Mail Thread Index

• Date Index

• [USN-930-1] Firefox and Xulrunner vulnerabilities, Jamie Strandboge
• [USN-930-2] apturl, Epiphany, gecko-sharp, gnome-python-extras, liferea, rhythmbox, totem, ubufox, yelp update, Jamie Strandboge
• [0day] Microsoft mshtml.dll CTimeoutEventList::InsertIntoTimeoutList memory leak, Reversemode
• Secunia Research: Adobe Reader JPEG Uninitialised Memory Vulnerability, Secunia Research
• Secunia Research: Adobe Reader GIF Image Parsing Array-Indexing Vulnerability, Secunia Research
• Secunia Research: Joomla BookLibrary Component Four SQL Injection Vulnerabilities, Secunia Research
• VUPEN Security Research - Adobe Acrobat and Reader #1023 Tag Buffer Overflow Vulnerability (CVE-2010-2212), VUPEN Security Research
• VUPEN Security Research - Adobe Acrobat and Reader "newfunction" Memory Corruption Vulnerability (CVE-2010-2168), VUPEN Security Research
• VUPEN Security Research - Adobe Acrobat and Reader "pushstring" Memory Corruption Vulnerability (CVE-2010-2201), VUPEN Security Research
• VUPEN Security Research - Adobe Acrobat and Reader "newclass" Memory Corruption Vulnerability (CVE-2010-1285), VUPEN Security Research
• ZDI-10-116: Adobe Reader CLOD Progressive Mesh Continuation Resolution Remote Code Execution Vulnerability, ZDI Disclosures
• [USN-930-3] Firefox regression, Jamie Strandboge
• DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass, ddivulnalert
• [USN-956-1] sudo vulnerability, Jamie Strandboge
• [SECURITY] [DSA 2066-1] New wireshark packages fix several vulnerabilities, Moritz Muehlenhoff
• [Bkis-03-2010] Vulnerability in Flash Slideshow Maker Vulnerability, Bkis
• Re: SAP's web module OLK SQL Injection vulnerability, yuval . lerner
• Vulnerabilities in WP-UserOnline for WordPress, MustLive
• Re: [Full-disclosure] Remote Command Execution in dotDefender Site Management, Henri Salo
• REVISION: iScripts EasySnaps 2.0 Multiple SQL Injection Vulnerabilities, Salvatore Fresta aka Drosophila
• iScripts ReserveLogic 1.0 SQL Injection Vulnerability, Salvatore Fresta aka Drosophila
• iScripts CyberMatch 1.0 Blind SQL Injection Vulnerability, Salvatore Fresta aka Drosophila
• Re: Cherokee Web Server 0.5.3 Multiple Vulnerabilities, security curmudgeon
• VSR Advisory: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities, VSR Advisories
• IIS5.1 Directory Authentication Bypass by using “:$I30:$Index_Allocation”, bugreport
• Zoph Multiple Parameter Cross Site Scripting Vulnerabilities, VUPEN Web Security
• [SECURITY] [DSA-2067-1] New mahara packages fix several vulnerabilities, Raphael Geissert
• IrcDelphi DCA-00010 Vulnerability Report, Ewerson Guimarães (Crash) - Dclabs
• iScripts SocialWare 2.2.x Multiple Remote Vulnerability, Salvatore Fresta aka Drosophila
• iScripts MultiCart 2.2 Multiple SQL Injection Vulnerability, Salvatore Fresta aka Drosophila
• [ MDVSA-2010:127 ] imlib2, security
• Canteen Joomla Component 1.0 Multiple Remote Vulnerabilities, Salvatore Fresta aka Drosophila
• Security Advisories from TEHTRI-Security at HITB Europe, Laurent OUDOT at TEHTRI-Security
• TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow, noreply
• [Suspected Spam]File Download and DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera, MustLive
• Hiding Backdoors in plain sight, Mailing lists at Core Security Technologies
• Secunia Research: Joomla BookLibrary From Same Author Module "id" SQL Injection, Secunia Research
• Editran editcp V4.1 R7 - Remote buffer overflow, Pedro Andujar
• [HITB-Announce] HITB Magazine Issue 003 + HITBSecConf2010 - Amsterdam, Hafez Kamal
• Re: SQL injection vulnerability in WebDB, security curmudgeon
