Re: [Full-disclosure] [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution

Hi there, I try to start a smart analysis about this bug. If you are interested for more details check: http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html -- http://extraexploit.blogspot.com ___ Full-Disclosure -

Re: [Full-disclosure] [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution

Hi to all, I have just publish some screenshot for some details of this bug. If you are interested check: http://extraexploit.blogspot.com/2010/11/full-disclosure-xplpdf-adober-reader-94.html Regards On Wed, Nov 3, 2010 at 2:00 PM, s...@hushmail.com wrote: A mystery inside an enigma.

[Full-disclosure] Spree e-commerce JSON Hijacking Vulnerabilities - CVE-2010-3978

Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team (VDT) http://www.checkpoint.com/defense/ Spree e-commerce JSON Hijacking Vulnerabilities CVE-2010-3978

[Full-disclosure] Malware Collections and Feed Exchange

Dear All, I'm really proud to announce that the first stage of the Dissect.pe project is in beta now! The idea of the project is to provide a free interface for malware analysis, similar to other existing projects, but with advances that will be announced when we start freely dissecting samples.

[Full-disclosure] [ MDVSA-2010:155-1 ] mysql

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:155-1 http://www.mandriva.com/security/

[Full-disclosure] [CORE-2010-0825] Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch 1. *Advisory Information* Title: Apple OS X ATSServer CFF CharStrings INDEX Sign Mismatch

[Full-disclosure] [USN-1008-4] libvirt regression

=== Ubuntu Security Notice USN-1008-4 November 08, 2010 libvirt regression https://launchpad.net/bugs/665531 === A security issue affects the following Ubuntu releases: Ubuntu

[Full-disclosure] ZDI-10-236: SAP NetWeaver Composition Environment sapstartsrv.exe Remote Code Execution Vulnerability

ZDI-10-236: SAP NetWeaver Composition Environment sapstartsrv.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-236 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: SAP -- Affected Products: SAP NetWeaver --

[Full-disclosure] ZDI-10-237: Novell GroupWise Internet Agent Content-Type Multiple Value Parsing Remote Code Execution Vulnerability

ZDI-10-237: Novell GroupWise Internet Agent Content-Type Multiple Value Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-237 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell

[Full-disclosure] ZDI-10-238: Novell GroupWise Internet Agent Content-Type String Parsing Remote Code Execution Vulnerability

ZDI-10-238: Novell GroupWise Internet Agent Content-Type String Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-238 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Groupwise --

[Full-disclosure] ZDI-10-239: Novell GroupWise Internet Agent RRULE Parsing Remote Code Execution Vulnerability

ZDI-10-239: Novell GroupWise Internet Agent RRULE Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-239 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Groupwise --

[Full-disclosure] ZDI-10-240: Novell GroupWise Internet Agent COMMENT Parsing Remote Code Execution Vulnerability

ZDI-10-240: Novell GroupWise Internet Agent COMMENT Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-240 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Groupwise --

[Full-disclosure] ZDI-10-241: Novell GroupWise Internet Agent Content-Type Parsing Integer Signedness Remote Code Execution Vulnerability

ZDI-10-241: Novell GroupWise Internet Agent Content-Type Parsing Integer Signedness Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-241 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell

[Full-disclosure] ZDI-10-242: Novell Groupwise Internet Agent IMAP LIST Command Remote Code Execution Vulnerability

ZDI-10-242: Novell Groupwise Internet Agent IMAP LIST Command Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-242 November 8, 2010 -- CVSS: 9, (AV:N/AC:L/Au:N/C:P/I:P/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Groupwise --

[Full-disclosure] ZDI-10-243: Novell GroupWise Internet Agent TZNAME Parsing Remote Code Execution Vulnerability

ZDI-10-243: Novell GroupWise Internet Agent TZNAME Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-243 November 8, 2010 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Novell -- Affected Products: Novell Groupwise --

Re: [Full-disclosure] [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution

CVE assigned CVE-2010-4091 On Mon, Nov 8, 2010 at 2:47 PM, exploit dev extraexpl...@gmail.com wrote: Hi to all, I have just publish some screenshot for some details of this bug. If you are interested check:

[Full-disclosure] Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP

Hackito Ergo Sum 2011 - Call For Paper - HES2011 CFP ** http://hackitoergosum.org ** 7-9 April 2011 / Paris / France 111