|
|
Colapse all |
Post message
{Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS 2010-08-30 Lostmon lords (lostmon gmail com) R7-0036: FCKEditor.NET File Upload Code Execution 2010-08-30 HD Moore (HD_Moore rapid7 com) R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote [ more ] [ reply ] [0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code execution 2010-08-30 Reversemode (advisories reversemode com) _____________________________________ HTML Version http://www.reversemode.com/index.php?option=com_content&task=view&id=69& Itemid=1 ______________________________________ The scenario would be as follows: Victim prerequisites: * Internet Explorer. * XP,Vista,W7. * Apple Quicktime 7.x, 6.x ( 20 [ more ] [ reply ] [SECURITY] [DSA 2099-1] New OpenOffice.org packages fix arbitrary code execution 2010-08-30 joey infodrom org (Martin Schulze) Notepad++ version 5.7 Insecure DLL Hijacking Vulnerability 2010-08-28 YGN Ethical Hacker Group (lists yehg net) 1. OVERVIEW The Notepad++ application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Based on the powerful editing [ more ] [ reply ] Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll) 2010-08-28 YGN Ethical Hacker Group (lists yehg net) 1. OVERVIEW The Maxthon Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Maxthon Browser is a po [ more ] [ reply ] ekoparty Security Conference 2010 Announcements 2010-08-30 Federico Kirschbaum (fedek infobyte com ar) [ * ] ekoparty Security Conference and Trainings - 6th edition [ * ] http://www.ekoparty.org Trainings: September 13-15 / Conference: September 16-17, 2010 Ciudad Autonoma de Buenos Aires, Argentina [*] WHAT? ekoparty is a one-of-a-kind event in South America; an annual security conference he [ more ] [ reply ] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll) 2010-08-28 YGN Ethical Hacker Group (lists yehg net) (1 replies) 1. OVERVIEW The QtWeb Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION QtWeb Browser is a lightw [ more ] [ reply ] Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll) 2010-08-30 security curmudgeon (jericho attrition org) Microsoft Windows wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll) 2010-08-27 info securitylab ir ===================================================================== Founded By: Kamran Safaei Tabrizi(k4mr4n_st(at)yahoo(dot)com) Securitylab Security Research Team Website: http://www.securitylab.ir Special Thanks: Mazo shinozuki, BangoDragon ====================================================== [ more ] [ reply ] Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability 2010-08-28 Cisco Systems Product Security Incident Response Team (psirt cisco com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability Advisory ID: cisco-sa-20100827-bgp Revision 1.0 For Public Release 2010 August 27 2200 UTC (GMT) +------------------------------------------------------------------ [ more ] [ reply ] The Smarter Safer Better Seminar Series 2010-08-27 Pete Herzog (lists isecom org) ISECOM presents Smarter Safer Better! http://www.isecom.org/seminars The failure to figure out correctly who to trust, what is safe, and how we are secure is how people get manipulated, cheated, scammed, and stolen from all the time in so many ways. This doesn't just come from thieves and hacker [ more ] [ reply ] [SECURITY] [DSA 2098-1] New typo3-src packages fix several vulnerabilities 2010-08-29 Thijs Kinkhorst (thijs debian org) [SECURITY] [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities 2010-08-29 Thijs Kinkhorst (thijs debian org) Flash Player 9 DLL Hijacking Exploit (schannel.dll) 2010-08-27 info securitylab ir ======================================================= Flash player 9.exe DLL Hijacking Exploit (schannel.dll) ======================================================= Founded By: Securitylab.ir (Kamran Safaei Tabrizi) ======================================================= include "stdafx.h" [ more ] [ reply ] wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness 2010-08-27 Richard Moore (rich westpoint ltd uk) Westpoint Security Advisory --------------------------- Title: Multiple Browser Wildcard Cerficate Validation Weakness Risk Rating: Low Author: Richard Moore <rich (at) westpoint.ltd (dot) uk [email concealed]> Test Cases: Simon Ward <simon (at) westpoint.ltd (dot) uk [email concealed]> Date: 14 July 2010 Advisory ID#: wp-10-0001 U [ more ] [ reply ] [USN-979-1] okular vulnerability 2010-08-27 Steve Beattie (sbeattie ubuntu com) =========================================================== Ubuntu Security Notice USN-979-1 August 27, 2010 kdegraphics vulnerability CVE-2010-2575 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 9.04 Ubuntu 9.1 [ more ] [ reply ] [USN-974-2] Linux kernel regression 2010-08-26 Jamie Strandboge (jamie canonical com) =========================================================== Ubuntu Security Notice USN-974-2 August 26, 2010 linux regression https://launchpad.net/bugs/620994 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 [ more ] [ reply ] ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities 2010-08-26 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-167 August 26, 2010 -- CVE ID: CVE-2010-3000 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: RealNetworks -- Affected Products: RealNetworks [ more ] [ reply ] ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability 2010-08-26 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-166 August 26, 2010 -- CVE ID: CVE-2010-2996 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: RealNetworks -- Affected Products: RealNetwor [ more ] [ reply ] BlastChat Chat Client Component version 3.3 <= Cross Script Scripting (XSS) Vulnerability 2010-08-25 YGN Ethical Hacker Group (lists yehg net) ======================================================================== ================== BlastChat Chat Client Component version 3.3 <= Cross Script Scripting (XSS) Vulnerability ======================================================================== ================== 1. OVERVIEW The BlastCha [ more ] [ reply ] Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability 2010-08-25 YGN Ethical Hacker Group (lists yehg net) ===================================================================== Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability ===================================================================== 1. OVERVIEW The Joomla! Component com_bc was vulnerable to Cross Script Scripting (XSS) [ more ] [ reply ] [HITB-Announce] HITB2010 SIGNINT Sessions 2010-08-26 Hafez Kamal (aphesz hackinthebox org) Hack In The Box is proud to announce, a brand new lightning session called HITB SIGINT (Signal Intelligence/Interrupt)! HITB SIGINT sessions are designed to provide a quick 15 minute overview for material and research that's up and coming - stuff that isn't quite ready for the mainstream tracks of t [ more ] [ reply ] SQL injection vulnerability in CompuCMS 2010-08-26 advisory htbridge ch Vulnerability ID: HTB22585 Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_compucms_ 2.html Product: CompuCMS Vendor: CompuSoft A/S ( http://www.compusoft.dk/ ) Vulnerable Version: Current at 06.08.2010 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulner [ more ] [ reply ] SQL injection vulnerability in CompuCMS 2010-08-26 advisory htbridge ch Vulnerability ID: HTB22582 Reference: http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_compucms. html Product: CompuCMS Vendor: CompuSoft A/S ( http://www.compusoft.dk/ ) Vulnerable Version: Current at 06.08.2010 and Probably Prior Versions Vendor Notification: 09 August 2010 Vulnerab [ more ] [ reply ] |
|
Privacy Statement |
Safari for windows Invalid SGV text style Webkit.dll DoS
Vendor URL:www.apple.com
Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-
sgv-text.html
Vendor notify :Yes exploit available :YES
#####################################
[ more ] [ reply ]