Bugtraq
- [ MDVSA-2010:088 ] kernel
- BPstyle - Graphic studio SQL Injection Vulnerabilities
- From: md . r00t . defacer
- EUSecWest Amsterdam 2010 Call For Papers (short deadline May 5 - conf June 16/17)
- RE: STP mitm attack idea
- SQL Injection in MS Access with backslash escaped input
- Secunia Research: Internet Download Manager FTP Buffer Overflow Vulnerability
- [USN-934-1] Netpbm vulnerability
- Re: STP mitm attack idea
- [ MDVSA-2010:086 ] kdegraphics
- Vulnerabilities in CCMS
- Apache ActiveMQ XSS Vulnerability
- Re: STP mitm attack idea
- [ MDVSA-2010:087 ] poppler
- Re: STP mitm attack idea
- From: Jean-Christophe Baptiste
- vBulletin - Insecure Custom BBCode Tags
- CONFidence 2010, 25-26th May - Call For Participation
- Re: STP mitm attack idea
- RE: STP mitm attack idea
- Re: STP mitm attack idea
- Re: STP mitm attack idea
- [USN-933-1] PostgreSQL vulnerability
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2009:332-1 ] gimp
- [ MDVSA-2010:085 ] pidgin
- [ MDVSA-2010:078-1 ] sudo
- ZDI-10-079: Realnetworks Helix Server NTLM Authentication Invalid Base64 Remote Code Execution Vulnerability
- Re: STP mitm attack idea
- XSS in Microsoft SharePoint Server 2007
- Adobe viewer plugin can be made to crash IE or FF
- STP mitm attack idea
- From: Przemyslaw Borkowski
- Fun with FORTIFY_SOURCE
- [ MDVSA-2010:084 ] java-1.6.0-openjdk
- [security bulletin] HPSBMA02525 SSRT100083 rev.1 - HP System Insight Manager Running on HP-UX, Linux, and Windows , Remote Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Privilege Elevation
- [security bulletin] HPSBMA02488 SSRT100013 rev.2 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure
- [SECURITY] [DSA 2021-2] New spamass-milter packages fix regression
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses)
- XSS vulnerability in Zikula Application Framework
- XSS vulnerability in Zikula Application Framework
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses)
- Conference on Cyber Conflict: speakers selected!
- Re: Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918addresses)
- New vulnerabilities in CMS SiteLogic
- From: Salvatore Fresta aka Drosophila
- Re: New vulnerabilities in CMS SiteLogic
- Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability
- NovaStor NovaNet <= 13.0 issues
- Widnows XP TCP/IP Stack Security Issue (ARP for non RFC 1918 addresses)
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
- From: Morris, John R. (SSRT)
- t2'10: Call for Papers 2010 (Helsinki / Finland)
- SmodCMS 'config.php' Arbitrary File Upload Vulnerability
- [USN-931-2] FFmpeg regression
- phpegasus 'config.php' Arbitrary File Upload Vulnerability
- A XSS in User_ChkLogin.asp of PowerEasy 2006
- hashdays 2010 - Call for Papers (#days CFP)
- [SECURITY] [DSA 2039-1] New cacti packages fix missing input sanitising
- [ MDVSA-2010:071 ] mozilla-thunderbird
- ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability
- Vulnerability in Referer for DataLife Engine
- [HITB-Announce] HITBSecConf2009 - Malaysia Videos Released!
- IWD Group SQL Injection Vulnerabilities
- From: md . r00t . defacer
- In-portal 5.0.3 Remote Arbitrary File Upload Exploit
- Re: Vulnerabilities in NovaBoard
- [HITB-Announce] HITBSecConf2010 - Dubai - Presentation Materials
- XSS and Content Injection in HTC Windows Mobile SMS Preview PopUp
- Vulnerabilities in NovaBoard
- Apache ActiveMQ is prone to source code disclosure vulnerability.
- [security bulletin] HPSBUX02519 SSRT100004 rev.1 - HP-UX Running BIND, Remote Compromise of NXDOMAIN Responses
- Windows 2000/XP/2003 win32k.sys SfnINSTRING local kernel Denial of Service Vulnerability
- Windows 2000/XP/2003 win32k.sys SfnLOGONNOTIFY local kernel Denial of Service Vulnerability
- [security bulletin] HPSBMA02492 SSRT100079 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access
- Re: sudoedit local privilege escalation through PATH manipulation
- [SECURITY] CVE-2010-1157: Apache Tomcat information disclosure vulnerability
- CfP: GameSec 2010 - Deadline is 3 weeks away!
