Mail Thread Index
- MULTIPLE REMOTE VULNERABILITIES--Leap CMS 0.1.4-->,
y3nh4ck3r
- Re: Symantec Fax Viewer Control v10 (DCCFAXVW.DLL) remote buffer overflow exploit,
secure
- Addonics NAS Adapter FTP Remote Denial of Service,
mcyr2
- [ MDVSA-2009:103 ] udev,
security
- Durzosploit v0.1 alpha,
Benjilenoob
- Re: Security tools list: First Version,
Ulises2k
- BLIND SQL INJECTION--Leap CMS 0.1.4-->,
y3nh4ck3r
- [ MDVSA-2009:104 ] udev,
security
- [SECURITY] [DSA 1784-1] New freetype packages fix arbitrary code execution,
Nico Golde
- New WebApp security paper: Anti-fraud Image Solutions,
WebAppSec
- [ MDVSA-2009:102 ] apache,
security
- MULTIPLE SQL INJECTION VULNERABILITIES --MiniTwitter v0.2-Beta-->,
y3nh4ck3r
- USER OPTIONS CHANGER EXPLOIT --MiniTwitter v0.2-Beta+->,
y3nh4ck3r
- multiple vendor - PF NULL pointer dereference,
rembrandt
- BH USA CFP closing next Tuesday,
jmoss
- CA20090429-01: CA ARCserve Backup Apache HTTP Server Multiple Vulnerabilities,
Williams, James K
- [SECURITY] [DSA 1785-1] New wireshark packages fix several vulnerabilities,
Moritz Muehlenhoff
- [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP),
Thierry Zoller
- about inactive account hijacking,
innate
- [SECURITY] [DSA 1786-1] New acpid packages fix denial of service,
Steffen Joeris
- [ GLSA 200905-01 ] Asterisk: Multiple vulnerabilities,
Robert Buchholz
- Coppermine Photo Gallery 1.4.21 Cross-Site Scripting,
darkz . gsa
- [SECURITY] [DSA 1787-1] New Linux 2.6.24 packages fix several vulnerabilities,
dann frazier
- Call for Papers Hack.lu 2009,
hack.lu 2009 info
- “Cross-Site Scripting” vulnerability in MyBB 1.4.5,
Jacques Copeau
- Secunia Research: IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows,
Secunia Research
- [SecNiche WhitePaper ] - PDF Silent HTTP Form Repurposing Attacks,
Aditya K Sood
- Grabit <= 1.7.2 beta 3 NZB file parsing stack overflow,
Niels Teusink
- [ MDVSA-2009:105 ] memcached,
security
- [USN-769-1] libwmf vulnerability,
Marc Deslauriers
- MULTPLE REMOTE VULNERABILITIES --ProjectCMS v-1.1 Beta-->,
y3nh4ck3r
- [security bulletin] HPSBMA02425 SSRT080091 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code,
security-alert
- [security bulletin] HPSBMA02374 SSRT080046 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS),
security-alert
- LayerOne 2009 - Final Announcement,
LayerOne Call For Papers
- [SECURITY] [DSA 1787-1] New quagga packages fix denial of service,
Florian Weimer
- [SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities,
Thijs Kinkhorst
- [RT-SA-2009-001] IceWarp WebMail Server: Cross Site Scripting in Email View,
RedTeam Pentesting GmbH
- [RT-SA-2009-004] IceWarp WebMail Server: Client-Side Specification of "Forgot Password" eMail Content,
RedTeam Pentesting GmbH
- [RT-SA-2009-002] IceWarp WebMail Server: User-assisted Cross Site Scripting in RSS Feed Reader,
RedTeam Pentesting GmbH
- [USN-770-1] ClamAV vulnerability,
Jamie Strandboge
- [RT-SA-2009-003] IceWarp WebMail Server: SQL Injection in Groupware Component,
RedTeam Pentesting GmbH
- [DSECRG-09-034] Sun Glassfish Enterprise Server - Multiple Linked XSS vulnerabilies,
Digital Security Research Group [DSecRG]
- [DSECRG-09-038] Sun Glassfish Woodstock Project - Linked XSS Vulnerability,
Digital Security Research Group [DSecRG]
- CONFidence 2009 trainings,
andrzej . targosz
- MULTIPLE REMOTE VULNERABILITIES--TemaTres 1.0.3-->,
y3nh4ck3r
- BLIND SQL INJECTION EXPLOIT--TemaTres 1.0.3-->,
y3nh4ck3r
- [SECURITY] [DSA 1790-1] New xpdf packages fix multiple vulnerabilities,
Noah Meyerhans
- [security bulletin] HPSBMA02419 SSRT090060 rev.1 - Insight Control Suite For Linux (ICE-LX) Multiple Remote Vulnerabilities In Nagios,
security-alert
- [ MDVSA-2009:106 ] libwmf,
security
- New Browser Security Paper: Why Silent Updates Boost Security,
Stefan Frei
- [SECURITY] [DSA 1791-1] New moin packages fix cross-site scripting,
Steffen Joeris
- [SECURITY] [DSA 1792-1] New drupal6 packages fix multiple vulnerabilities,
Noah Meyerhans
- [SECURITY] [DSA 1793-1] New kdegraphics packages fix multiple vulnerabilities,
Noah Meyerhans
- Persistent XSS in Kayako Support Suite,
pen-test
- EUSecWest 2009 (May27/28) London Agenda and PacSec 2009 (Nov 4/5) Tokyo CFP deadline: June 1 2009,
Dragos Ruiu
- [SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities,
dann frazier
- [SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution,
Devin Carraway
- Secunia Research: Garmin Communicator Plug-In Domain Locking Security Bypass,
Secunia Research
- Update: [TZO-15-2009] Aladdin eSafe generic bypass - Forced release,
Thierry Zoller
- [ MDVSA-2009:107 ] acpid,
security
- SQL INJECTION VULNERABILITIES--ST-Gallery version 0.1 alpha-->,
y3nh4ck3r
- [ MDVSA-2009:108 ] zsh,
security
- [oCERT-2009-001] Pango integer overflow in heap allocation size calculations,
Will Drewry
- [USN-771-1] libmodplug vulnerabilities,
Marc Deslauriers
- [USN-772-1] MPFR vulnerability,
Marc Deslauriers
- [USN-773-1] Pango vulnerability,
Marc Deslauriers
- [SECURITY] [DSA 1796-1] New libwmf packages fix denial of service,
Nico Golde
- [TOOL] moth - vulnerable web application vmware,
Andres Riancho
- Claroline v.1.8.11 Cross-Site Scripting,
darkz . gsa
- [security bulletin] HPSBUX02366 SSRT080120 rev.2 - HPUX Running useradd(1M), Local Unauthorized Access,
security-alert
- BLIND SQL INJECTION exploit (GET var 'AlbumID')--RTWebalbum 1.0.462-->,
y3nh4ck3r
- Vpopmail/QmailAdmin User's Quota Multiple Integer Overflows,
Jacobo Avariento Gimeno
- [TZO-20-2009] AVG ZIP evasion / bypass,
Thierry Zoller
- Universal XSS in all Google Services,
Inferno
- speaker Bill Blunden on Rootkits...,
Alex Keller
- [SECURITY] [DSA 1797-1] New xulrunner packages fix several vulnerabilities,
Moritz Muehlenhoff
- Changes : [TZO-17-2009]Trendmicro multiple bypass/evasions,
Thierry Zoller
- [TZO-21-2009] Fprot CAB bypass / evasion,
Thierry Zoller
- TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit,
travesti
- [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution,
Steffen Joeris
- Insufficient Authentication vulnerability in Acer notebooks,
MustLive
- [ MDVSA-2009:109 ] quagga,
security
- [Bkis-08-2009] Microchip MPLAB IDE Buffer Overflow Vulnerability,
Bkis
- Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing,
Aditya K Sood
- Five days left to find the oldest data loss incident,
Juha-Matti Laurio
- [USN-774-1] MoinMoin vulnerability,
Marc Deslauriers
- [oCERT-2009-004] AjaxTerm session id collision,
Andrea Barisani
- (POST var 'rating') BLIND SQL INJECTION--microTopic v1 Initial Release-->,
y3nh4ck3r
- [security bulletin] HPSBMA02349 SSRT080043 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Access to Data,
security-alert
- [security bulletin] HPSBMA02348 SSRT080033 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS),
security-alert
- [SECURITY] [DSA 1799-1] New qemu packages fix several vulnerabilities,
Moritz Muehlenhoff
- Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit,
nospam
- xcon2009 is coming,
bugdigger
- Security Advisory: Banks in Australia,
militan . c7
- Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities,
Felipe M. Aragon
- Exploiting IE8 UTF-7 XSS Vulnerability using Local Redirection,
Inferno
- The security tools list, new version with more than 200 new tools!,
Ying
- FormMail 1.92 Multiple Vulnerabilities,
ascii
- Sun IDM Arbitrary Commands Execution Vulnerability,
abb@xxxxxxxxx
- CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities [Updated],
Williams, James K
- User options changer (SQLi) EXPLOIT --Bigace CMS -stable release- 2.5-->,
