[Full-disclosure] VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 --- VMware Security Advisory Advisory ID: VMSA-2012-0014 Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates Issue d

[Full-disclosure] Team SHATTER Security Advisory: Java Operating System command execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Java Operating System command execution. Risk Level: High Affected versions: Sybase ASE 15.0, 15.5 and 15.7 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Marti

[Full-disclosure] Team SHATTER Security Advisory: Elevated roles through DBCC

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Elevated roles through DBCC Risk Level: High Affected versions: Sybase ASE 15.0, 15.5, 15.7 Remote exploitable: No Credits: This vulnerability was discovered and researched by Martin Rakhmanov of Applicatio

[Full-disclosure] Team SHATTER Security Advisory: Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 AppSecInc Team SHATTER Security Advisory Multiple SQL Injection in Oracle Enterprise Manager (SQL Tunning Sets components). Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 (and previous patchsets) R

[Full-disclosure] Team SHATTER Security Advisory: XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 AppSecInc Team SHATTER Security Advisory XML file disclosure vulnerability via GET_WRAP_CFG_C and GET_WRAP_CFG_C2 system stored procedures. Risk Level: Medium Affected versions: IBM DB2 LUW 9.1, 9.5, 9.7, 10.1 Remote exploitable: No Credits: This

[Full-disclosure] Team SHATTER Security Advisory: JAR file overwrite vulnerability via SQLJ.DB2_INSTALL_JAR system stored

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 AppSecInc Team SHATTER Security Advisory JAR file overwrite vulnerability via SQLJ.DB2_INSTALL_JAR system stored procedure. Risk Level: High Affected versions: IBM DB2 LUW 9.1, 9.5, 9.7, 10.1 Remote exploitable: No Credits: This vulnerability was

[Full-disclosure] Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters

Hi @ll, the Ogg DirectShow filters available from are distributed with and install vulnerable MSVC++ 2008 runtime libraries MSVC?90.DLL. See and resp.

[Full-disclosure] XnView JLS File Decompression Heap Overflow

XnView JLS File Decompression Heap Overflow Summary XnView Formats PlugIn is prone to an overflow condition. The JLS Plugin (xjpegls.dll) library fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted JLS compressed image file, a con