Mail Index
- [SECURITY] [DSA 2247-1] rails security update
- ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability
- [SECURITY] [DSA 2248-1] ejabberd security update
- IPv6 RA-Guard evasion (and neighbor discovery monitoring) vulnerabilities
- [SECURITY] [DSA 2249-1] jabberd14 security update
- [SECURITY] [DSA 2250-1] citadel security update
- CodeMeter WebAdmin Cross-site Scripting (XSS) Vulnerability
- Post Revolution 0.8.0c Multiple Remote Vulnerabilities
- Re: Ra-Guard evasion (new Internet-Drafts)
- HTB22999: Multiple SQL Injections in A Really Simple Chat (ARSC)
- HTB22997: XSS in A Really Simple Chat (ARSC)
- [ MDVSA-2011:104 ] bind
- [ MDVSA-2011:105 ] wireshark
- Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600
- From: Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
- From: Cisco Systems Product Security Incident Response Team
- Cross-Site Scripting vulnerability in Icinga
- Cross-Site Scripting vulnerability in Nagios
- Re: Ra-Guard evasion (new Internet-Drafts)
- International PHP Conference - Call for Papers
- [SECURITY] [DSA 2251-1] subversion security update
- COM Server-Based Binary Planting Proof Of Concept
- From: ACROS Security Lists
- Re: [Full-disclosure] COM Server-Based Binary Planting Proof Of Concept
- RE: [Full-disclosure] COM Server-Based Binary Planting Proof OfConcept
- From: Thor (Hammer of God)
- RE: [Full-disclosure] COM Server-Based Binary Planting Proof OfConcept
- From: ACROS Security Lists
- RE: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept
- RE: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept
- AST-2011-007
- Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept
- [CVE-ID REQUEST] vBulletin - Multiple Open Redirects
- [SECURITY] [DSA 2252-1] dovecot security update
- Re: [Full-disclosure] COM Server-Based Binary Planting ProofOfConcept
- iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability
- CFP: IEEE SocialCom11 /PASSAT11
- WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability
- [security bulletin] HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
- ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability
- fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947)
- iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability
- VMware Tools Multiple Vulnerabilities
- [SECURITY] [DSA 2253-1] fontforge security update
- AppSec USA 2011 CFP Reminder, CTF Pre-Conference Challenge #2
- [ MDVSA-2011:106 ] subversion
- [SECURITY] [DSA 2254-1] oprofile security update
- PopScript Multiple Vulnerabilities
- Squiz Matrix - Cross-Site Scripting Vulnerability
- ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server.
- [SECURITY] [DSA 2255-1] libxml2 security update
- Java HotSpot Cryptographic Provider signature verification vulnerability
- ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability
- ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability
- ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability
- ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability
- ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability
- ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability
- ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability
- ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability
- ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability
- ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability
- Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS
- [ MDVSA-2011:107 ] fetchmail
- OWASP Zed Attack Proxy version 1.3.0
- [HITB-Announce] HITB2011AMS Conference Materials & Photos
- Multiple vulnerabilities in several IP camera products
- ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability
- ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability
- [security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject
- ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability
- ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability
- [security bulletin] HPSBMA02631 SSRT100324 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code
- [Announcement] ClubHACK Magazine Issue 17-June 2011 released
- PDFill Insecure Library Loading
- IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011
- [SECURITY] [DSA 2256-1] tiff security update
- VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "mluc" Tag Integer Overflow Code Execution Vulnerability
- From: VUPEN Security Research
- Call for Participation: DIMVA 2011
- [SECURITY] [DSA 2257-1] vlc security update
- Javascript Injection in Microsoft Lync 4.0.7577.0
- [ MDVSA-2011:109 ] webmin
- phion netfence / Barracuda NG Firewall: Remote Command Execution with root Privileges
- [SECURITY] [DSA 2258-1] kolab-cyrus-imapd security update
- [SECURITY] [DSA 2259-1] fex security update
- Re: HTB22943: XSS in Dalbum
- [HITB-Announce] HITB eZine Issue #006 Released!
- [ MDVSA-2011:108 ] xerces-j2
- Last Day for AppSec USA 2011 CFP!
- DC4420 - London DEFCON - June meet - Tuesday 21st June 2011
- [Annoucement] ClubHack Magazine - Call for Articles
- [security bulletin] HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code
- HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability
- ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability
- ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability
- ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability
- ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability
- [BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution
- ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability
- TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability
- TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability
- TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability
- TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability
- ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability
- [ MDVSA-2011:110 ] gimp
- [security bulletin] HPSBUX02657 SSRT100460 rev.1 - CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS)
- iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability
- iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability
- Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries
- TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability
- iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability
- JFreeChart - Path Disclosure vulnerability
- NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability
- From: NSFOCUS Security Team
- [SECURITY] [DSA 2261-1] redmine security update
- ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability
- HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog
- [SECURITY] [DSA 2263-1] movabletype-opensource security update
- iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability
- HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS
- HTB23004: Multiple Vulnerabilities in e107
- ZDI-11-221: Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability
- EQDKP plus Cross Site Scripting and Bypass file extension
- ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability
- ZDI-11-198: (Pwn2Own) Microsoft Internet Explorer Uninitialized Variable Information Leak Vulnerability
- ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability
- Re: WOOT '11 Call for Papers (reminder)
- ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability
- ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability
- ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution Vulnerability
- ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability
- [SECURITY] [DSA 2259-1] rails security update
- [SECURITY] [DSA 2262-1] moodle security update
- CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery
- From: CORE Security Technologies Advisories
- ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability
- VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038)
- From: VUPEN Security Research
- ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability
- ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability
- ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFFFFFF49 Field Remote Code Execution Vulnerability
- ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code Execution Vulnerability
- ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability
- ZDI-11-193: Microsoft Internet Explorer DOM Modification Race Remote Code Execution Vulnerability
- ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability
- ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability
- ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability
- ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability
- ZDI-11-196: Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution Vulnerability
- Re: [Full-disclosure] XSS Vulnerability in Redmine 1.0.1 to 1.1.1
- CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability
- From: CORE Security Technologies Advisories
- myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique
- HTB23005: Multiple XSS in N-13 News
- ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability
- ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability
- ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability
- [SECURITY] [DSA 2264-1] linux-2.6 security update
- [SECURITY] [DSA 2265-1] perl security update
- Perfect PDF products distributed with vulnerable MSVC++ libraries
- [slackware-security] fetchmail (SSA:2011-171-01)
- From: Slackware Security Team
- ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability
- ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability
- ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability
- HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method
- Re: Perfect PDF products distributed with vulnerable MSVC++ libraries
- Re: Perfect PDF products distributed with vulnerable MSVC++ libraries
- HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods
- TWSL2011-006: IBM Web Application Firewall Bypass
- From: Trustwave Advisories
- 2wire password reset module
- [PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon
- ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability
- ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability
- [slackware-security] mozilla-firefox (SSA:2011-174-01)
- From: Slackware Security Team
- Off-by-one in Sybase Advantage Server 10.0.0.3
- Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2
- APPLE-SA-2011-06-28-1 Java for Mac OS X 10.6 Update 5
- From: Apple Product Security
Mail converted by MHonArc