47153 matches found
expat security vulnerability
Memory leaks, predictable hash function...
Intuit Help System Protocol URL Heap Corruption and Memory Leak
Intuit Help System Protocol URL Heap Corruption and Memory Leak Derek Soeder [email protected] Reported to [email protected] on March 15, 2012; vendor did not respond. Reported to CERT on March 22, 2012; vendor did not respond. Responsible disclosure failed with error code 10060. Published:...
Apache Traffic Server DoS
Server crash on oversized Host: header...
Cyberoam Unified Threat Management: OS Command Execution
Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 bui...
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256
Everyone, Below is our announcement for the security issue reported to us from Codenomicon, via CERT-FI. All previous versions of Apache Traffic Server are vulnerable, and we urge users to upgrade to either v3.0.4 or v3.1.3 immediately. Both releases are available from our download site at...
Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter)
Seeker Research Center Security Advisory By Irene Abezgauz =========== I. Overview =========== An Insecure Redirect vulnerability has been identified in the .NET Form Authentication - in the Redirect From Login mechanism. This vulnerability allows an attacker to craft links that contain redirects...
Cisco PlayerPT ActiveX buffer overflow
Buffer overflow in SetSource method...
gnash multiple security vulnerabilities
Ingerer overflow on SWF parsing, unsafe cookie handling, symbolic links vulnerability...
CA ARCserve Backup DoS
Crash on network request parsing...
[SECURITY] [DSA 2435-1] gnash security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------- Debian Security Advisory DSA-2435-1 [email protected] http://www.debian.org/security/ Gabriele Giacone March 19, 2012 http://www.debian.org/security/faq - -...
CA20120320-01: Security Notice for CA ARCserve Backup
-----BEGIN PGP SIGNED MESSAGE----- CA20120320-01: Security Notice for CA ARCserve Backup Issued: March 20, 2012 CA Technologies Support is alerting customers to a potential risk with CA ARCserve Backup for Windows. A vulnerability exists that can allow a remote attacker to cause a denial of servi...
GnuTLS / libtasn1 security vulnerabilities
Vulnerabilities on TLS and ASN.1 records parsing...
Cyberoam Unified Threat Management: Insecure Password Handling
Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-insecure-password-handling Affected Software: Cyberoam CR50ia...
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability
!-- Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability when viewing the device web interface it asks to install an ActiveX control with the following settings: ProductName: PlayerPT ActiveX Control Module File...
Microsoft .Net multiple security vulnerabilities
DoS, multiple vulnerabilities in forms authentication...
[SECURITY] [DSA 2438-1] raptor security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2438-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 22, 2012 http://www.debian.org/security/faq -...
Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 TLS record handling vulnerability in GnuTLS MU-201202-01 ASN.1 length decoding vulnerability in Libtasn1 MU-201202-02 20 March 2012...
[MajorSecurity-SA-2012-014]Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability
MajorSecurity-SA-2012-014Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability Details ============= Product: Apple Mobile Safari on iOS 5.1 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.apple.com/ Advisory-Status: published Credits ============= Discovered by: David...
[ MDVSA-2012:034 ] libzip
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:034 http://www.mandriva.com/security/ Package : libzip Date : March 23, 2012 Affected: 2010.1, 2011., Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in libzi...
Aruba Networks multiple advisories: OS command injection in RAP web interface and 802.1X EAP-TLS user authentication bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ADVISORY NUMBER 031912 Advisory 1: TITLE OS Command Injection Vulnerability in Aruba Remote Access Point Diagnostic Web Interface. SUMMARY An OS command injection vulnerability has been discovered in the Aruba Remote Access Point's Diagnostic Web...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability product homepage: http://www.manageengine.com/products/device-expert/ file tested: ManageEngineDeviceExpert.exe tested against: Microsoft Windows Server 2003 r2 sp2...
at32 reverse proxy buffer overflow
Buffer overflow on headers parsing...
Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug"
"There is an EVIL bug in at least the Linux 2.2.35-8 Tor Browser Bundle start-tor-browser script. It will log things like domain names to a file in the root of the browser bundle." https://trac.torproject.org/projects/tor/ticket/5417 Ticket 5417 new defect RelativeLink.sh in Tor browser bundle ha...
Tor Browser Bundle information leakage
Debugging logging is always on...
Aruba Remote Access Point secuirty vulnerabilities
Commands injection, authentication bypass...
ManageEngine DeviceExpert directory traversal
ScheduleResultViewer servlet directory traversal...
EMC Documentum eRoom security vulnerabilities
replay attacks and crossite scripting...
VMWare applications multiple security vulnerabilities
Privilege escalation, cross application scripting, information leakage, crossite scripting...
Security update available for Adobe Flash Player
Security update available for Adobe Flash Player Release date: March 5, 2012 Vulnerability identifier: APSB12-05 Priority: 2 CVE number: CVE-2012-0768, CVE-2012-0769 Platform: All Platforms SUMMARY These priority 2 updates address critical vulnerabilities in Adobe Flash Player 11.1.102.62 and...
