===
Ubuntu Security Notice USN-1011-3 October 29, 2010
xulrunner-1.9.1, xulrunner-1.9.2 vulnerability
CVE-2010-3765
===
A security issue affects the following Ubuntu releases:
==
Secunia Research 29/10/2010
- Adobe Shockwave Player pamm Chunk Parsing Vulnerability -
==
Table of Contents
Affected
==
Secunia Research 29/10/2010
- Adobe Shockwave Player DEMX Chunk Parsing Vulnerability -
==
Table of Contents
Affected
==
Secunia Research 29/10/2010
- SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX Control -
- Install3rdPartyComponent() Method Buffer Overflow -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02573176
Version: 1
HPSBMA02605 SSRT100238 rev.1 - HP Insight Managed System Setup Wizard for
Windows, Remote Arbitrary File Download
NOTICE: The information in this Security Bulletin should
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02571464
Version: 1
HPSBMA02604 SSRT100320 rev.1 - HP Insight Recovery for Windows, Remote Cross
Site Scripting (XSS), Arbitrary File Download
NOTICE: The information in this Security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02574359
Version: 1
HPSBMA02600 SSRT100239 rev.1 - HP Insight Control Performance Management for
Windows, Remote Arbitrary File Download
NOTICE: The information in this Security Bulletin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02573285
Version: 1
HPSBMA02606 SSRT100321 rev.1 - HP Insight Orchestration Software for Windows,
Remote Arbitrary File Download, Unauthorized Access
NOTICE: The information in this Security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:219
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02573692
Version: 1
HPSBMA02607 SSRT100214 rev.1 - HP Insight Control for Linux, Remote Cross Site
Request Forgery (CSRF)
NOTICE: The information in this Security Bulletin should be acted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02563642
Version: 1
HPSBMA02602 SSRT100317 rev.1 - HP Insight Control Performance Management for
Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Cross Site
Request Forgery
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02560655
Version: 2
HPSBMA02598 SSRT100314 rev.2 - HP Insight Control Virtual Machine Management
for Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Cross
Site Request
Dear All,
The final list of speakers is available for H2HC 2010:
http://www.h2hc.com.br/en/.
It is my pleasure to announce that the final list of speakers is
available for H2HC in São Paulo. The list for Cancun will be available
soon (http://www.h2hc.com.br/cancun/)! It was a real challenge
Hi, everyone!
As so many highlights have been given on Intrusion Detection System and
Intrusion Prevention System evasions (?) last week, I decided to send this
message just to let you all know that I published a brand-new sample video,
demonstrating two Exploit Next GenerationR example modules,
Audacity = 1.3 DLL Hijacking Vulnerability
Name Audacity
Vendorhttp://audacity.sourceforge.net
Versions Affected = 1.3 Beta
AuthorSalvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at]
Audacity = 1.3 Beta Multiple Local Vulnerabilities
Name Audacity
Vendorhttp://audacity.sourceforge.net
Versions Affected = 1.3 Beta
AuthorSalvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:214
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:215
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:216
http://www.mandriva.com/security/
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Memory corruption when Adobe Shockwave Player parses .dir media
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
cforms WordPress Plugin Cross Site Scripting Vulnerability
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Memory corruption when Adobe Shockwave Player parses .dir media
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Memory corruption when Adobe Shockwave Player parses .dir media
Dear List,
I'm writing on behalf of the Check Point Vulnerability Discovery Team to
publish the following vulnerability.
Check Point Software Technologies - Vulnerability Discovery Team (VDT)
http://www.checkpoint.com/defense/
Memory corruption when Adobe Shockwave Player parses .dir media
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:217
http://www.mandriva.com/security/
Hello Bugtraq!
I want to warn you about Cross-Site Scripting and SQL Injection
vulnerabilities in CMS WebManager-Pro. It's Ukrainian commercial CMS.
-
Affected products:
-
Vulnerable are CMS WebManager-Pro v.7.4.3 (version from FGS_Studio) and
'WSN Links' SQL Injection Vulnerability (CVE-2010-4006)
Mark Stanislav - mark.stanis...@gmail.com
I. DESCRIPTION
---
A vulnerability exists in the search.php code that allows for SQL injection of
various parameters. By assembling portions of SQL code between
1. VULNERABILITY DESCRIPTION
Potential SQL Injection Flaws were detected Joomla! CMS version
1.5.20. These flaws were reported along with our Cross Scripting Flaw
which was fixed in 1.5.21. Developers believed that our reported SQL
Injection flaws are not fully exploitable because of Joomla!
Hello Bugtraq readers, the CFP for YSTS V is now open!
---
YSTS 5th Edition
Sao Paulo, Brazil
May 16th, 2011
Call for Papers Opens: November 1st 2010
Call for Papers Close: February 28th 2011
http://www.ysts.org
@ystscon
INTRODUCTION
Following the success of previous editions, the 5th
Call for Papers!
The International Conference on Cyber Conflict
Cooperative Cyber Defence Centre of Excellence, Tallinn, Estonia
Co-Sponsored by IEEE
http://www.ccdcoe.org/ICCC
In 2011, the conference will focus on a combination of defensive and
offensive aspects of *Cyber Forces*.
The
30 matches
Mail list logo