|
|
Prev week |
Colapse all |
Post message
[security bulletin] HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure 2011-05-03 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02735590 Version: 2 HPSBMA02661 SSRT100408 rev.2 - HP Proliant Support Pack (PSP) Running on Linux and Windows, Remote Cross Site Scripting (XSS), URL Redirection, Information Disclosure NOTICE: [ more ] [ reply ] TeamSHATTER Security Advisory: XSS in locale parameter on IASTOP_CS_FARM_PAGE.html 2011-05-02 Shatter (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TeamSHATTER Security Advisory April 21, 2011 Risk Level: High Affected versions: Oracle Enterprise Manager 10g Release 1 and Release 2 Remote exploitable: Yes Credits: This vulnerability was discovered and researched by Esteban Martinez Fayo of Ap [ more ] [ reply ] SQL injection in 4images 2011-05-02 bolok boloke80 gmail com Vendor: http://www.got.my ( http://www.got.my/LINK-EXCHANGE-Script ) Vulnerable Version: 1.8.9 Vulnerability Type: SQL Injection Risk level: High Credit: Hector.x90 Vulnerability Details: The vulnerability exists due to failure in the "/admin/categories.php" script to properly sanitize user-supplie [ more ] [ reply ] XSS in DEAL INFORMER 2011-05-02 bolok boloke80 gmail com Product: DEAL INFORMER Vendor: http://www.got.my ( http://www.got.my/DEAL-INFORMER/ ) Vulnerable Version: 4.8.0 Vulnerability Type: XSS (Cross Site Scripting) Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. T [ more ] [ reply ] XSS in GOT.MY CLASSMATES 2011-05-02 bolok boloke80 gmail com Product: CLASSMATES Vendor: http://www.got.my ( http://www.got.my/CLASSMATES/ ) Vulnerable Version: 1.1.1 Vulnerability Type: XSS (Cross Site Scripting) Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. The vul [ more ] [ reply ] XSS in CLASSIFIED ADS 2011-05-02 bolok boloke80 gmail com Product: CLASSIFIED ADS Vendor: http://www.got.my ( http://www.got.my/CLASSIFIED-ADS/ ) Vulnerable Version: 2.9.1 Vulnerability Type: XSS (Cross Site Scripting) Risk level: Medium Credit: Hector.x90 Vulnerability Details: User can execute arbitrary JavaScript code within the vulnerable application. [ more ] [ reply ] Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion 2011-05-01 cxib securityreason com [ Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion ] Author: Maksymilian Arciemowicz http://netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - Dis.: 19.01.2011 - Pub.: 02.05.2011 CVE: CVE-2011-0418 Affected Software (verified): - NetBSD 5.1 - and more [ more ] [ reply ] [ISecAuditors Security Advisories] XSS in Oracle AS Portal 10g 2011-05-01 ISecAuditors Security Advisories (advisories isecauditors com) ============================================= INTERNET SECURITY AUDITORS ALERT 2010-007 - Original release date: August 11th, 2010 - Last revised: May 1st, 2011 - Discovered by: Vicente Aguilera Diaz - Severity: 5.0/10 (CVSS Base Scored) ============================================= I. VULNERABILI [ more ] [ reply ] OSI Security: LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability 2011-04-30 Patrick Webster (patrick osisecurity com au) LANSA aXes Web Terminal (TN5250) Cross-Site Scripting Vulnerability http://www.osisecurity.com.au/advisories/lansa-axes-web-terminal-tn5250- cross-site-scripting Release Date: 30-Apr-2011 Software: LANSA - aXes http://www.lansa.com http://www.axeslive.com "Transform your 5250 applications in [ more ] [ reply ] [USN-1121-1] firefox vulnerabilities 2011-04-30 Micah Gersten (micah canonical com) ======================================================================== == Ubuntu Security Notice USN-1121-1 April 30, 2011 firefox vulnerabilities ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - U [ more ] [ reply ] [USN-1123-1] xulrunner-1.9.1 vulnerabilities 2011-04-30 Micah Gersten (micah canonical com) ======================================================================== == Ubuntu Security Notice USN-1123-1 April 30, 2011 xulrunner-1.9.1 vulnerabilities ======================================================================== == A security issue affects these releases of Ubuntu and its derivativ [ more ] [ reply ] [USN-1112-1] Firefox and Xulrunner vulnerabilities 2011-04-30 Micah Gersten (micah canonical com) ======================================================================== == Ubuntu Security Notice USN-1112-1 April 29, 2011 firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities ======================================================================== == A security issue affects these r [ more ] [ reply ] [USN-1126-1] PHP vulnerabilities 2011-04-29 Steve Beattie (sbeattie ubuntu com) ======================================================================== == Ubuntu Security Notice USN-1126-1 April 29, 2011 php5 vulnerabilities ======================================================================== == A security issue affects these releases of Ubuntu and its derivatives: - Ubun [ more ] [ reply ] ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-153 April 29, 2011 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Embarcadero -- Affected Products: Embarcadero Interbase -- TippingP [ more ] [ reply ] ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-152 April 29, 2011 -- CVE ID: CVE-2011-1736 -- CVSS: 7.8, (AV:N/AC:L/Au:N/C:C/I:N/A:N) -- Affected Vendors: Hewlett-Packard -- Affected Products: He [ more ] [ reply ] ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-151 April 29, 2011 -- CVE ID: CVE-2011-1735 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Affecte [ more ] [ reply ] ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-150 April 29, 2011 -- CVE ID: CVE-2011-1734 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard - [ more ] [ reply ] ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-149 April 29, 2011 -- CVE ID: CVE-2011-1733 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Affected Products: [ more ] [ reply ] ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-147 April 29, 2011 -- CVE ID: CVE-2011-1731 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Affected Produ [ more ] [ reply ] ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-146 April 29, 2011 -- CVE ID: CVE-2011-1730 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Affected Products [ more ] [ reply ] ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-148 April 29, 2011 -- CVE ID: CVE-2011-1732 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Aff [ more ] [ reply ] ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability 2011-04-29 ZDI Disclosures (zdi-disclosures tippingpoint com) ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C) -- Affected Vendors: Hewlett-Packard -- Affected Products: H [ more ] [ reply ] |
|
Privacy Statement |
==
Ubuntu Security Notice USN-1127-1
May 02, 2011
usb-creator vulnerability
========================================================================
==
A security issue affects these releases of Ubuntu and its derivatives:
- U
[ more ] [ reply ]