Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100

Cross Site Scripting (XSS) in Owl <=0.95, CVE-2008-3100 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3100 http://owl.sourceforge.net/ http://www.datensalat.eu/~fabian/cve/CVE-2008-3100-Owl.html Description: Owl is a multi user document repository (knowledgebase) system for

ViArt <= 3.5 SQL Injection

## # GulfTech Security ResearchJuly 28, 2008 ## # Vendor : ViArt, Ltd # URL : http://www.viart.com/ # Version : ViArt Shop <= 3.5 # Risk : SQL Injection #

Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02

-# [Saved] - [27-07-2008/13:10:02] # .: Multiple Cross-Site Scripting Vulnerabilities in Web Wiz Rich Text Editor version 4.02 # .: [Author] CSDT # .: [Affected versions] http:/

Re: how to request a cve id?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 CVE requests can be sent to [EMAIL PROTECTED] or to me directly. My PGP key is below, or accessible from the MIT public key server. Alternately, you can request them from Candidate Numbering Authorities (CNAs) which include the security teams at Red

RE: Windows Vista Power Management & Local Security Policy

-Original Message- From: Abe Getchell [mailto:[EMAIL PROTECTED] Sent: Friday, 18 July 2008 12:39 PM To: bugtraq@securityfocus.com Subject: Windows Vista Power Management & Local Security Policy > When the security option "Shutdown: Allow system to be shutdown without having to log on" (

JamRoom <= 3.3.8 Authentication Bypass

## # GulfTech Security ResearchJuly 28, 2008 ## # Vendor : Talldude Networks, LLC # URL : http://www.jamroom.net/ # Version : Jamroom <= 3.3.8 # Risk : Authentication Byp

[security bulletin] HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01511225 Version: 1 HPSBMA02353 SSRT080066 rev.1 - HP OpenView Internet Services Running Probe Builder, Remote Denial of Service (DoS) NOTICE: The information in this Security Bulletin should

Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations

-- ISR - Infobyte Security Research -- | ISR-evilgrade | www.infobyte.com.ar | ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates. * How does it work? It works with modules, each module implements the structure needed

[DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1

Digital Security Research Group [DSecRG] Advisory #DSECRG-08-033 Application:Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug:Local File Include Exploits:

Security Bypass Vulnerabilities AXESSTEL

Bboyhacks bboyhacks[at]gmail.com AXESS.TEL CDMA 1xEV-DO FIXED WIRELESS MODEN AXW-D800 S/W Version:D2_ETH_109_01_VEBR Jun-14-2006 Default LAN IP: 192.168.0.1 http thttpd 2.25b Security Bypass Vulnerabilities _

[SECURITY] [DSA 1621-1] New icedove packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1621-1 [EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff July 27, 2008

[ MDVSA-2008:155-1 ] - Updated Thunderbird packages fix multiple vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2008:155-1 http://www.mandriva.com/security/ ___

how to request a cve id?

hi, i'd like to know, how to request a cve id when a vulnerability has been discovered. thanks

[SECURITY] [DSA 1620-1] New python2.5 packages fix several vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1620-1 [EMAIL PROTECTED] http://www.debian.org/security/ Moritz Muehlenhoff July 27, 2008

[SECURITY] [DSA 1619-1] New python-dns packages fix DNS response spoofing

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1619-1 [EMAIL PROTECTED] http://www.debian.org/security/ Devin Carraway July 27, 2008