2012 - RealNetworks Helix Server SNMP Master Agent - - Two Denial of Service Vulnerabilities - ====================================================================== Table of Contents Affected...
Microsoft Forefront Unified Access Gateway information leakage
Request redirection, access restrictions bypass...