[security bulletin] HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02290344 Version: 1 HPSBMA02558 SSRT010158 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be

[Onapsis Security Advisory 2010-006] SAP J2EE Web Services Navigator Cross-Site Scripting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2010-006: SAP J2EE Web Services Navigator Cross-Site Scripting This advisory can be downloaded in PDF format from http://www.onapsis.com/. By downloading this advisory from the Onapsis Resource Center, you will gain access

ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability

ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-130 July 20, 2010 -- CVE ID: CVE-2010-1209 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x

ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability

ZDI-10-131: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-131 July 20, 2010 -- CVE ID: CVE-2010-2753 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Mozilla Firefox -- Affected Products:

ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Vulnerability

ZDI-10-132: Mozilla Firefox Plugin Parameter EnsureCachedAttrParamArrays Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-132 July 20, 2010 -- CVE ID: CVE-2010-1214 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Mozilla Firefox -- Affected

ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

ZDI-10-133: Mozilla Firefox CSS font-face Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-133 July 20, 2010 -- CVE ID: CVE-2010-2752 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x

ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability

ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-134 July 20, 2010 -- CVE ID: CVE-2010-1208 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla

ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities

ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-135 July 20, 2010 -- CVSS: 4.3, (AV:N/AC:M/Au:N/C:P/I:N/A:N) -- Affected Vendors: Novell -- Affected Products: Novell GroupWise WebAccess -- TippingPoint(TM)

[SECURITY] [DSA 2074-1] New ncompress packages fix execution of arbitrary code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2074-1 secur...@debian.org http://www.debian.org/security/Giuseppe Iuculano July 21, 2010

[USN-940-2] Kerberos vulnerability

=== Ubuntu Security Notice USN-940-2 July 21, 2010 krb5 vulnerability CVE-2010-1321 === A security issue affects the following Ubuntu releases: Ubuntu 10.04 LTS This

ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSAR Federated Identity Manager

ESA-2010-011: RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA(r) Federated Identity Manager Security Advisory Updated July 20, 2010 Summary: RSA(r) Federated Identity Manager may be impacted by potential arbitrary URL redirection vulnerability

[oCERT-2010-002] Joomla input sanitization errors (XSS)

#2010-002 Joomla input sanitization errors (XSS) Description: Joomla, an open source content management system, suffers from a cross-site scripting (XSS) vulnerability. Insufficient input sanitization on the parameters passed to pages related to administration settings leads to arbitrary

[SECURITY] [DSA 2073-1] New mlmmj packages fix directory traversal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-2073-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst July 20, 2010

[security bulletin] HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02286088 Version: 1 HPSBMA02557 SSRT100025 rev.1- HP OpenView Network Node Manager (OV NNM) Running on Windows, Remote Execution of Arbitrary Code NOTICE: The information in this Security

Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: CDS Internet Streamer: Web Server Directory Traversal Vulnerability Advisory ID: cisco-sa-20100721-spcdn http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml Revision 1.0 For Public Release 2010 July 21 1600

[Suspected Spam]SQL Injection vulnerability in coWiki

Hello Bugtraq! I want to warn you about security vulnerability in coWiki. Earlier I already wrote about XSS vulnerability in coWiki - SecurityVulns ID:8005 (http://securityvulns.ru/Rdocument692.html). - Advisory: SQL Injection vulnerability in coWiki

VUPEN Security Research - HP OpenView Network Node Manager nnmrptconfig.exe Buffer Overflow (CVE-2010-2703)

VUPEN Security Research - HP OpenView Network Node Manager nnmrptconfig.exe Buffer Overflow (CVE-2010-2703) http://www.vupen.com/english/research.php I. BACKGROUND - HP OpenView Network Node Manager is the market-leading network management solution that enables problem

[security bulletin] HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02283465 Version: 2 HPSBMA02551 SSRT100065 rev.2 - HP Virtual Connect Enterprise Manager for Windows, Remote Cross Site Scripting (XSS) NOTICE: The information in this Security Bulletin