Mail Index
- Multiple XSS vulnerabilities in OSSIM 2.2.1
- From: nicolas . grandjean
- Elevation of Privilege Vulnerability in iTunes for Windows
- Trustwave's SpiderLabs Security Advisory TWSL2010-002
- From: Trustwave Advisories
- [SECURITY] [DSA 2025-1] New icedove packages fix several vulnerabilities
- [SECURITY] [DSA 2024-1] New moin packages fix cross-site scripting
- Secunia Research: Sun Java JDK/JRE Soundbank Resource Name Buffer Overflow
- [Suspected Spam]Vulnerabilities in NoCMS
- BitComet <= 1.19 Remote DOS Exploit
- iDefense Security Advisory 03.30.10: Oracle Java Runtime Environment Image FIle Buffer Overflow Vulnerability
- [SECURITY] CVE-2008-2370: Apache CouchDB Timing Attack Vulnerability
- [USN-922-1] libnss-db vulnerability
- VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability
- From: VUPEN Security Research
- CSRF Vulnerability in OSSIM 2.2.1
- From: nicolas . grandjean
- VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability
- From: VUPEN Security Research
- Zabbix <= 1.8.1 SQL Injection
- DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
- VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability
- From: VUPEN Security Research
- Juniper SRX Critical Denial of Service Vulnerability
- VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability
- From: VUPEN Security Research
- VMSA-2010-0006 ESX Service Console updates for samba and acpid
- From: VMware Security Team
- Vulnerability Centreon IT & Network Monitoring v2.1.5
- From: Mehdi Mahdjoub - Sysdream IT Security Services
- [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service
- ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability
- ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability
- ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability
- ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability
- ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability
- ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability
- ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability
- ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability
- ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability
- ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
- ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
- ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
- [security bulletin] HPSBMA02490 SSRT090222 rev.2 - HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation
- [SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities
- ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability
- ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
- ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability
- ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability
- ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability
- ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability
- ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability
- Vulnerabilities in HoloCMS
- ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability
- ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability
- ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability
- ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability
- ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability
- ZDI-10-058: Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability
- Re: DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
- ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability
- ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability
- ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
- ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability
- [SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
- ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability
- ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities
- Vulnerabilities in TAK cms
- [SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution
- Miranda TLS MitM with XMPP/Jabber protocol
- Hack.lu 2010 CfP
- CA20100406-01: Security Notice for CA XOsoft
- ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities
- MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases
- ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability
- [SECURITY] [DSA 2030-1] New mahara packages fix sql injection
- ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability
- CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin
- From: CORE Security Technologies Advisories
- [ MDVSA-2010:069 ] nss
- [USN-923-1] OpenJDK vulnerabilities
- [USN-924-1] Kerberos vulnerabilities
- Vulnerabilities in Dunia Soccer
- [HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam
- DeepSec 2010 - Call for Papers and Experts
- TCPDF Library Remote Code Execution Vulnerability
- From: Matthias -apoc- Hecker
- Vulnerabilities in CMS SiteLogic
- [USN-925-1] MoinMoin vulnerabilities
- Re: Vulnerabilities in Dunia Soccer
- Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability
- [USN-926-1] ClamAV vulnerabilities
- Secunia Research: Pulse CMS Cross-Site Request Forgery
- VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
- From: VMware Security team
- [USN-624-2] Erlang vulnerability
- ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
- WinSoftMagic Photo Editor .PNG File Buffer Overflow
- JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0day)
- Vulnerabilities in phpCOIN
- Re: Vulnerabilities in Dunia Soccer
- Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities
- Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow
- Re: Vulnerabilities in Dunia Soccer
- VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability
- From: VUPEN Security Research
- AneCMS Multiple Vulnerabilities
- [USN-927-3] Thunderbird regression
- Re: Vulnerabilities in phpCOIN
- [USN-921-1] Firefox 3.5 and Xulrunner vulnerabilities
- [USN-927-1] NSS vulnerability
- HITBSecConf DUBAI 2010: Learn more about web attacks and stealth hacking
- From: Laurent OUDOT at TEHTRI-Security
- [SECURITY] [DSA 2032-1] New libpng packages fix several vulnerabilities