Dell Webcam ActiveX buffer overflow
Multiple buffer overflows in crazytalk4 ActiveX...
SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom
SEC Consult Vulnerability Lab Security Advisory 20120315-0 ======================================================================= title: Multiple permanent cross-site scripting vulnerabilities product: EMC Documentum eRoom vulnerable version: 7.33.498.98 fixed version: 7.4.4 impact: high homepag...
VUPEN Security Research - Adobe Flash Player "Matrix3D" Remote Memory Corruption (CVE-2012-0768)
VUPEN Security Research - Adobe Flash Player "Matrix3D" Remote Memory Corruption APSB12-05 / CVE-2012-0768 Website : http://www.vupen.com/english/research.php Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Adobe Flash Player is a cross-platform browser-based application...
at32 ReverseProxy - Multiple HTTP Header Field Denial Of Service Vulnerability
Title: at32 Reverse Proxy - Multiple HTTP Header Field Denial Of Service Vulnerability Product : at32 Reverse Proxy Version : v1.060.310 Vendor: http://www.at32.com/doc/rproxy.htm Class: Boundary Condition Error CVE: Remote: Yes Local: No Published: 2012-03-14 Updated: Impact : Medium CVSS2 Base ...
EMC RSA enVision multiple security vulnerabilities
Crossite scripting, SQL injection, directory traversal, hardcoded accounts, restrictions bypass...
ESA-2012-014: RSA enVision Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2012-014: RSA enVision Multiple Vulnerabilities EMC Identifier:ESA-2012-014 CVE Identifiers: CVE-2012-0399, CVE-2012-0400, CVE-2012-0401, CVE-2012-0402, CVE-2012-0403 Severity Rating: CVSS Base Score: See below for scores for individual...
VMSA-20120005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0005 Synopsis: VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security...
Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability
Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability Tested against: Microsoft Windows Vista SP2 Microsoft Windows XP SP3 Microsoft Windows 2003 R2 SP2 Internet Explorer 7/8/9 download url of a test version:...
Apache FCGID module resources exhaustion
FcgidMaxProcessesPerClass limit is no actually working...
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2436-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 19, 2012 http://www.debian.org/security/faq -...
[TSI-ADV-1202] Polycom Web Management Interface O.S. Command Injection
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===== Tempest Security Intelligence - Advisory 02 / 2012 ============ Polycom Web Management Interface O.S. Command Injection ------------------------------------------------------- Authors: - Joao Paulo Caldas Campello: - @jpcampello -...
pidgin / libpurple security vulnerabilities
DoS via XMPP and MSN messages, local information leakage...
ABB WebWare code execution
TCP/5512 port service code execution...
Multiple SQL injections in rivettracker <=1.03
Exploit Title: Multiple SQL injections in rivettracker =1.03 Date: 2/3/2012 Author: Ali Raheem Software Link: http://www.rivetcode.com/software/rivettracker/ Version: =1.03 Tested on: Linux guruplug-debian 3.1.7 2 PREEMPT Tue Jan 3 20:19:54 MST 2012 armv5tel GNU/Linux Greets: spyware, dividead...
Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities
Title: ====== Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities Date: ===== 2012-03-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=442 VL-ID: ===== 442 Introduction: ============= Designed to enable seamless voice and video communication, the CudaTel...
phpMyVisites 2.4_XSS
============================================================ Vulnerable Software: phpMyVisites 2.4 version.php 238 2009-12-16 19:48:15Z matthieu $ More info can be found here: http://www.phpmyvisites.us/ ============================================================...
Enterasys SecureStack Switch crossite scripting
Stored XSS in different configuration parameters...
Multiple XSS in Chyrp
Advisory ID: HTB23073 Product: Chyrp Vendor: Chyrp Vulnerable Versions: 2.5b1 and probably prior Tested Version: 2.5b1 Vendor Notification: 1 February 2012 Vendor Patch: 2 February 2012 Public Disclosure: 22 February 2012 Vulnerability Type: Cross Site Scripting XSS CVE References: CVE-2012-1001...
Mobile Mp3 Search Engine HTTP Response Splitting
-=--------------------ADVISORY-------------------=- Mobile Mp3 Search Engine 2.0 Author: Corrado Liotta Aka CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Mobile Mp3 Search Engine -=+ Version: 2.0 -=+ Vendor's URL:...
[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03229235 Version: 1 HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service DoS, Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...
Synology Photo Station 5 - Reflected Cross-Site Scripting
Title : Photo Station 5 - Reflected Cross-Site Scripting Author : Simon Ganiere Vendor : http://www.sinology.com Advisory : CVE-2012-1556 Software : Photo Station 5 - DSM 3.2 1955 Date : 05/02/2012 30/01/2012 Issue Discovered 05/02/2012 Vendor Notified 06/03/2012 Vendor released DSM 4 Class:...