y3nh4ck3r
- Secunia Research: Microsoft PowerPoint Atom Parsing Buffer Overflows,
Secunia Research
- ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability,
ZDI Disclosures
- ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability,
ZDI Disclosures
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Heap Corruption Vulnerability,
iDefense Labs
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT 4.0 Importer Multiple Stack Buffer Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint PPT95 Import Multiple Stack Buffer Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint 4.2 Conversion Filter Stack Overflow,
iDefense Labs
- [USN-775-1] Quagga vulnerability,
Kees Cook
- [USN-776-1] KVM vulnerabilities,
Kees Cook
- [ MDVSA-2009:111 ] firefox,
security
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Integer Overflow Vulnerability,
iDefense Labs
- [ MDVSA-2009:111-1 ] firefox,
security
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Build List Memory Corruption Vulnerability,
iDefense Labs
- [ MDVSA-2009:110 ] squirrelmail,
security
- [USN-776-2] KVM regression,
Marc Deslauriers
- iDefense Security Advisory 05.12.09: Microsoft PowerPoint Notes Container Heap Corruption Vulnerability,
iDefense Labs
- Re: The security tools list, new version with more than 200 new tools!,
Ying
- maxcms2.0 creat new admin exploit,
info
- Pinnacle Studio 12 "Hollywood FX Compressed Archive" (.hfz) directory traversal vulnerability poc,
ipsdix
- (GET var 'member') BLIND SQL INJECTION EXPLOIT --FAMILY CONNECTIONS <= v1.9 -->,
y3nh4ck3r
- [ MDVSA-2009:112 ] ipsec-tools,
security
- Insufficient Authentication vulnerability in Asus notebook,
MustLive
- Re: MULTIPLE REMOTE SQL INJECTION VULNERABILITIES---MIM:InfiniX v1.2.003--->,
robi
- [security bulletin] HPSBMA02417 SSRT090031 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code,
security-alert
- iDefense Security Advisory 05.14.09: Apple Mac OS X xnu Kernel workqueue_additem/workqueue_removeitem Index Validation Vulnerability,
iDefense Labs
- MULTIPLE CODE INJECTION VULNERABILITIES --TUENTI--SPAIN-->,
y3nh4ck3r
- MULTIPLE SQL INJECTION VULNERABILITIES --Shutter v-0.1.1-->,
y3nh4ck3r
- eggdrop/windrop remote crash vulnerability,
Thomas Sader
- [SECURITY] [DSA 1802-1] New squirrelmail packages fix several vulnerabilities,
Thijs Kinkhorst
- (GET var 'id') BLIND SQL INJECTION EXPLOIT --Dog Pedigree Online Database v1.0.1-Beta -->,
y3nh4ck3r
- INSECURE COOKIE HANDLING VULNERABILITIES --Dog Pedigree Online Database v1.0.1-Beta-->,
y3nh4ck3r
- [SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities,
Thijs Kinkhorst
- HTTP Parameter Pollution,
Luca.carettoni
- [ MDVSA-2009:117 ] ntp,
security
- Re: POC & exploit for Apache mod_rewrite off-by-one,
arulvadivel1
- Namad Cms Remote File Download,
info
- [security bulletin] HPSBMA02428 SSRT090048 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS),
security-alert
- [TZO-23-2009] Avira antivir generic evasion of heuristics (for PDF),
Thierry Zoller
- [ MDVSA-2009:118 ] kernel,
security
- [TZO-22-2009] Bitdefender generic evasion of heuristics (for PDF),
Thierry Zoller
- [ MDVSA-2009:116 ] gnutls,
security
- rPSA-2009-0086-1 postgresql postgresql-contrib postgresql-server,
rPath Update Announcements
- ZDI-09-023: Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:115 ] phpMyAdmin,
security
- [ MDVSA-2009:114 ] ipsec-tools,
security
- Conference on Cyber Warfare: registration open!,
kgconference
- PAPER: Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case),
Piotr Bania
- ZDI-09-022: Apple Safari Malformed SVGList Parsing Code Execution Vulnerability,
ZDI Disclosures
- [ MDVSA-2009:113 ] cyrus-sasl,
security
- BugCON '09 has swine influenza!!,
Carlos Augusto
- NetDecision TFTP Server 4.2 TFTP Directory Traversal,