- [USN-927-2] NSS regression
- [SECURITY] [DSA 2031-1] New krb5 packages fix denial of service
- Vulnerabilities in CMS SiteLogic
- CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval
- CVE-2009-4510: TANDBERG VCS Static SSH Host Keys
- CVE-2009-4509: TANDBERG VCS Authentication Bypass
- [USN-920-1] Firefox 3.0 and Xulrunner vulnerabilities
- iDefense Security Advisory 04.09.10: VMware VMnc Codec Heap Overflow Vulnerability
- [security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
- ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2)
- ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1)
- Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems
- Vana CMS Remote File Download
- Advisory 01/2010: MyBB Password Reset Email BCC: Injection Vulnerability
- Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability
- Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability
- From: Clear Skies Security
- Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit
- ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability
- Unauthenticated Filesystem Access in iomega Home Media Network Hard Drive
- ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
- ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
- ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability
- Secunia Research: Visualization Library DAT File Parsing Vulnerabilities
- RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities
- [ MDVSA-2010:070 ] firefox
- ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
- [ MDVSA-2010:072 ] cups
- 60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability
- [ MDVSA-2010:071 ] krb5
- Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability
- ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability
- [security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
- [ MDVSA-2010:073-1 ] cups
- Ziggurat CMS Multiple Vulnerabilities
- [ MDVSA-2010:073 ] cups
- VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability
- VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability
- [DSecRG-09-053] VMware Remoute Console - format string
- [DSECRG-09-049] IBM BladeCenter Management Module - DoS vulnerability
- Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Vulnerability in CB Captcha for Joomla and Mambo
- [CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities
- VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability
- VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability
- VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities
- ZDI-10-072: Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability
- Nucleus CMS v.3.51 (DIR_LIBS) Multiple Vulnerability
- ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [USN-928-1] Sudo vulnerability
- [SECURITY] [DSA 2033-1] New ejabberd packages fix denial of service
- [USN-929-1] irssi vulnerabilities
- [ MDVSA-2010:074 ] kdebase
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- Hackproofing Oracle Financials 11i & R12
- [USN-890-6] CMake vulnerabilities
- [ MDVSA-2010:075 ] openoffice.org
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:080 ] brltty
- [SECURITY] [DSA 2036-1] New jasper packages fix denial of service
- [ MDVSA-2010:076 ] openssl
- WinMount MOU File Handling Overflow Vulnerability
- Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability
- [ MDVSA-2010:081 ] apache-mod_auth_shadow
- [SECURITY] [DSA 2037-1] New kdm packages fix privilege escalation
- Secunia Research: e107 Content Management Plugin Script Insertion Vulnerability
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [Suspected Spam]New vulnerabilities in CMS SiteLogic
- [SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
- [SECURITY] [DSA-2035-1] New apache2 packages fix several issues
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:078 ] sudo
- CompleteFTP v3.3.0 - Remote Memory Consumption DoS
- From: Mehdi Mahdjoub [SYSDREAM]
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability
- [ MDVSA-2010:077 ] nss_db
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Integer Overflow Vulnerability
- [ MDVSA-2010:079 ] irssi
- [SECURITY] [DSA 2038-1] New pidgin packages fix denial of service
- [ MDVSA-2010:082 ] clamav
- sudoedit local privilege escalation through PATH manipulation
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:076-1 ] openssl
- CSRF in e107
- MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC
- Vbulletin - Two-Step External Link XSS
- Re: sudoedit local privilege escalation through PATH manipulation
- [USN-931-1] FFmpeg vulnerabilities
- [ MDVSA-2010:083 ] emacs
- IP address spoofing in e107
- [USN-932-1] KDM vulnerability
- [ MDVSA-2010:070-1 ] firefox
- [USN-929-2] irssi regression
- Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic
- From: Salvatore Fresta aka Drosophila
- [security bulletin] HPSBUX02517 SSRT100058 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
- Re: Re: Vulnerability in CB Captcha for Joomla and Mambo
- [security bulletin] HPSBUX02518 SSRT100051 rev.1 - HP-UX, Local Denial of Service (DoS)
- [#OUF-273299]: AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities
- [security bulletin] HPSBMA02491 SSRT100060 rev.1 - HP Operations Manager for Windows, Remote Execution of Arbitrary Code
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
- CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop
- From: CORE Security Technologies Advisories
- Call for participation -- Eth0:2010 Summer
- Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
- Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability
- London DEFCON April meet - DC4420 - Wed 28th April 2010
- [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
- [security bulletin] HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation
- Security-Assessment.com WhitePaper/Addendum: Cross Context Scripting with Firefox & Exploiting Cross Context Scripting vulnerabilities in Firefox
- From: Roberto Suggi Liverani
- CfP: GameSec 2010 - Deadline is 3 weeks away!
