Mail Thread Index
- [SECURITY] [DSA 2247-1] rails security update,
Thijs Kinkhorst
- ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability,
ZDI Disclosures
- [SECURITY] [DSA 2248-1] ejabberd security update,
Nico Golde
- IPv6 RA-Guard evasion (and neighbor discovery monitoring) vulnerabilities,
Fernando Gont
- [SECURITY] [DSA 2249-1] jabberd14 security update,
Nico Golde
- [SECURITY] [DSA 2250-1] citadel security update,
Nico Golde
- CodeMeter WebAdmin Cross-site Scripting (XSS) Vulnerability,
robkraus
- Post Revolution 0.8.0c Multiple Remote Vulnerabilities,
Javier Bassi
- Re: Ra-Guard evasion (new Internet-Drafts),
Marc Heuse
- HTB22999: Multiple SQL Injections in A Really Simple Chat (ARSC),
advisory
- HTB22997: XSS in A Really Simple Chat (ARSC),
advisory
- [ MDVSA-2011:104 ] bind,
security
- [ MDVSA-2011:105 ] wireshark,
security
- Cisco Security Advisory: Default Credentials Vulnerability in Cisco Network Registrar,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Default Credentials for root Account on the Cisco Media Experience Engine 5600,
Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client,
Cisco Systems Product Security Incident Response Team
- Cross-Site Scripting vulnerability in Icinga,
sschurtz
- Cross-Site Scripting vulnerability in Nagios,
sschurtz
- International PHP Conference - Call for Papers,
Carsten Eilers
- [SECURITY] [DSA 2251-1] subversion security update,
Thijs Kinkhorst
- COM Server-Based Binary Planting Proof Of Concept,
ACROS Security Lists
- AST-2011-007,
Jonathan Rose
- [CVE-ID REQUEST] vBulletin - Multiple Open Redirects,
Robert Gilbert
- [SECURITY] [DSA 2252-1] dovecot security update,
Moritz Muehlenhoff
- iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability,
labs-no-reply
- CFP: IEEE SocialCom11 /PASSAT11,
justinzzhan
- WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability,
nospam
- [security bulletin] HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure,
security-alert
- ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability,
ZDI Disclosures
- fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947),
ma+bt
- iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability,
labs-no-reply
- VMware Tools Multiple Vulnerabilities,
VSR Advisories
- [SECURITY] [DSA 2253-1] fontforge security update,
Thijs Kinkhorst
- AppSec USA 2011 CFP Reminder, CTF Pre-Conference Challenge #2,
adam . baso
- [ MDVSA-2011:106 ] subversion,
security
- [SECURITY] [DSA 2254-1] oprofile security update,
Luciano Bello
- PopScript Multiple Vulnerabilities,
root
- Squiz Matrix - Cross-Site Scripting Vulnerability,
Patrick Webster
- ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server.,
Security_Alert
- [SECURITY] [DSA 2255-1] libxml2 security update,
Thijs Kinkhorst
- Java HotSpot Cryptographic Provider signature verification vulnerability,
Zacheusz Siedlecki
- ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability,
ZDI Disclosures
- ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability,
Fly, Kate
- ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability,
ZDI Disclosures
- Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS,
sschurtz
- [ MDVSA-2011:107 ] fetchmail,
security
- OWASP Zed Attack Proxy version 1.3.0,
psiinon
- [HITB-Announce] HITB2011AMS Conference Materials & Photos,
Hafez Kamal
- Multiple vulnerabilities in several IP camera products,
roberto . paleari
- ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability,
ZDI Disclosures
- [security bulletin] HPSBMA02674 SSRT100487 rev.1 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject,
security-alert
- ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- [security bulletin] HPSBMA02631 SSRT100324 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code,
security-alert
- [Announcement] ClubHACK Magazine Issue 17-June 2011 released,
abhijeet
- PDFill Insecure Library Loading,
robkraus
- IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011,
justinzzhan
- [SECURITY] [DSA 2256-1] tiff security update,
Thijs Kinkhorst
- VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- VUPEN Security Research - Oracle Java ICC Profile "mluc" Tag Integer Overflow Code Execution Vulnerability,
VUPEN Security Research
- Call for Participation: DIMVA 2011,
Konrad Rieck
- [SECURITY] [DSA 2257-1] vlc security update,
Nico Golde
- Javascript Injection in Microsoft Lync 4.0.7577.0,
bede
- [ MDVSA-2011:109 ] webmin,
security
- phion netfence / Barracuda NG Firewall: Remote Command Execution with root Privileges,
mailinglists
- [SECURITY] [DSA 2258-1] kolab-cyrus-imapd security update,
Nico Golde
- [SECURITY] [DSA 2259-1] fex security update,