vuln_research
- [TKADV2009-006] libsndfile/Winamp VOC Processing Heap Buffer Overflow,
Tobias Klein
- WinAppDbg module v1.1 is out!,
Mario Alejandro Vilas Jerez
- rPSA-2009-0084-1 kernel,
rPath Update Announcements
- Fwd: [Full-disclosure] IIS6 + webdav and unicode rides again in 2009,
Thierry Zoller
- n.runs-SA-2009.001 - OS X CFNetwork advisory,
security
- [security bulletin] HPSBMA02426 SSRT090053 rev.1 - HP System Management Homepage (SMH) for Linux and Windows Running PHP and OpenSSL, Remote Cross Site Scripting (XSS), Unauthorized Access,
security-alert
- [security bulletin] HPSBMA02427 SSRT090069 rev.1 - HP Remote Graphics Software (RGS) Sender Running Easy Login, Remote Unauthorized Access,
security-alert
- MULTIPLE REMOTE VULNERABILITIES --my-colex 1.4.2-->,
y3nh4ck3r
- MULTIPLE REMOTE VULNERABILITIES --my-Gesuad 0.9.14-->,
y3nh4ck3r
- [SECURITY] [DSA 1800-1] New Linux 2.6.26 packages fix several vulnerabilities,
dann frazier
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Integer Overflow Vulnerabilities,
iDefense Labs
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Integer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Spreadsheet Buffer Overflow Vulnerability,
iDefense Labs
- iDefense Security Advisory 05.14.09: Multiple Vendor Outside In Multiple Spreadsheet Buffer Overflow Vulnerabilities,
iDefense Labs
- [ MDVSA-2009:119 ] kernel,
security
- Cisco Security Advisory: CiscoWorks TFTP Directory Traversal Vulnerability,
Cisco Systems Product Security Incident Response Team
- [SECURITY] [DSA 1803-1] New nsd packages fix denial of service,
Thijs Kinkhorst
- [SECURITY] [DSA 1804-1] New ipsec-tools packages fix denial of service,
Nico Golde
- Shakacon Security Conference - Trainers and Speakers Finalized,
Shakacon
- [USN-777-1] Ntp vulnerabilities,
Jamie Strandboge
- DMXReady Registration Manager Arbitrary File Upload Vulnerability,
info
- Armorlogic Profense Web Application Firewall 2.4 multiple vulnerabilities.,
publists
- CORE-2009-0109 - Multiple XSS in Sun Communications Express,
CORE Security Technologies Advisories
- [security bulletin] HPSBPI02398 SSRT080166 rev.3 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files,
security-alert
- (GET vars 'x' & 'y') ADMIN FUNCTION EXECUTION--Jorp v-1.3.05.09-->,
y3nh4ck3r
- iDefense Security Advisory 05.20.09: IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability,
iDefense Labs
- DDIVRT-2009-25 IPsession SQL Injection Vulnerability,
ddvulnalert
- Novell GroupWise Web Access Multiple XSS,
swhite
- MULTIPLE SQL INJECTION VULNERABILITIES --Flash Quiz Beta 2-->,
y3nh4ck3r
- [ MDVSA-2009:120 ] openssl,
security
- [ MDVSA-2009:121 ] lcms,
security
- DotNetNuke ErrorPage.aspx Cross-Site Scripting Vulnerability,
Ben Hawkes
- Novell GroupWise Internet Agent Remote Buffer Overflow Vulnerabilities,
VUPEN Security Research
- [SECURITY] [DSA 1802-2] New squirrelmail packages correct incomplete fix,
Thijs Kinkhorst
- Serena Dimensions CM Desktop Client does not validate the server SSL certificate,
roland . gruber . extern
- LxBlog,
info
- [TZO-24-2009] Panda generic evasion (CAB),
Thierry Zoller
- [TZO-25-2009] Panda generic evasion (TAR),
Thierry Zoller
- [SECURITY] [DSA 1805-1] New pidgin packages fix several vulnerabilities,
Moritz Muehlenhoff
- [oCERT-2009-006] Android improper package verification when using shared uids,
Will Drewry
- Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability,
Secunia Research
- [ GLSA 200905-03 ] IPSec Tools: Denial of Service,
Alex Legler
- [InterN0T] AMember 3.1.7 - Multiple Vulnerabilities,
security
- MULTIPLE REMOTE VULNERABILITIES --MiniTwitter<=v0.3-Beta-->,
y3nh4ck3r
- [ GLSA 200905-06 ] acpid: Denial of Service,
Pierre-Yves Rofes