• NTSOFT BBS E-Market Professional = XSS / Remote Execution Code, ivan . sanchez
• VLC Player M3U file ftp:// URI Handler Remote Stack Buffer Overflow, praveen_recker
• Re: SQL injection vulnerability in TomatoCMS, security curmudgeon
• Re: XSS vulnerability in PortalApp, security curmudgeon
• Re: Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games, P0ndera
  • <Possible follow-ups>
  • Re: Re: Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games, houkouonchi
• Xlight FTPd Multiple Directory Traversal in SFTP, bill
• [USN-943-1] Thunderbird vulnerabilities, Marc Deslauriers
• pam_captcha username harvest vulnerability, Ian Maguire
  • Re: pam_captcha username harvest vulnerability, Jordan Sissel
  • <Possible follow-ups>
  • Re: pam_captcha username harvest vulnerability, Ian Maguire
• DeepSec 2010 - Call for Papers - REMINDER, DeepSec Conference
• DCP-Portal Multiple XSS Vulnerabilities, Andrei Rimsa
• Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability, Cisco Systems Product Security Incident Response Team
• [ MDVSA-2010:130 ] heimdal, security
• MODx Installation File XSS Vulnerability, Andrei Rimsa
  • <Possible follow-ups>
  • Re: MODx Installation File XSS Vulnerability, rimsa
  • Re: MODx Installation File XSS Vulnerability, jason
• ArtForms 2.1b7.2 RC2 Joomla Component Multiple Remote Vulnerabilities, Salvatore Fresta aka Drosophila
• PBS Pro race condition vulnerability, Bartłomiej Balcerek
• RunCMS XSS Vulnerability via User Agent, Andrei Rimsa
  • <Possible follow-ups>
  • Re: RunCMS XSS Vulnerability via User Agent, rimsa
• Sandbox 2.0.3 Multiple Remote Vulnerabilities, Salvatore Fresta aka Drosophila
• [ MDVSA-2010:129 ] heimdal, security
• [ MDVSA-2010:128 ] lftp, security
• Exponent Slideshow XSS Vulnerability, Andrei Rimsa
• Pligg Installation File XSS Vulnerability, Andrei Rimsa
  • <Possible follow-ups>
  • Pligg Installation File XSS Vulnerability, Andrei Rimsa
• [USN-960-1] libpng vulnerabilities, Marc Deslauriers
• XSS vulnerability in CruxPA, advisory
  • <Possible follow-ups>
  • XSS vulnerability in CruxPA, advisory
  • XSS vulnerability in CruxPA, advisory
  • XSS vulnerability in CruxPA, advisory
• [USN-959-1] PAM vulnerability, Kees Cook
• XSS vulnerability in CruxCMS, advisory
  • <Possible follow-ups>
  • XSS vulnerability in CruxCMS, advisory
• [scip_Advisory 4143] Shemes Grabbit Malicious NZB Date Denial of Service, Marc Ruef
• Vulnerabilities in SimpNews, MustLive
• [SECURITY] CVE-2010-2227: Apache Tomcat Remote Denial Of Service and Information Disclosure Vulnerability, Mark Thomas
• [SECURITY] [DSA-2069-1] New znc packages fix denial of service, Raphael Geissert
• XSS holes dotDefender, sh4v
• Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?, Richard . haf
  • <Possible follow-ups>
  • Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation?, paul . sec117
• [SECURITY] [DSA-2068-1] New python-cjson packages fix denial of service, Giuseppe Iuculano
• Opera Crash by <canvas> Element, info
• IE6 css set Denial of Service Vulnerability, info
• Metasploit Framework 3.4.1 Released, egypt
• [ MDVSA-2010:131 ] iscsitarget, security
• FreeBSD Security Advisory FreeBSD-SA-10:07.mbuf, FreeBSD Security Advisories
• VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0., VMware Security Team
• [security bulletin] HPSBMA02547 SSRT100179 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Execution of Arbitrary Code and Other Vulnerabilities, security-alert
• [security bulletin] HPSBMA02548 SSRT100126 rev.1 - HP Insight Orchestration for Windows, Remote Unauthorized Access, security-alert
