1. General Information
sNews is a free content management system (CMS) written in PHP and MySQL. It is
available at http://snewscms.com/. In April 2011, Bkis Security discovered an
XSS (Cross-site Scripting) vulnerability in sNews CMS version 1.7.1. Taking
advantage of this vulnerability
[Bkis-04-2010] Multiple Vulnerabilities in OpenBlog
1. General Information
OpenBlog is a free software for developing blogging platform. OpenBlog is
written on PHP language and available at http://www.open-blog.info. In
August 2010, Bkis Security discovered some XSS, CSRF vulnerabilities
[Bkis-03-2010] Vulnerability in Flash Slideshow Maker
1. General Information
Flash Slideshow Maker is a Flash album creator to make animated photo slide
show with SWF file as the output format. Bkis has just detected a
vulnerability in the software related to the processing of Flash Slideshow
[Bkis-13-2009] e107 Multiple Vulnerabilities
1. General Information
e107 is a free content management system (CMS) written in PHP language
and is available at http://e107.org/news.php . In October 2009, Bkis
Security discovered a number of XSS and Blind SQL Injection
vulnerabilities
[Bkis-11-2009] ProShow Gold Buffer Overflow Vulnerabilities
1. General Information
ProShow Gold is a software allowing you easily create photo and video
slide shows on DVD, PC and Web. Recently, Bkis has just detected
vulnerabilities in the software related to the processing of ProShow
controllers.
In March 2009, Bkis has just detected a vulnerability in this software.
This vulnerability arises from the way MPLAB IDE processes IDE Project
files with extension of .mcp. It could lead to a critical buffer
overflow error that allows hackers to execute malicious code on users’
systems
010 Editor Multiple Buffer Overflow Vulnerabilities
1. General Information
010 Editor is a text editor and hex editor, with a lot of functions as
view and edit binary files, analyze and edit binary data, import and
export binary data in many different formats.
Bkis has just found many
Bkis Conficker Scanner
As Conficker is spreading widely, Bkis has released Bkis Conficker
Scanner to help administrators detect infected PCs in any network systems.
Download and look for more details here : http://security.bkis.vn/?p=560
Bkis
[Bkis-06-2009] GOM Player Subtitle Buffer Overflow Vulnerability
1. General Information
GOM Player is a popular multimedia player supporting multiple media
formats (avi, mpeg,…). In March 2009, Bkis has detected a vulnerability
in this software. With this vulnerability, users might lose
PowerCHM Stack-based Buffer Overflow
1. General Information
PowerCHM is a tool that can create CHM files from Html Files, Text
Files, Microsoft Word Documents and Adobe Acrobat Document.
In March 2009, Bkis has just detected a vulnerability in the software,
related to the processing
subtitle.
Bkis has just found a vulnerability in the software, related to the
processing of subtitle files in srt format. Taking advantage of the flaw,
hackers can perform denial of service attack or, if successfully exploit,
remote code execution. We have sent the report to the vendor.
Details : http
Multiple Vulnerabilities found in Rapidleech
1. General Information
Rapidleech is a Web based application supporting file upload and download on
the Internet, especially files from popular sites such as rapidshare.com,
megaupload.com, depositfiles.com.
On March 03, 2009, Bkis has detected
Title : FeedDemon Buffer OverFlow Vulnerability
1. General Information
FeedDemon is known as the most popular Windows RSS Reader which allows users
to view and manage easily RSS feeds from their desktop. In January 2009,
SVRT-BKIS detected a buffer overflow vulnerability in this software
[SVRT-01-09] Redirection Vulnerability in Yahoo! Advertising Service
1. General Information
On December 22, 2008, SVRT-BKIS found a vulnerability in Yahoo! Wap Service.
This is the second vulnerability discovered by BKIS in cell phone Web
platform, the first one was found in Google Wap Proxy
[SVRT-08-08] Google Wap Proxy Vulnerability can be exploited by Hackers to
attack Internet Users
1. General Information
On 15 December 2008, SVRT-BKIS, from BKIS Center, has found a vulnerability
in the Wap Proxy service of Google, which allows hackers to cheat Internet
users.
With this flaw
-12-2008
Discovered by : SVRT-Bkis
Attack Type : Authentication Mechanism Bypass
Security Rating : Critical
Impact : Loss of Confidentiality and Integrity
Affected Software : Lenovo Veriface III (prior version is vulnerable)
Asus SmartLogon V1.0.0006 (prior version
MULTI SECURITY VULNERABILITIES IN MVNFORUM
1. General Information
mvnForum is software used for creating forums on the Internet
(http://www.mvnforum.com). This is an open source software making use of
Java J2EE (ISP/Servlet) technology.
On September 6 2008, SVRT-Bkis found several CSRF and XSS
17 matches
Mail list logo
