-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jann Horn wrote:
> 2012/2/25 Dimitris Glynos :
>> Pidgin transmits OTR (off-the-record) conversations over DBUS in
>> plaintext. This makes it possible for attackers that have gained
>> user-level access on a host, to listen in on private conversat
OpenCMS <= 7.5.3 multiple vulnerabilities
Name: OpenCMS <= 7.5.3 multiple vulnerabilities
Systems Affected: OpenCMS <= 7.5.3
Severity: High
Vendor: http://www.opencms.org
Advisory: http://antisnatchor.com/opencms_7.5.3_multiple_vulnerabilities
Author: Michele "antisnatchor" Orru (michele.orr
Pentaho 1.7.0.1062 Multiple Vulnerabilities
Name Multiple Vulnerabilities in Pentaho
Systems Affected Pentaho <= 1.7.0.1062
Severity High
Impact (CVSSv2) High 7/10, vector: (AV:N/AC:L/Au:S/C:P/I:C/A:P)
Vendor http://www.pentaho.com
Advisory
http://antisnatchor.com/2009/06/20/pentaho-1701062
Eclipse BIRT <= 2.2.1 Reflected XSS
Vendor: Eclipse
Advisory: http://antisnatchor.com/2008/12/18/eclipse-birt-reflected-xss/
Author: Michele "euronymous" Orrù (euronymous AT antisnatchor DOT com)
Quite a common problem in a lot of Java based applications: reflected
XSS in Java stack trace.
A Re