• [security bulletin] HPSBMA02549 SSRT090158 rev.1 - HP Insight Control Power Management for Windows, Local Unauthorized Access to Data, Denial of Service (DoS), security-alert
• [security bulletin] HPSBUX02450 SSRT090141 rev1 - HP-UX ttrace(2), Local Denial of Service (DoS), security-alert
• [security bulletin] HPSBUX02451 SSRT090137 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS), security-alert
• [security bulletin] HPSBTU02453 SSRT091037 rev.1 - HP Tru64 UNIX BIND Server, Denial of Service (DoS), security-alert
• [security bulletin] HPSBMA02550 SSRT100170 rev.1 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), security-alert
• [security bulletin] HPSBMA02551 SSRT100165 rev.1 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS), security-alert
• [security bulletin] HPSBMA02553 SSRT100184 rev.1 - HP Insight Control Server Migration for Windows, Local and Remote Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), security-alert
• VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities, VUPEN Security Research
• [security bulletin] HPSBMA02555 SSRT100064 rev.1 - HP Client Automation Enterprise Infrastructure (Radia) Remote Disclosure of Information, security-alert
• ZDI-10-117: Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability, ZDI Disclosures
• [USN-961-1] Ghostscript vulnerabilities, Marc Deslauriers
• Re: hashdays 2010 - Call for Papers (#days CFP), Hashdays CFP
• SQL injection vulnerability in CMSQLite, advisory
  • <Possible follow-ups>
  • SQL injection vulnerability in CMSQLite, advisory
  • SQL injection vulnerability in CMSQLite, advisory
• [security bulletin] HPSBOV02539 SSRT090267 rev.1 - HP OpenVMS Auditing, Local Information Disclosure, Elevation of Privilege, Denial of Service (DoS), security-alert
• XSS vulnerability in Diem, advisory
  • <Possible follow-ups>
  • XSS vulnerability in Diem, advisory
  • XSS vulnerability in Diem, advisory
• XSS vulnerability in CMSQLite, advisory
• TPTI-10-04: Oracle Secure Backup Scheduler Service Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-118: Oracle Secure Backup Administration uname Authentication Bypass Vulnerability, ZDI Disclosures
• Secunia Research: GIGABYTE Dldrv2 ActiveX Control Array Indexing Vulnerability, Secunia Research
• [Suspected Spam]Cross-Site Scripting vulnerabilities in SimpGB, MustLive
• ZDI-10-119: Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability, ZDI Disclosures
• [security bulletin] HPSBMA02439 SSRT080082 rev.3 - HP OpenView SNMP Emanate Master Agent Running on HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, security-alert
• Pwnie Awards 2010, Alexander Sotirov
• ZDI-10-120: Oracle Secure Backup Administration objectname Command Injection Remote Code Execution Vulnerability, ZDI Disclosures
• PR09-16: Juniper Secure Access series (Juniper IVE) Cross-Site Scripting Vulnerability, research
• ZDI-10-121: Command Injection Remote Code Execution Vulnerability, ZDI Disclosures
  • <Possible follow-ups>
  • Re: ZDI-10-121: Command Injection Remote Code Execution Vulnerability, Juha-Matti Laurio
• ZDI-10-122: Oracle Secure Backup Administration Command Injection Remote Code Execution Vulnerability, ZDI Disclosures
• SAPGui BI wadmxhtml.dll Tags Property Heap Corruption, Elazar Broad
• ZDI-10-123: Oracle Secure Backup Administration Authentication Bypass Vulnerability, ZDI Disclosures
• ZDI-10-124: Oracle Secure Backup Web Interface Various Post-Auth Command Injection Remote Code Execution Vulnerabilities, ZDI Disclosures
• CVE-2010-2375: WebLogic Plugin HTTP Injection via Encoded URLs, VSR Advisories
• cPanel XSS Vulnerability, thomas
• [ MDVSA-2010:132 ] python, security
