BugTraq Mode:
(Page 248 of 1747)  < Prev  243 244 245 246 247 248 249 250 251 252 253  Next >
Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
jsibley1 gmail com
# Exploit Title: Word 2003 SP2 .doc fork bomb on WinXP SP3
# Exploit Author: absane
# Blog: http://blog.noobroot.com
# Discovery date: November 8th 2003
# Vendor Homepage: http://www.microsoft.com
# Tested on: Windows XP SP3 & Word 2003 SP2 (11.6568.6568)

[ more ]  [ reply ]
RE: FP BugCON 2014 - Mexico City 2013-11-07
Tamara Vera (tverac satelcorp net)
Ecuador?

-----Mensaje original-----
De: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] En nombre de Carlos A. Lozano
Enviado el: miércoles, 06 de noviembre de 2013 22:02
Para: bugtraq (at) securityfocus (dot) com [email concealed]; security-basics (at) securityfocus (dot) com [email concealed]; PaulDotCom Security Weekly Mailing List
A

[ more ]  [ reply ]
Apple MacOSX 10.9 Hard Link Memory Corruption 2013-11-07
submit cxsec org
Apple MacOSX 10.9 Hard Link Memory Corruption

Date: 08.11.2013
http://cxsecurity.com/
http://cvemap.org/

URL: http://cxsecurity.com/issue/WLB-2013110059

- 0. Description ---

In most UNIX-like systems a hard link to a directory is only reserved for the 'root' user when possible at all.
In MacOS

[ more ]  [ reply ]
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

Advisory ID: cisco-sa-20131106-sip

Revision 1.0

For Public Release 2013 November 6 16:00 UTC (GMT)

+------------------------------------------

[ more ]  [ reply ]
CFP BugCON 2014 - Mexico City 2013-11-07
Carlos A. Lozano (vendetta bugcon org)
-[ BugCON Security Conference: Safety is just a myth...! ]-

Call For Papers - BugCON 2014

_ .-. _
/o`\^/`o |o o | o o|
\o _|_ o/
`(@I@)`
/^
--[ Description

BugCON Security Conference is one of the most important security
conferences in Mexico. BugCON 2014 will

[ more ]  [ reply ]
Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory

Cisco WAAS Mobile Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20131106-waasm

Revision 1.0

For Public Release 2013 November 6 16:00 UTC (GMT)

+-----------------------------------------------------------------

[ more ]  [ reply ]
CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) 2013-11-06
Dirk-Willem van Gulik (dirkx webweaving org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Private key disclosure, Osirix (lite, 64bit and FDA cleader version)

CVE-2013-4425 (version 1.09)
CVSS Score: 8.4

Background:
===========

OsiriX is an image processing software dedicated to DICOM images (files
with a ".dcm" / ".DCM" extension)

[ more ]  [ reply ]
Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability 2013-11-06
Cisco Systems Product Security Incident Response Team (psirt cisco com)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability

Advisory ID: cisco-sa-20131106-tvxca

Revision 1.0

For Public Release 2013 November 6 16:00 UTC (GMT)

+----------------------------------

[ more ]  [ reply ]
CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass 2013-11-05
CORE Advisories Team (advisories coresecurity com)
Core Security - Corelabs Advisory
http://corelabs.coresecurity.com

Vivotek IP Cameras RTSP Authentication Bypass

1. *Advisory Information*

Title: Vivotek IP Cameras RTSP Authentication Bypass
Advisory ID: CORE-2013-0704
Advisory URL:
http://www.coresecurity.com/advisories/vivotek-ip-cameras-rtsp

[ more ]  [ reply ]
SQL Injection in appRain 2013-11-06
High-Tech Bridge Security Research (advisory htbridge com)
Advisory ID: HTB23177
Product: appRain
Vendor: appRain
Vulnerable Version(s): 3.0.2 and probably prior
Tested Version: 3.0.2
Advisory Publication: October 9, 2013 [without technical details]
Vendor Notification: October 9, 2013
Public Disclosure: November 6, 2013
Vulnerability Type: SQL Injectio

[ more ]  [ reply ]
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting 2013-11-05
advisories enkomio com
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting

I. * Information *
==================
Name : Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting
Software : Gallery Bank 2.0.19 and possibly below.
Vendor Homepage : http://gallery-bank.com/ htt

[ more ]  [ reply ]
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)
=============================================
INTERNET SECURITY AUDITORS ALERT 2013-005
- Original release date: 3rd March 2013
- Last revised: 10th March 2013
- Discovered by: Eduardo Garcia Melia
- Severity: 5.2/10 (CVSS Base Scored)
=============================================

I. VULNERABILIT

[ more ]  [ reply ]
Open-Xchange Security Advisory 2013-11-06 2013-11-06
Martin Braun (martin braun open-xchange com)
Product: Open-Xchange AppSuite
Vendor: Open-Xchange GmbH

Internal reference: 29147 (Bug ID)
Vulnerability type: CWE-80 (Improper Neutralization of Script-Related HTML Tags in a Web Page)
Vulnerable version: prior to 7.4.0
Vulnerable component: backend
Fixed version: 7.2.2-rev25, 7.4.0-rev14
Report

