date:20090819

CORE-2009-0727: Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability

2009-08-19 Thread CORE Security Technologies Advisories

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability 1. *Advisory Information* Title: Libpurple msn_slplink_process_msg() Arbitrary

[SECURITY] [DSA 1868-1] New kde4libs packages fix several vulnerabilities

2009-08-19 Thread Steffen Joeris

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1868-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris August 19, 2009

rPSA-2009-0118-1 mod_dav_svn subversion

2009-08-19 Thread rPath Update Announcements

rPath Security Advisory: 2009-0118-1 Published: 2009-08-18 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Remote System User Deterministic Denial of Service Updated Versions: mod_dav_svn=conary.rpath@rpl:2/1.4.6-2.2-1

[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities

2009-08-19 Thread Steffen Joeris

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1867-1 secur...@debian.org http://www.debian.org/security/ Steffen Joeris August 19, 2009

rPSA-2009-0119-1 apr apr-util

2009-08-19 Thread rPath Update Announcements

rPath Security Advisory: 2009-0119-1 Published: 2009-08-18 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 1 rPath Linux 2 Rating: Severe Exposure Level Classification: Remote Deterministic Denial of Service Updated

rPSA-2009-0121-1 kernel open-vm-tools

2009-08-19 Thread rPath Update Announcements

rPath Security Advisory: 2009-0121-1 Published: 2009-08-18 Products: rPath Appliance Platform Linux Service 1 rPath Appliance Platform Linux Service 2 rPath Linux 2 Rating: Minor Exposure Level Classification: Local Root Deterministic Unauthorized Access Updated Versions:

ZDI-09-058: Oracle Secure Backup Administration Server Authentication Bypass Vulnerability

2009-08-19 Thread ZDI Disclosures

ZDI-09-058: Oracle Secure Backup Administration Server Authentication Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-058 -- CVE ID: CVE-2009-1977 -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- Vulnerability Details: This vulnerability allows

ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities

2009-08-19 Thread ZDI Disclosures

ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-09-059 -- CVE ID: CVE-2009-1978 -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- Vulnerability Details: This vulnerability

[ MDVSA-2009:206 ] wget

2009-08-19 Thread security

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:206 http://www.mandriva.com/security/

Re: Elkapax CMS Cross site scripting vulnerability

2009-08-19 Thread security curmudgeon

: Title: Elkapax CMS Multiple Vulnerabilities : : Vendor: www.elkapax.com : Fix: N/A : Elkapax is a CMS producer in Iran. Search page in Elkapax CMS : : product are vulnerable to XSS vulnerability. : : Cross Site Scripting vulnerability in Search page in q parameter. : :

[USN-802-2] Apache regression

2009-08-19 Thread Marc Deslauriers

=== Ubuntu Security Notice USN-802-2August 19, 2009 apache2 regression https://launchpad.net/bugs/409987 === A security issue affects the following Ubuntu releases: Ubuntu

Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability

2009-08-19 Thread Cisco Systems Product Security Incident Response Team

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability Advisory ID: cisco-sa-20090819-fwsm http://www.cisco.com/warp/public/707/cisco-sa-20090819-fwsm.shtml Revision 1.0 For Public Release 2009 August 19 1600 UTC (GMT

Adobe Flex 3.3 SDK DOM-Based XSS

2009-08-19 Thread labs

== Adobe Flex 3.3 SDK DOM-Based XSS Public Release Date: 8/19/2009 Adam Bixby - Gotham Digital Science Affected Software: Adobe Flex 3.3 SDK and earlier == 1. Summary

[SECURITY] [DSA 1869-1] New curl packages fix SSL certificate verification weakness

2009-08-19 Thread Nico Golde

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-1869-1secur...@debian.org http://www.debian.org/security/ Nico Golde August 19th, 2009

iDefense Security Advisory 08.11.09: Microsoft Office Web Components 2000 Buffer Overflow Vulnerability

2009-08-19 Thread iDefense Labs

iDefense Security Advisory 08.11.09 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 11, 2009 I. BACKGROUND Office Web Components is a group of ActiveX controls that can be used to view and edit Microsoft Office files such as spreadsheets and charts. It is commonly used to allow a user

CORE-2009-0727: Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability

[SECURITY] [DSA 1868-1] New kde4libs packages fix several vulnerabilities

rPSA-2009-0118-1 mod_dav_svn subversion

[SECURITY] [DSA 1867-1] New kdelibs packages fix several vulnerabilities

rPSA-2009-0119-1 apr apr-util

rPSA-2009-0121-1 kernel open-vm-tools

ZDI-09-058: Oracle Secure Backup Administration Server Authentication Bypass Vulnerability

ZDI-09-059: Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities

[ MDVSA-2009:206 ] wget

Re: Elkapax CMS Cross site scripting vulnerability

[USN-802-2] Apache regression

Cisco Security Advisory: Firewall Services Module Crafted ICMP Message Vulnerability

Adobe Flex 3.3 SDK DOM-Based XSS

[SECURITY] [DSA 1869-1] New curl packages fix SSL certificate verification weakness

iDefense Security Advisory 08.11.09: Microsoft Office Web Components 2000 Buffer Overflow Vulnerability

15 matches

Site Navigation

Mail list logo

Footer information