VUPEN Security Research - Microsoft Windows GDI+ Size Handling Integer Overflow Vulnerability

VUPEN Security Research - Microsoft Windows GDI+ Size Handling Integer Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Microsoft Windows is a series of software operating systems and graphical user interfaces produced by Microsoft. Windows had...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

[SECURITY] [DSA 2214-1] ikiwiki security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2214-1 [email protected] http://www.debian.org/security/ Nico Golde April 8, 2011 http://www.debian.org/security/faq -...

Arbitary File Upload Vulnerability in Elxis CMS component eForum v1.1

========================================================================== Elxis CMS component eForum v1.1 - Arbitary File Upload Vulnerability ========================================================================== Software: eForum v1.1 Elxis CMS component Vendor: http://www.isopensource.com/...

[SECURITY] [DSA 2216-1] isc-dhcp security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2216-1 [email protected] http://www.debian.org/security/ Nico Golde April 10, 2011 http://www.debian.org/security/faq -...

Уязвимости в теме The Gazette Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме The Gazette Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

XRDB shell characters vulnerability

Shell characters vulnerability via host name...

tmux privilege escalation

Elevated group privileges are not dropped...

Debian symbolic links vulnerability

/etc/cron.d/php5 cron job allows to delete arbitrary files via symlinks...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

O2 DSL Router Classic router crossite scripting

Crossite scripting in administration interface...

libmodplug library buffer overflow

ReadS3M buffer overflow. DoS on ABC files parsing...

KDE KSSL certificate spoofing

It's possible to spoof certificate issued for IP address...

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

=================================================================== joomlacontenteditor comjce BLIND sql injection vulnerability =================================================================== Software: joomlacontenteditor comjce Vendor: www.joomlacontenteditor.net Vuln Type: BLind SQL...

O2 classic router: persistent cross site scripting (XSS) and cross site request forgery (CSRF)

O2 classic router: persistent cross site scripting XSS and cross site request forgery CSRF References https://vulners.com/cve/CVE-2010-1482 http://int21.de/cve/CVE-2011-0746-o2-router.html Description The default DSL router shipped by the german company O2 is completely vulnerable to persistent...

[ MDVSA-2011:069 ] php

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:069 http://www.mandriva.com/security/ Package : php Date : April 8, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: It was discovered that the /etc/cron.d/php...

HTB22915: Path disclosure in Joomla

Vulnerability ID: HTB22915 Reference: http://www.htbridge.ch/advisory/pathdisclosureinjoomla.html Product: Joomla Vendor: http://www.joomla.org/ http://www.joomla.org/ Vulnerable Version: 1.6.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tec...

HTB22921: SQL Injection in Viscacha

Vulnerability ID: HTB22921 Reference: http://www.htbridge.ch/advisory/sqlinjectioninviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: SQL Injection Risk level: High Credit: High-Tech Bridge SA ...

HTB22920: Path disclosure in Viscacha

Vulnerability ID: HTB22920 Reference: http://www.htbridge.ch/advisory/pathdisclosureinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tech Bridge ...

[SECURITY] [DSA 2212-1] tmux security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2212-1 [email protected] http://www.debian.org/security/ Nico Golde April 7, 2011 http://www.debian.org/security/faq -...

phplist: cross site request forgery (CSRF), CVE-2011-0748

phplist: cross site request forgery CSRF, CVE-2011-0748 References https://vulners.com/cve/CVE-2011-2748 http://int21.de/cve/CVE-2011-0748-phplist.html Description phplist is a mailing list software written in PHP. Up to version 2.10.12, it provided no protection against cross site request forger...

[USN-1107-1] x11-xserver-utils vulnerability

=========================================================== Ubuntu Security Notice USN-1107-1 April 06, 2011 x11-xserver-utils vulnerability CVE-2011-0465 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.1...

LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package)

========================================================================================================== 1024cms Admin Control Panel v1.1.0 Beta Master-cPanel Package - Local File Include Vulnerability...

XSS Vulnerabilities in 1024cms Admin Control Panel v1.1.0 Beta

================================================================================================================ 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Cross-Site Scripting Vulnerability...

Directory Traversal Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package)

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Directory Traversal Vulnerability...

Sonexis ConferenceManager SQL Injection

Vulnerability title: Sonexis ConferenceManager SQL Injection Solutionary ID: SERT-VDN-1006 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-SQL-Injection.html CVE ID: Pending CVSS risk rating: 8 Product: Sonexis ConferenceManager Application Vendor: Sonex...

XSS Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta (Master-cPanel Package)

============================================================================================================ 1024cms Admin Control Panel v1.1.0 Beta Master-cPanel Package - Cross-Site Scripting Vulnerability...