• ZDI-10-125: IBM SolidDB solid.exe Handshake Request Username Field Remote Code Execution Vulnerability, ZDI Disclosures
• Opera Browser Address Bar Spoofing Vulnerability, info
• [USN-962-1] VTE vulnerability, Kees Cook
• [security bulletin] HPSBMA02554 SSRT100018 rev.2 - HP Insight Control for Linux, Remote Execution of Arbitrary Code, Remote Denial of Service (DoS), Remote Unauthorized Access, security-alert
• XSS vulnerability in DSite CMS, advisory
• Outlook PR_ATTACH_METHOD file execution vulnerability, Akita Software Security
• XSS vulnerability in Gekko Web Builder, advisory
• XSS vulnerability in Pligg search module, advisory
• [SECURITY] [DSA 2070-1] New freetype packages fix several vulnerabilities, Moritz Muehlenhoff
• XSS vulnerability in Taggon CMS, advisory
• XSS vulnerability in WebPress, advisory
  • <Possible follow-ups>
  • XSS vulnerability in WebPress, advisory
  • XSS vulnerability in WebPress, advisory
  • XSS vulnerability in WebPress, advisory
• Secunia Research: GIGABYTE Dldrv2 ActiveX Control Unsafe Methods, Secunia Research
• [SECURITY] [DSA 2071-1] New libmikmod packages fix several vulnerabilities, Moritz Muehlenhoff
• XSS vulnerability in phpwcms, advisory
• Stored XSS vulnerability in Pixie, advisory
• [security bulletin] HPSBUX02556 SSRT100014 rev.1 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code, security-alert
• XSS vulnerability in Pixie, advisory
• [security bulletin] HPSBMA02550 SSRT100170 rev.2 - HP Insight Software Installer for Windows, Local Unauthorized Access to Data, Remote Cross Site Request Forgery (CSRF), security-alert
• XSS vulnerability in FestOS, advisory
  • <Possible follow-ups>
  • XSS vulnerability in FestOS, advisory
• XSRF (CSRF) in Pixie, advisory
  • <Possible follow-ups>
  • XSRF (CSRF) in Pixie, advisory
• {PRL} Novell Groupwise Webaccess Stack Overflow, Francis Provencher
• XSRF (CSRF) in phpwcms, advisory
• ClubHack2010 CFP, ClubHack
• OWASP Appsec Germany Call for Papers, Tobias Glemser
• IS-2010-006 - D-Link DAP-1160 formFilter buffer overflow, Cristofaro Mune
• [ MDVSA-2010:133 ] libpng, security
• Kiwicon IV: Our Worst CFP Yet, Kiwicon
• [ MDVSA-2010:134 ] ghostscript, security
• [ MDVSA-2010:136 ] ghostscript, security
• [ MDVSA-2010:135 ] ghostscript, security
• [MajorSecurity SA-076]Conpresso CMS - Cross site Scripting vulnerabilities, david . kurz
• ZDI-10-126: Ipswitch Imail Server List Mailer Reply-To Address Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-127: Ipswitch Imail Server Mailing List Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-128: Ipswitch Imail Server Queuemgr Format String Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-129: Novell Netware Groupwise Internet Gateway Remote Code Execution Vulnerability, ZDI Disclosures
• A new zombie port scanning attack, ithilgore
• {PRL} Novell Groupwise Internet Agent Stack Overflow, Francis Provencher
• RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability, Salvatore Fresta aka Drosophila
• [ MDVSA-2010:137 ] freetype2, security
• [SECURITY] [DSA 2072-1] New libpng packages fix several vulnerabilities, Giuseppe Iuculano
• YACK CMS 10.5.27 Remote File Inclusion Vulnerability, g1xsystem
• Microsoft ClickOnce MITM Vulnerabilities, Tom Ritter
• SeaMonkey 2.0.5 Address Bar Spoofing Vulnerability, info
• VMSA-2010-0012 VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities, VMware Security Team
• PoC for CVE-2010-1869 (ghostscript) and CVE-2010-1039 (rpc.pcnfsd), Rodrigo Branco
• CVE-2010-2382: Solaris flar unsafe use of temporary files, Frank Stuart
• CVE-2010-2382: Solaris nfslogd unsafe use of temporary files, Frank Stuart
• CVE-2010-2384: Solaris wbem unsafe use of temporary files, Frank Stuart
