|
|
Colapse all |
Post message
Compuware Softice (DbgMsg driver) Local Denial Of Service 2005-05-29 Piotr Bania (bania piotr gmail com) Compuware Softice (DbgMsg driver) Local Denial Of Service by Piotr Bania <bania.piotr (at) gmail (dot) com [email concealed]> http://pb.specialised.info Original location: http://pb.specialised.info/all/adv/sice-adv.txt Severity: Low / Medium - BSOD (Blue Screen Of Death) DOS Software affected: Tested on Softice from [ more ] [ reply ] Format String Vulnerability In Peercast 0.1211 And Earlier 2005-05-28 GulfTech Security Research (security gulftech org) Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005) 2005-05-28 Benjamin Tobias Franz (0-1-2-3 gmx de) Microsoft Internet Explorer - Crash on to many stack overflows (05/28/2005) Description: There is a bug in Microsoft Internet Explorer, which causes a crash in NTDLL.DLL. - ModName: ntdll.dll - ModVer: 5.1.2600.2180 - Offset: 00043151 The bug occurs, because Microsoft Internet Explorer can't handl [ more ] [ reply ] Microsoft Internet Explorer - Crash on processing embedded files with endless loop (05/28/2005) 2005-05-28 Benjamin Tobias Franz (0-1-2-3 gmx de) Microsoft Internet Explorer - Crash on processing embedded files with endless loop (05/28/2005) Description: There is a bug in Microsoft Internet Explorer, which causes a crash in it. The bug occurs, because Microsoft Internet Explorer doesn't limit the depth of embedded files. Affected software [ more ] [ reply ] Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) 2005-05-28 Benjamin Tobias Franz (0-1-2-3 gmx de) Microsoft Internet Explorer - Crash on JavaScript "window()"-calling (05/28/2005) Description: There is a bug in Microsoft Internet Explorer, which causes a crash in it. The bug occurs, because Microsoft Internet Explorer can't handle a call to a JavaScript-function with the name of the "window"-ob [ more ] [ reply ] Microsoft Internet Explorer - Crash on adding sites to restricted zone (05/28/2005) 2005-05-28 Benjamin Tobias Franz (0-1-2-3 gmx de) Microsoft Internet Explorer - Crash on adding sites to restricted zone (05/28/2005) Description: There is a bug in Microsoft Internet Explorer, which causes a crash in URLMON.DLL. - EventType : BEX - P1 : IEXPLORE.EXE - P2 : 6.0.2900.2180 - P3 : 41107b81 - P4 : urlmon.dll - P5 : 6.0.2900.2627 - P6 [ more ] [ reply ] SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 2005-05-27 Alberto Trivero (trivero jumpy it) #!/usr/bin/perl -w # # SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 # This exploit show the username of the administrator of the blog and his password crypted in MD5 # Coded by Alberto Trivero and Discovered with CorryL # Related advisories: (Italian) http://www.codebug.org/index.php?subaction= [ more ] [ reply ] [SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification 2005-05-27 joey infodrom org (Martin Schulze) DSL-504T (and maybe many other) remote access without password bug 2005-05-26 alessandro (alessandro sideralis net) Device: CUSTOMER=DLinkEU MODEL=DSL-504T Version: only tested with VERSION=V1.00B01T16.EU.20040217 Bugs: i) remote firmware upgrade without password ii) config retrieval without password Exploitation: remote Date: 26/05/2005 Status: vendor not contacted Workaround: disable remote web managemen [ more ] [ reply ] RE: CAID 32896 - Computer Associates Vet Antivirus engine heap overflow vulnerability 2005-05-27 Williams, James K (James Williams ca com) Hello, I have an update for the "Computer Associates Vet Antivirus engine heap overflow vulnerability" that was disclosed on 2005/05/23. 'BrightStor ARCserve Backup (BAB) r11.1 Windows' does NOT use the Vet Antivirus engine in any part of the product. Furthermore, none of the BrightStor ARCs [ more ] [ reply ] [AppSecInc Advisory BEA05-V0101] BEA WebLogic Administration Console login page cross-site scripting vulnerability 2005-05-27 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 BEA WebLogic Administration Console login page cross-site scripting vulnerability AppSecInc Team SHATTER Security Advisory BEA05-V0101 http://www.appsecinc.com/resources/alerts/general/BEA-002.html May 27, 2005 Affected versions: BEA WebLogic Server [ more ] [ reply ] [AppSecInc Advisory BEA05-V0100] BEA WebLogic Administration Console error page cross-site scripting vulnerability 2005-05-27 Team SHATTER (shatter appsecinc com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 BEA WebLogic Administration Console error page cross-site scripting vulnerability AppSecInc Team SHATTER Security Advisory BEA05-V0100 http://www.appsecinc.com/resources/alerts/general/BEA-001.html May 27, 2005 Affected versions: BEA WebLogic Server [ more ] [ reply ] User32.dll Icon Size Crash 2005-05-25 - k - (klistas gmail com) (1 replies) Andres Rey - (User32.dll Icon Size Crash) --------------------------------------------------- Application: User32.dll (Windows 98SE Version (4.10.2222)) (Maybe other Windows versions too) Bug: Crash the program that attempts to open the icon Explotation: Local / Remote* Author: Andres Rey (andr [ more ] [ reply ] [USN-136-2] Fixed packages for USN-136-1 2005-05-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-136-2 May 27, 2005 binutils regression https://bugzilla.ubuntu.com/11249 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Wa [ more ] [ reply ] [USN-136-1] binutils vulnerability 2005-05-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-136-1 May 27, 2005 binutils vulnerability CAN-2005-1704 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) Ubun [ more ] [ reply ] [ GLSA 200505-20 ] Mailutils: Multiple vulnerabilities in imap4d and mail 2005-05-27 Thierry Carrez (koon gentoo org) [USN-135-1] gdb vulnerabilities 2005-05-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-135-1 May 27, 2005 gdb vulnerabilities CAN-2005-1704, CAN-2005-1705 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty W [ more ] [ reply ] [USN-114-2] Fixed packages for USN-114-1 2005-05-27 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-114-2 May 27, 2005 kdelibs fixed packages USN-114-1, https://bugzilla.ubuntu.com/10035 =========================================================== A security issue affects the following Ubuntu releases: U [ more ] [ reply ] PostNuke Critical SQL Injection and XSS 0.750=>x 2005-05-27 sp3x (sp3x securityreason com) -=[ Critical SQL injection and XSS in PostNuke ]=- Author: sp3x Date: 27. May 2005 Affected software : =================== PostNuke version : x=> 0.750 Description : ============= PostNuke is an open source, open developement content management system (CMS). PostNuke started as a fork from PHPN [ more ] [ reply ] PHP Stat Administrative User Authentication Bypass 2005-05-27 SoulBlack Group (soulblacktm gmail com) =========================================================== ============================================================ Title: PHP Stat Vulnerability discovery: SoulBlack - Security Research - http://soulblack.com.ar Date: 25/05/2005 Severity: Medium. PHP Stat Administrative User Authentication By [ more ] [ reply ] Buffer-overflow and crash in Terminator 3: War of the Machines 1.16 2005-05-26 Luigi Auriemma (aluigi autistici org) |
|
Privacy Statement |
#######################################################################
Luigi Auriemma
Application: Stronghold 2
http://www.stronghold2.com
Versions: <= 1.2
Platforms: Windows
Bug: exception/crash
Exploitation: remote, versus server
Date
[ more ] [ reply ]