===ADVISORY===
Systems Affected:.NET 4 - Microsoft Chart Control
Severity:High
Category:Information Disclosure
Author: Context Information Security Ltd
Reported to vendor: 3rd October 2010
Advisory
Hi guys :)
Welcome to day 11 of amazing k-rad-tastic MOHSEP. The only security project
with more photoshops than travisto has bugs in Flash. Remember Travis, a
single case file does not equal a bug! It does not equal a funny photoshop
either which is why we only publish the very best submissions.
Is there a POC or an exploit already for this vulnerability ?
On Thu, Aug 11, 2011 at 9:38 PM, Context IS - Disclosure
disclos...@contextis.co.uk wrote:
===ADVISORY===
Systems Affected: .NET 4 - Microsoft Chart Control
Severity:
Hello All, here we are with issue19 of ClubHack Mag for the month of August
2011. Unlike other issues, this is not theme based!
This issue covers following articles:-
0x00 Tech Gyan - Gonna' Break It On Down Gonna' Kick It Root Down
0x01 Tool Gyan - SniffJoke – Defeating Interception Framework
CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat)
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 7.0.0 to 7.0.19
Tomcat 6.0.30 to 6.0.32
Tomcat 5.5.32 to 5.5.33
Description:
Due to a bug in the capabilities code, jsvc (the service
CVE-2011-2481: Apache Tomcat information disclosure vulnerability
Severity: low
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 7.0.0 to 7.0.16
Previous versions are not affected.
Description:
The re-factoring of XML validation for Tomcat 7.0.x re-introduced the
vulnerability
wow. this is just fucking crazy. any thought on who was behind it? i can not
find anyone taking credit. does anyone else think mayhaps the government
might have some thing to do with this?
On Thu, Aug 11, 2011 at 8:44 AM, Basan ba...@gmx.us wrote:
- Original Message -
From: -=
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2293-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
August 12, 2011
Information
Name : EChat Server = v2.5
Software : E Chat Server
Vendor Homepage : http://www.echatserver.com/
Vulnerability Type : Remote Buffer Overflow Exploit
Severity : High
Researcher : Juan Sacco (Runlvl) jsacco [at] insecurityresearch [dot]
com
Description
These guys just ought to be really happy it's a fricken pain in the
ass to get mod_frontpage 5.2 working these days or some highly annoyed
person could start churning up a private exploit for the known
associated vulnerability. That or fire up canvas/core impact(I don't
remember which one had the
ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-252
August 8, 2011
-- CVE ID:
CVE-2011-0257
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
ZDI-11-253: Adobe Flash Player BitmapData.scroll Integer Overflow Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-253
August 12, 2011
-- CVE ID:
CVE-2011-2138
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
12 matches
Mail list logo