Nico Golde
- Re: HTB22943: XSS in Dalbum,
Henri Salo
- [HITB-Announce] HITB eZine Issue #006 Released!,
Hafez Kamal
- [ MDVSA-2011:108 ] xerces-j2,
security
- Last Day for AppSec USA 2011 CFP!,
adam . baso
- DC4420 - London DEFCON - June meet - Tuesday 21st June 2011,
Major Malfunction
- [Annoucement] ClubHack Magazine - Call for Articles,
abhijeet
- [security bulletin] HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code,
security-alert
- HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability,
advisory
- ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability,
ZDI Disclosures
- [BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution,
signaladvisory
- ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability,
ZDI Disclosures
- TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- [ MDVSA-2011:110 ] gimp,
security
- [security bulletin] HPSBUX02657 SSRT100460 rev.1 - CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS),
security-alert
- iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability,
labs-no-reply
- iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability,
labs-no-reply
- Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries,
Stefan Kanthak
- TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability,
labs-no-reply
- JFreeChart - Path Disclosure vulnerability,
Patrick Webster
- NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability,
NSFOCUS Security Team
- [SECURITY] [DSA 2261-1] redmine security update,
Thijs Kinkhorst
- ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog,
advisory
- [SECURITY] [DSA 2263-1] movabletype-opensource security update,
Florian Weimer
- iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability,
labs-no-reply
- HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS,
advisory
- HTB23004: Multiple Vulnerabilities in e107,
advisory
- ZDI-11-221: Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- EQDKP plus Cross Site Scripting and Bypass file extension,
iPower N/A
- ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-198: (Pwn2Own) Microsoft Internet Explorer Uninitialized Variable Information Leak Vulnerability,
ZDI Disclosures
- ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability,
ZDI Disclosures
- Re: WOOT '11 Call for Papers (reminder),
Michal Zalewski
- ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- [SECURITY] [DSA 2259-1] rails security update,
Florian Weimer
- [SECURITY] [DSA 2262-1] moodle security update,
Moritz Muehlenhoff
- CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery,
CORE Security Technologies Advisories
- ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability,
ZDI Disclosures
- VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038),
VUPEN Security Research
- ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFFFFFF49 Field Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-193: Microsoft Internet Explorer DOM Modification Race Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-196: Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution Vulnerability,
ZDI Disclosures
- Re: [Full-disclosure] XSS Vulnerability in Redmine 1.0.1 to 1.1.1,
Henri Salo
- CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability,
CORE Security Technologies Advisories
- myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique,
info
- HTB23005: Multiple XSS in N-13 News,
advisory
- ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability,
ZDI Disclosures
- [SECURITY] [DSA 2264-1] linux-2.6 security update,
dann frazier
- [SECURITY] [DSA 2265-1] perl security update,
Florian Weimer
- Perfect PDF products distributed with vulnerable MSVC++ libraries,
Stefan Kanthak
- [slackware-security] fetchmail (SSA:2011-171-01),
Slackware Security Team
- ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability,
ZDI Disclosures
- HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method,
advisory
- HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods,
advisory
- TWSL2011-006: IBM Web Application Firewall Bypass,
Trustwave Advisories
- 2wire password reset module,
techhelperjax
- [PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon,
Timo Warns
- ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability,
ZDI Disclosures
- ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability,
ZDI Disclosures
- [slackware-security] mozilla-firefox (SSA:2011-174-01),
Slackware Security Team
- Off-by-one in Sybase Advantage Server 10.0.0.3,
Luigi Auriemma
- Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2,
Luigi Auriemma
- APPLE-SA-2011-06-28-1 Java for Mac OS X 10.6 Update 5,
Apple Product Security
Mail converted by MHonArc