Sonexis ConferenceManager Multiple Cross-site Scripting (XSS) Vulnerabilities

Vulnerability title: Sonexis ConferenceManager Multiple Cross-site Scripting XSS Vulnerabilities Solutionary ID: SERT-VDN-1005 Solutionary disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/Sonexis-XSS-Vulnerabilities.html CVE ID: Pending CVSS risk rating: 3.9 Product: Sonexis...

LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta (Complete-Modules Package)

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Local File Include Vulnerability...

SEC Consult SA-20110407-0 :: Libmodplug ReadS3M Stack Overflow

SEC Consult Vulnerability Lab Security Advisory 20110407-0 ======================================================================= title: Libmodplug ReadS3M Stack Overflow product: Libmodplug library vulnerable version: 0.8.8.1 fixed version: 0.8.8.2 impact: critical homepage:...

Уязвимости в теме Live Wire Edition для WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting, Full path disclosure, Abuse of Functionality и Denial of Service уязвимостях в теме Live Wire Edition для WordPress. Это коммерческий шаблон для WP. XSS WASC-08:...

HTB22919: Multiple XSS in Viscacha

Vulnerability ID: HTB22919 Reference: http://www.htbridge.ch/advisory/multiplexssinviscacha.html Product: Viscacha Vendor: MaMo Net http://www.viscacha.org Vulnerable Version: 0.8.1 Vendor Notification: 24 March 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tec...

HTB22917: XSS vulnerabilities in phpCollab

Vulnerability ID: HTB22917 Reference: http://www.htbridge.ch/advisory/xssvulnerabilitiesinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Stored XSS Cross...

HTB22916: XSRF (CSRF) in phpCollab

Vulnerability ID: HTB22916 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: CSRF Cross-Site Request...

HTB22918: Path disclosure in phpCollab

Vulnerability ID: HTB22918 Reference: http://www.htbridge.ch/advisory/pathdisclosureinphpcollab.html Product: phpCollab Vendor: phpCollab Team http://www.php-collab.org/ Vulnerable Version: 2.5 and probably prior versions Vendor Notification: 24 March 2011 Vulnerability Type: Path disclosure Risk...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

XSS Vulnerability in Redmine 1.0.1 to 1.1.1

Information -------------------- Name : XSS vulnerability in Redmine Software : all Redmine versions from 1.0.1 to 1.1.1 Vendor Homepage : http://www.redmine.org Vulnerability Type : Cross-Site Scripting Severity : High Researcher : Mesut Timur mesut at mavitunasecurity dot com Advisory Reference...

StartSite.ir Cross-site Scripting Vulnerability

------------In The Name Of God------------ StartSite.ir Cross-site Scripting Vulnerability AUTHOR: md.r00t Mail: [email protected] Website: www.r00t.gigfa.com Forum: http://ajaxtm.com/forum Google D0rk: "Powered by StartSite.ir" xss EXPLOIT: scriptalert/0//script script...

[ MDVSA-2011:066 ] rsync

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:066 http://www.mandriva.com/security/ Package : rsync Date : April 5, 2011 Affected: 2009.0, 2010.0, 2010.1, Enterprise Server 5.0 Problem Description: A vulnerability wase discovered and corrected in rsync:...

[security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02776387 Version: 2 HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i NNMi for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure NOTICE: The information in this Security...

[ MDVSA-2011:065 ] logrotate

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:065 http://www.mandriva.com/security/ Package : logrotate Date : April 5, 2011 Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities were...

GGmpeg library multiple security vulnerabilities

Buffer overflow on Vorbis / WebM files decoding, memory corruption on RealMedia and VC1 files...

THOMSON TG585 routers crossite scripting

Crossite scripting in Web interface...

iSCSI target user-space tools double free

Double free in tgt...

xmlsec library unauthorized access

It's possible to access files via ds:Transform...

Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...

IBM solidDB authentication bypass

solid.exe TCP/1315, TCP/1964, TCP/2315 authentication bypass...

RealNetworks RealGames ActiveX code execution

Multiple unsage methods...

Novell File Reporter Agent buffer overflow

NFRAgent.exe TCP/3037 buffer overflow...

HTB22912: Multiple SQL Injections in Eleanor CMS

Vulnerability ID: HTB22912 Reference: http://www.htbridge.ch/advisory/multiplesqlinjectionsineleanorcms.html Product: Eleanor CMS Vendor: Eleanor CMS http://eleanor-cms.ru/ Vulnerable Version: rc5 Vendor Notification: 22 March 2011 Vulnerability Type: SQL Injection Status: Fixed by Vendor Risk...