[Full-disclosure] [ MDVSA-2010:225-1 ] libmbfl

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:225-1 http://www.mandriva.com/security/

[Full-disclosure] ASPR #2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010

=[BEGIN-ACROS-REPORT]= PUBLIC = ACROS Security Problem Report #2010-11-10-3 - ASPR #2010-11-10-3: Remote Binary Planting in Microsoft Excel 2010

[Full-disclosure] ASPR #2010-11-10-2: Remote Binary Planting in Microsoft Word 2010

=[BEGIN-ACROS-REPORT]= PUBLIC = ACROS Security Problem Report #2010-11-10-2 - ASPR #2010-11-10-2: Remote Binary Planting in Microsoft Word 2010

[Full-disclosure] ASPR #2010-11-10-1: Remote Binary Planting in Microsoft PowerPoint 2010

=[BEGIN-ACROS-REPORT]= PUBLIC = ACROS Security Problem Report #2010-11-10-1 - ASPR #2010-11-10-1: Remote Binary Planting in Microsoft PowerPoint

[Full-disclosure] Secunia Research: Microsoft PowerPoint PP7X32.DLL Record Parsing Vulnerability

== Secunia Research 09/11/2010 - Microsoft PowerPoint PP7X32.DLL Record Parsing Vulnerability - == Table of Contents Affected

[Full-disclosure] Secunia Research: Microsoft Office Drawing Shape Container Parsing Vulnerability

== Secunia Research 09/11/2010 - Microsoft Office Drawing Shape Container Parsing Vulnerability - == Table of Contents Affected

[Full-disclosure] Reflected XSS in Ricoh Aficio Web Image Monitor v2.03

I was poking at some Ricoh MFPs several days ago, when I found this. It is nothing to get to terribly excited about as it's just a reflected XSS. However, the ability to abuse any trusted internal IP should be considered a threat. Companies have taken big hits from less. So without further ado,

[Full-disclosure] [USN-1015-1] libvpx vulnerability

=== Ubuntu Security Notice USN-1015-1 November 10, 2010 libvpx vulnerability CVE-2010-4203 === A security issue affects the following Ubuntu releases: Ubuntu 10.10 This

[Full-disclosure] [ MDVSA-2010:226 ] dhcp

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:226 http://www.mandriva.com/security/

[Full-disclosure] Vulnerability in Google AJAX Search

Hello Full-Disclosure! I want to warn you about Cross-Site Scripting vulnerability in Google AJAX Search. In 2007 I already wrote about vulnerability in Google Custom Search Engine (http://websecurity.com.ua/1050/) - CVE-2007-3484 (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3484),

Re: [Full-disclosure] Vulnerability in Google AJAX Search

Let me get this straightthe vulnerability was in some sample code (if so, you ought to check out the PHP manual)? Just asking... Chris. 2010/11/10 MustLive mustl...@websecurity.com.ua Hello Full-Disclosure! I want to warn you about Cross-Site Scripting vulnerability in Google AJAX

[Full-disclosure] [USN-1016-1] libxml2 vulnerability

=== Ubuntu Security Notice USN-1016-1 November 10, 2010 libxml2 vulnerability CVE-2010-4008 === A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu

[Full-disclosure] CORE-2010-1018 - Landesk OS command injection

Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Landesk OS command injection 1. *Advisory Information* Title: Landesk OS command injection Advisory Id: CORE-2010-1018 Advisory URL:

[Full-disclosure] Additional information on the Microsoft Office 2010 binary planting bugs

Microsoft patched three binary planting bugs in Office 2010 yesterday: PowerPoint: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-1-PUB.txt Word: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-2-PUB.txt Excel: http://www.acrossecurity.com/aspr/ASPR-2010-11-10-3-PUB.txt We're making some