- Re: sudoedit local privilege escalation through PATH manipulation
- [security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
- Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability
- Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability
- [security bulletin] HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses
- Apache ActiveMQ is prone to source code disclosure vulnerability.
- Vulnerabilities in NovaBoard
- XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp
- [HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials
- Re: Vulnerabilities in NovaBoard
- IWD Group SQL Injection Vulnerabilities
- From: md . r00t . defacer
- [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
- In-portal 5.0.3 Remote Arbitrary File Upload Exploit
- Vulnerability in Referer for DataLife Engine
- ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability
- [ MDVSA-2010:071 ] mozilla-thunderbird
- [SECURITY] [DSA 2039-1] New cacti packages fix missing input sanitising
- hashdays 2010 - Call for Papers (#days CFP)
- t2'10: Call for Papers 2010 (Helsinki / Finland)
- A XSS in User_ChkLogin.asp of PowerEasy 2006
- [USN-931-2] FFmpeg regression
- SmodCMS 'config.php' Arbitrary File Upload Vulnerability
- phpegasus 'config.php' Arbitrary File Upload Vulnerability
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
- From: Morris, John R. (SSRT)
- NovaStor NovaNet <= 13.0 issues
- Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability
- Re: New vulnerabilities in CMS SiteLogic
- Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses)
- New vulnerabilities in CMS SiteLogic
- From: Salvatore Fresta aka Drosophila
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses)
- Conference on Cyber Conflict: speakers selected!
- XSS vulnerability in Zikula Application Framework
- [SECURITY] [DSA 2021-2] New spamass-milter packages fix regression
- XSS vulnerability in Zikula Application Framework
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses)
- [security bulletin] HPSBMA02488 SSRT100013 rev.2 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses)
- [security bulletin] HPSBMA02525 SSRT100083 rev.1 - HP System Insight Manager Running on HP-UX, Linux, and Windows , Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Privilege Elevation
- [ MDVSA-2010:084 ] java-1.6.0-openjdk
- Fun with FORTIFY_SOURCE
- STP mitm attack idea
- From: Przemyslaw Borkowski
- Adobe viewer plugin can be made to crash IE or FF
- XSS in Microsoft SharePoint Server 2007
- Re: STP mitm attack idea
- ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability
- [ MDVSA-2010:078-1 ] sudo
- [ MDVSA-2010:085 ] pidgin
- [ MDVSA-2009:332-1 ] gimp
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [USN-933-1] PostgreSQL vulnerability
- Re: STP mitm attack idea
- Re: STP mitm attack idea
- RE: STP mitm attack idea
- Re: STP mitm attack idea
- CONFidence 2010, 25-26th May - Call For Participation
- Re: STP mitm attack idea
- From: Jean-Christophe Baptiste
- [ MDVSA-2010:087 ] poppler
- Re: STP mitm attack idea
- Apache ActiveMQ XSS Vulnerability
- Vulnerabilities in CCMS
- Re: STP mitm attack idea
- vBulletin - Insecure Custom BBCode Tags
- [ MDVSA-2010:086 ] kdegraphics
Mail converted by MHonArc