[ more ]  [ reply ]
wordpress jigoshop Plugin path disclosure vulnerabilities 2013-11-05
iedb team gmail com
the following directories is vulnerable to path disclosure vulnerability in wordpress jigoshop Plugin 1.8

#################################
#
# @@@ @@@@@@@@@@@ @@@@@ @@@@@@@@@@ @@@ @@@@@@@
# @@@ @@@@@@@@@@@ @@@ @@ @@@ @@ @@@ @@@@@@@

[ more ]  [ reply ]
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)
=============================================
INTERNET SECURITY AUDITORS ALERT 2013-018
- Original release date: July 26th, 2013
- Last revised: July 26th, 2013
- Discovered by: Vicente Aguilera Diaz
- Severity: 4.3/10 (CVSSv2 Base Scored)
- CVE-ID: CVE-2013-6163
===================================

[ more ]  [ reply ]
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system 2013-11-05
ISecAuditors Security Advisories (advisories isecauditors com)
=============================================
INTERNET SECURITY AUDITORS ALERT 2013-017
- Original release date: July 26th, 2013
- Last revised: July 26th, 2013
- Discovered by: Vicente Aguilera Diaz
- Severity: 6.8/10 (CVSSv2 Base Scored)
- CVE-ID: CVE-2013-6164
===================================

[ more ]  [ reply ]
ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. 2013-11-05
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities.

EMC Identifier: ESA-2013-073

CVE Identifier: CVE-2013-3286

Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected product:

[ more ]  [ reply ]
ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. 2013-11-05
Security Alert (Security_Alert emc com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability.

EMC Identifier: ESA-2013-070

CVE Identifier: CVE-2013-3281

Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Affected products:

? EMC Documentu

[ more ]  [ reply ]
[SECURITY] [DSA 2792-1] wireshark security update 2013-11-04
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2792-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 04, 2013

[ more ]  [ reply ]
Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563 2013-11-04
g delvecchio smartnetsecurity net
Vulnerability Type: Cross-Site Scripting

CVE: CVE-2013-5563

Products and affected versions:
Cisco Security Monitoring, Analysis and Response System (CS-MARS) - All versions

Vendor Website:
http://www.cisco.com/en/US/products/ps6241/

Cisco Advisory:
https://tools.cisco.com/bugsearch/bug/CSCul1617

[ more ]  [ reply ]
[SECURITY] [DSA 2791-1] tryton-client security update 2013-11-04
Florian Weimer (fw deneb enyo de)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2791-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Florian Weimer
November 04, 2013

[ more ]  [ reply ]
XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability 2013-11-04
geinblues gmail com

+-----------------------------------------------------------------------
---------------------+
| XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability |
+-----------------------------------------------------------------------
---------------------+

Vulnerable v

[ more ]  [ reply ]
CSRF Horde Groupware Web mail Edition 2013-11-03
m benetrix e-secure com au
#############################
Exploit Title : CSRF Horde Groupware Web mail Edition
Author:Marcela Benetrix
Date: 10/28/13
version: 5.1.2
software link:http://www.horde.org/apps/webmail

#############################
GroupWare Web mail Edition

Horde Groupware Webmail Edition is a free, enterprise r

[ more ]  [ reply ]
XSS and CSRF Horde Groupware Web mail Edition 2013-11-03
m benetrix e-secure com au
#############################
Exploit Title : XSS and CSRF Horde Groupware Web mail Edition
Author:Marcela Benetrix
Date: 10/28/13
version: 5.1.2
software link:http://www.horde.org/apps/webmail

#############################
GroupWare Web mail Edition

Horde Groupware Webmail Edition is a free, ente

[ more ]  [ reply ]
[slackware-security] mozilla-thunderbird (SSA:2013-307-01) 2013-11-03
Slackware Security Team (security slackware com)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] mozilla-thunderbird (SSA:2013-307-01)

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0,
and -current to fix security issues.

Here are the details from the Slackware 14.0 ChangeLog:
+---------------------

[ more ]  [ reply ]
[SECURITY] [DSA 2790-1] nss security update 2013-11-02
Salvatore Bonaccorso (carnil debian org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- ------------------------------------------------------------------------
-
Debian Security Advisory DSA-2790-1 security (at) debian (dot) org [email concealed]
http://www.debian.org/security/ Salvatore Bonaccorso
November 02, 2013

[ more ]  [ reply ]
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-11-01
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03960916

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03960916
Version: 2

HPSBMU02931 re

[ more ]  [ reply ]
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities 2013-11-01
Vulnerability Lab (research vulnerability-lab com)
Document Title:
===============
pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities

References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1130

Release Date:
=============
2013-11-01

Vulnerability Laboratory ID (VL-ID):
==========

[ more ]  [ reply ]
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution 2013-10-31
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03969436

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03969436
Version: 1

HPSBMU02934 re

[ more ]  [ reply ]
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution 2013-10-31
security-alert hp com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Note: the current version of the following document is available here:
https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
docDisplay?docId=emr_na-c03969437

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c03969437
Version: 1

HPSBMU02935 re

[ more ]  [ reply ]
(Page 248 of 1747)  < Prev  243 244 245 246 247 248 249 250 251 252 253  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus