|
|
Colapse all |
Post message
Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability 2013-02-20 demetris papapetrou (demetrispapapetrou gmail com) ====================================================================== Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability ====================================================================== Software: Alt-N MDaemon v13.0.3 and prior versions Vendor: http://www.altn.com/ Vuln Typ [ more ] [ reply ] [slackware-security] mozilla-thunderbird (SSA:2013-050-02) 2013-02-20 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2013-050-02) New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------- [ more ] [ reply ] [slackware-security] mozilla-firefox (SSA:2013-050-01) 2013-02-20 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2013-050-01) New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: +--------------------------+ p [ more ] [ reply ] APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 2013-02-19 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 is now available and addresses the following: Java Available for: OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-13:02.libc 2013-02-19 FreeBSD Security Advisories (security-advisories freebsd org) SQLi found in Kodak Insite 2013-02-19 robert hipcrime com Hello ... While investigating a recent installation of Kodak's Insite Creative Workflow System (for my current employer), an SQL Injection vulnerability was discovered in its "Forgot Your Password?" page. An example of this application can be seen on the Kodak site. https://creativeworkflow.ko [ more ] [ reply ] Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. 2013-02-19 George Clark (geonwiki fenachrone com) ---+ Security Alert: Code injection vulnerability in MAKETEXT macro This advisory alerts you of a potential security issue with your Foswiki installation. A vulnerability has been reported against the core Perl module CPAN:Locale::Maketext [1], which Foswiki uses to provide translations when {UserI [ more ] [ reply ] FreeBSD Security Advisory FreeBSD-SA-13:01.bind 2013-02-19 FreeBSD Security Advisories (security-advisories freebsd org) Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability 2013-02-18 nauty me04 gmail com ############################# Exploit Title : Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/responsive-logo-slideshow/ C [ more ] [ reply ] [SECURITY] [DSA 2628-1] nss-pam-ldapd security update 2013-02-18 Moritz Muehlenhoff (jmm debian org) Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability 2013-02-18 nauty me04 gmail com ############################# Exploit Title : Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability Author: Aditya Balapure home: http://adityabalapure.blogspot.in/ Date: 18/02/13 software link: http://wordpress.org/extend/plugins/marekkis-watermark/ CVE Assigned - CVE-2013 [ more ] [ reply ] PHP-Fusion 7.02.05 SQL Injection 2013-02-16 Krzysztof Katowicz-Kowalewski (vnd vndh net) SQL Injection vulnerability exists in releases since 7.02.01 till 7.02.05 of PHP-Fusion CMS. The vulnerability allows the attacker to authenticate as an arbitrary user and act with its rights which might lead to the code execution. Because of exploitation simplicity, the potential risk is very high. [ more ] [ reply ] [IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow 2013-02-16 Inshell Security (info inshell net) Multiple Vulnerabilities in Netgear DGN2200B 2013-02-16 devnull s3cur1ty de Device Name: DGN2200B Vendor: Netgear ============ Vulnerable Firmware Releases: ============ Hardwareversion DGN2200B Firmwareversion V1.0.0.36_7.0.36 - 04/01/2011 ============ Device Description: ============ Infos: http://www.netgear.com/home/products/wirelessrouters/work-and-play/dgn22 [ more ] [ reply ] Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable 2013-02-18 Adam Laurie (adam algroup co uk) Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) 2013-02-17 Fernando Gont (fgont si6networks com) (1 replies) Folks, A while ago we had published an IETF Internet-Draft about IPv6 Network Reconnaissance ("Network Reconnaissance in IPv6 Networks", available at: <http://tools.ietf.org/html/draft-ietf-opsec-ipv6-host-scanning-00>). Our scan6 tool (part of the SI6 Networks' IPv6 toolkit <http://www.si6network [ more ] [ reply ] Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) 2013-02-17 Marc Heuse (mh mh-sec de) SI6 Networks IPv6 Toolkit v1.3 released! 2013-02-16 Fernando Gont (fgont si6networks com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Folks, We are pleased to release the SI6 Networks' IPv6 Toolkit v1.3: a security assessment and trouble-shooting toolkit for the IPv6 protocol suite. The toolkit is available at: <http://www.si6networks.com/tools/ipv6toolkit>, where you can find a the [ more ] [ reply ] CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities 2013-02-15 CORE Security Technologies Advisories (advisories coresecurity com) Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ CORE-2012-1128 1. *Advisory Information* Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulne rabilities D [ more ] [ reply ] Empirum Password Obfuscation Design Flaw 2013-02-14 otr bockcay de # Vuln Title: Empirum Password Obfuscation Design Flaw # Date: 20.12.2012 # Author: otr # Software Link: http://www.matrix42.com/products/workplace-automation-empirum/ # Version: 14.0 # Tested on: Windows # CVE : To be assigned # Risk: medium # Type: Privilege Escalation # Vendor: Matrix42 # STATU [ more ] [ reply ] [IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption 2013-02-14 Inshell Security (info inshell net) |
|
Privacy Statement |
Product: glFusion
Vendor: http://www.glfusion.org/
Vulnerable Version(s): 1.2.2 and probably prior
Tested Version: 1.2.2
Vendor Notification: January 30, 2013
Vendor Patch: January 30, 2013
Public Disclosure: February 20, 2013
Vulnerability Type: Cross-Site Scripting [CWE-79
[ more ] [ reply ]