• [USN-963-1] FreeType vulnerabilities, Marc Deslauriers
• [security bulletin] HPSBMA02425 SSRT080091 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, security-alert
• [security bulletin] HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, security-alert
• [Onapsis Security Advisory 2010-006] SAP J2EE Web Services Navigator Cross-Site Scripting, Onapsis Research Labs
• ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities, ZDI Disclosures
• [SECURITY] [DSA 2074-1] New ncompress packages fix execution of arbitrary code, Giuseppe Iuculano
• [USN-940-2] Kerberos vulnerability, Kees Cook
• ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSAR Federated Identity Manager, Security_Alert
• [oCERT-2010-002] Joomla input sanitization errors (XSS), Andrea Barisani
• [SECURITY] [DSA 2073-1] New mlmmj packages fix directory traversal, Thijs Kinkhorst
• [security bulletin] HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code, security-alert
• Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability, Cisco Systems Product Security Incident Response Team
• Mozilla Firefox 3.5.x Address Bar Spoofing Vulnerability, info
• [Suspected Spam]SQL Injection vulnerability in coWiki, MustLive
• VUPEN Security Research - HP OpenView Network Node Manager "nnmrptconfig.exe" Buffer Overflow (CVE-2010-2703), VUPEN Security Research
• VUPEN Security Research - HP OpenView Network Node Manager "ov.dll" Buffer Overflow Vulnerability (CVE-2010-2704), VUPEN Security Research
• [security bulletin] HPSBMA02558 SSRT100158 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, security-alert
• [security bulletin] HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS), security-alert
• ZDI-10-137: Hewlett-Packard OpenView NNM webappmon.exe execvp_nc Remote Code Execution Vulnerability, ZDI Disclosures
• ZDI-10-136: Novell Teaming ajaxUploadImageFile Remote Code Execution Vulnerability, ZDI Disclosures
• XSS vulnerability in Spitfire search, advisory
• XSS vulnerability in Spitfire, advisory
  • <Possible follow-ups>
  • XSS vulnerability in Spitfire, advisory
  • XSS vulnerability in Spitfire, advisory
  • XSS vulnerability in Spitfire, advisory
• vBulletin - Critical Information Disclosure, advisories
  • RE: vBulletin - Critical Information Disclosure, Jon
• [DSECRG-09-068] SAP NetWaver SLD - multiple XSS, Alexandr Polyakov
• [USN-927-8] Thunderbird update, Jamie Strandboge
• [USN-927-7] nspr update, Jamie Strandboge
• [USN-957-1] Firefox and Xulrunner vulnerabilities, Jamie Strandboge
• [DSECRG-09-040] SAP Netweaver wsnavigator XSS Security Vulnerability, Alexandr Polyakov
• [USN-930-4] Firefox and Xulrunner vulnerabilities, Jamie Strandboge
• [USN-930-5] ant, apturl, Epiphany, gluezilla, gnome-python-extras, liferea, mozvoikko, OpenJDK, packagekit, ubufox, webfav, yelp update, Jamie Strandboge
• [ MDVSA-2010:138 ] iputils, security
• [USN-927-6] NSS vulnerability, Jamie Strandboge
• Foofus.net Security Advisory: Symantec AMS Intel Alert Handler service Design Flaw, spider
• Internet Explorer 8.0 Address Bar Spoofing Vulnerability, info
  • Re: Internet Explorer 8.0 Address Bar Spoofing Vulnerability, Shreyas Zare
• DM Filemanager (fckeditor) Remote Arbitrary File Upload Exploit, g1xsystem
• Call For Papers - Hackers 2 Hackers Conference 7th Edition - Brazil, Rodrigo Rubira Branco (BSDaemon)
• Multiple vulnerabilities in MC Content Manager, MustLive
• WhiteBoard 0.1.30 Multiple Blind SQL Injection Vulnerabilities, Salvatore Fresta aka Drosophila
• QQplayer smi File Processing Buffer Overflow Vulnerability, lilf
• Mac OS X WebDAV kernel extension local denial-of-service, Dan Rosenberg