- [ GLSA 200905-02 ] Cscope: User-assisted execution of arbitrary code,
Pierre-Yves Rofes
- [ GLSA 200905-04 ] GnuTLS: Multiple vulnerabilities,
Alex Legler
- [ MDVSA-2009:122 ] squirrelmail,
security
- [SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution,
Moritz Muehlenhoff
- Re: FUD Forum < 2.7.1 PHP code injection vurnelability,
naudefj
- MULTIPLE SQL INJECTION VULNERABILITIES --Joomla Component 'Boy Scout Advancement' <= v-0.3 (com_bsadv)-->,
y3nh4ck3r
- Secunia Research: Sun Solaris "sadmind" Buffer Overflow Vulnerability,
Secunia Research
- [ GLSA 200905-05 ] FreeType: Multiple vulnerabilities,
Alex Legler
- Hardening OSX against CVE-2008-5353,
Marc Schoenefeld
- PAPER: Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs,
Piotr Bania
- Arcade Trade Script XSS,
SmOk3
- Backdoor in com_rsgallery2 gallery extension for joomla,
Jan van Niekerk
- [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG),
Thierry Zoller
- Multiple vulnerabilities in several ATEN IP KVM Switches,
Jakob Lell
- SEC Consult SA-20090525-0 :: Nortel Contact Center Manager Server Authentication Bypass Vulnerability,
Bernhard Mueller
- SEC Consult SA-20090525-1 :: Nortel Contact Center Manager Server Password Disclosure Vulnerability,
Bernhard Mueller
- [ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities,
Alex Legler
- COWON America jetCast 2.0.4.1109 (.mp3) local heap buffer overlow exploit,
nospam
- SEC Consult SA-20090525-2 :: SonicWALL Global Security Client Local Privilege Escalation Vulnerability,
Bernhard Mueller
- SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability,
Bernhard Mueller
- SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability,
Bernhard Mueller
- [ GLSA 200905-08 ] NTP: Remote execution of arbitrary code,
Alex Legler
- Addendum : [TZO-26-2009] Firefox (all?) Denial of Service through unclamped loop (SVG),
Thierry Zoller
- [IMF 2009] 3rd Call - Deadline Extended,
Oliver Goebel
- W3af ninja training class in NYC,
Michelangelo Sidagni
- PHP Nuke v.8.0 (referer) SQL Injection,
darkz . gsa
- Vanilla v.1.1.7 Cross-Site Scripting,
darkz . gsa
- [security bulletin] HPSBUX02429 SSRT090058 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code and Other Vulnerabilities,
security-alert
- [ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code,
Alex Legler
- [ MDVSA-2009:123 ] opensc,
security
- [InterN0T] AdPeeps 8.5d1 - XSS and HTML Injection Vulnerabilities,
security
- New paper: Understanding Microsoft's KB971492 IIS WebDAV Vuln,
Steve Friedl
- MULTIPLE REMOTE VULNERABILITIES --Small Pirates v-2.1-->,
y3nh4ck3r
- rPSA-2009-0092-1 ntp ntp-utils,
rPath Update Announcements
- rPSA-2009-0095-1 tshark wireshark,
rPath Update Announcements
- [Bkis-09-2009] XSS vulnerability in 'Monitor_Bandwidth' - PRTG Traffic Grapher,
Bkis
- rPSA-2009-0091-1 cyrus-sasl cyrus-sasl-server,
rPath Update Announcements
- Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts,
Jacques Copeau
- ecshop 2.6.2,
info
- [TZO-27-2009] Firefox Denial of Service (Keygen),
Thierry Zoller
- ZDI-09-021: Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability,
ZDI Disclosures
- Call For Papers – ACM CCS 2009 Workshops,
Christopher Kruegel
- CORE-2009-0401 - StoneTrip S3DPlayers remote command injection,
CORE Security Technologies Advisories
- [InterN0T] Achievo 1.3.4 - XSS Vulnerability,
security
- Novell Groupwise fails to properly sanitize emails.,
c3rb3r
- [TZO-28-2009] - Avira Antivir generic RAR,CAB,ZIP,
Thierry Zoller
- (whitepaper) Microsoft WPAD Technology Weaknesses [PTResearch Team],
srublev
- VMSA-2009-0007 VMware Hosted products and ESX and ESXi patches resolve security issues,
VMware Security team
- SonicWALL SSL-VPN Appliance Format String Vulnerability,
Patrick Webster
- Whitepaper,
Jared DeMott
Mail converted by MHonArc