• [LWSA-2010-001] Likewise Open 5.4 & 6.0, Gerald Carter
• [USN-958-1] Thunderbird vulnerabilities, Marc Deslauriers
• [USN-957-2] Firefox and Xulrunner vulnerability, Jamie Strandboge
• Nessus Vulnerabilities, madhck
• iKAT - Interactive Kiosk Attack Tool v3 : Defcon 18 Edition, Paul Craig
• Paper on the law and Implantable Devices security, Gadi Evron
• [USN-930-6] Firefox and Xulrunner vulnerability, Jamie Strandboge
• Heap Overflow/DoS Vulnerability in Media Player Classic, praveen_recker
• XSS vulnerability in SyndeoCMS, advisory
  • <Possible follow-ups>
  • XSS vulnerability in SyndeoCMS, advisory
  • XSS vulnerability in SyndeoCMS, advisory
• SQL injection vulnerability in Theeta CMS, advisory
• XSS vulnerability in Theeta CMS, advisory
  • <Possible follow-ups>
  • XSS vulnerability in Theeta CMS, advisory
  • XSS vulnerability in Theeta CMS, advisory
• FuzzDiff tool, Dan Rosenberg
• [USN-964-1] Likewise Open vulnerability, Kees Cook
• [MajorSecurity SA-079]PHPKIT WCMS - Multiple stored Cross Site Scripting Issues, david . kurz
• London DEFCON July meet - DC4420 - Wed 28th July 2010, Dominic
• TTVideo 1.0 Joomla Component SQL Injection Vulnerability, Salvatore Fresta aka Drosophila
  • <Possible follow-ups>
  • Re: TTVideo 1.0 Joomla Component SQL Injection Vulnerability, martin
• [ MDVSA-2010:140 ] php, security
• [ MDVSA-2010:141 ] samba, security
• [SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution, Florian Weimer
• [SECURITY] [DSA 2075-1] New xulrunner packages fix several vulnerabilities, Moritz Muehlenhoff
• Appointinator 1.0.1 Joomla Component Multiple Remote Vulnerabilities, Salvatore Fresta aka Drosophila
• Secunia Research: Autonomy KeyView Compound File Parsing Buffer Overflow, Secunia Research
• Secunia Research: Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow, Secunia Research
• Secunia Research: Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error, Secunia Research
• Secunia Research: Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow, Secunia Research
• Secunia Research: Autonomy KeyView wkssr.dll Integer Underflow Vulnerability, Secunia Research
• Secunia Research: Autonomy KeyView wkssr.dll String Indexing Vulnerability, Secunia Research
• Secunia Research: Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows, Secunia Research
• Jira Enterprise 4.0.1 - Multiple Low Risk Vulnerabilities, advisories
• [security bulletin] HPSBMA02549 SSRT090158 rev.2 - HP Insight Control Power Management for Windows, Local Unauthorized Read Access to Data, security-alert
• PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection, Salvatore Fresta aka Drosophila
• Vulnerabilities in Cetera eCommerce, MustLive
• New vulnerabilities in Cetera eCommerce, MustLive
• [security bulletin] HPSBUX02556 SSRT100014 rev.2 - HP-UX Running rpc.ttdbserver, Remote Execution of Arbitrary Code, security-alert
• PBBooking 1.0.4_3 Joomla Component Multiple Blind SQL Injection, Salvatore Fresta aka Drosophila
• CFP NcN 2010, Jose Nicolas Castellano
• [ MDVSA-2010:142 ] openldap, security
• [HITB-Ann] Reminder: HITB2010 Malaysia Call for Papers Closing August 9th, Hafez Kamal
• [SECURITY] [DSA 2077-1] New openldap packages fix potential code execution, Florian Weimer
• Insomnia : ISVA-100730.1 - CMS Multiple SQL injection Vulnerabilities, Insomnia Security
• Akamai Download Manager arbitrary file download & execution, Akita Software Security
• Day of bugs in WordPress 2, MustLive
• ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability, Security_Alert
• XSS vulnerability in Campsite, advisory
  • <Possible follow-ups>
  • XSS vulnerability in Campsite, advisory