- Security-Assessment.com WhitePaper/Addendum: Cross Context Scripting with Firefox & Exploiting Cross Context Scripting vulnerabilities in Firefox
- From: Roberto Suggi Liverani
- [security bulletin] HPSBMA02494 SSRT090168 rev.1 - HP Virtual Machine Manager (VMM) for Windows, Remote Unauthorized Access, Privilege Elevation
- London DEFCON April meet - DC4420 - Wed 28th April 2010
- ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability
- Cisco Security Advisory: Cisco Small Business Video Surveillance Cameras and Cisco 4-Port Gigabit Security Routers Authentication Bypass Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- Secunia Research: imlib2 "IMAGE_DIMENSIONS_OK()" Logic Error
- Call for participation -- Eth0:2010 Summer
- CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop
- From: CORE Security Technologies Advisories
- [security bulletin] HPSBUX02508 SSRT100007 rev.2 - HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access
- [security bulletin] HPSBMA02491 SSRT100060 rev.1 - HP Operations Manager for Windows, Remote Execution of Arbitrary Code
- [#OUF-273299]: AVTECH Software (AVC781Viewer.dll) ActiveX Multiple Remote Vulnerabilities
- [security bulletin] HPSBUX02518 SSRT100051 rev.1 - HP-UX, Local Denial of Service (DoS)
- Re: Re: Vulnerability in CB Captcha for Joomla and Mambo
- Re: [Suspected Spam]New vulnerabilities in CMS SiteLogic
- From: Salvatore Fresta aka Drosophila
- [USN-929-2] irssi regression
- [ MDVSA-2010:070-1 ] firefox
- [security bulletin] HPSBUX02517 SSRT100058 rev.2 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
- IP address spoofing in e107
- [USN-932-1] KDM vulnerability
- [ MDVSA-2010:083 ] emacs
- Re: sudoedit local privilege escalation through PATH manipulation
- Vbulletin - Two-Step External Link XSS
- [USN-931-1] FFmpeg vulnerabilities
- MITKRB5-SA-2010-004 [CVE-2010-1320] double free in KDC
- CSRF in e107
- [ MDVSA-2010:076-1 ] openssl
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:082 ] clamav
- sudoedit local privilege escalation through PATH manipulation
- [SECURITY] [DSA 2038-1] New pidgin packages fix denial of service
- [ MDVSA-2010:079 ] irssi
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Integer Overflow Vulnerability
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:077 ] nss_db
- iDefense Security Advisory 04.15.10: Multiple Vendor AgentX++ Stack Buffer Overflow Vulnerability
- CompleteFTP v3.3.0 - Remote Memory Consumption DoS
- From: Mehdi Mahdjoub [SYSDREAM]
- [ MDVSA-2010:078 ] sudo
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [SECURITY] [DSA-2035-1] New apache2 packages fix several issues
- [SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- Secunia Research: e107 Content Management Plugin Script Insertion Vulnerability
- [Suspected Spam]New vulnerabilities in CMS SiteLogic
- [ MDVSA-2010:081 ] apache-mod_auth_shadow
- [SECURITY] [DSA 2037-1] New kdm packages fix privilege escalation
- Secunia Research: e107 Avatar/Photograph Image File Upload Vulnerability
- WinMount MOU File Handling Overflow Vulnerability
- [ MDVSA-2010:076 ] openssl
- [SECURITY] [DSA 2036-1] New jasper packages fix denial of service
- [ MDVSA-2010:080 ] brltty
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:075 ] openoffice.org
- [USN-890-6] CMake vulnerabilities
- Hackproofing Oracle Financials 11i & R12
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- [ MDVSA-2010:074 ] kdebase
- [SECURITY] [DSA 2033-1] New ejabberd packages fix denial of service
- [USN-929-1] irssi vulnerabilities
- [USN-928-1] Sudo vulnerability
- Re: Vulnerability in CB Captcha for Joomla and Mambo
- VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability
- ZDI-10-076: Apple Preview libFontParser SpecialEncoding Remote Code Execution Vulnerability
- Nucleus CMS v.3.51 (DIR_LIBS) Multiple Vulnerability
- ZDI-10-072: Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability
- VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow Vulnerability
- [CVE-2010-0432] Apache OFBiz Multiple XSS Vulnerabilities
- Vulnerability in CB Captcha for Joomla and Mambo
- Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability
- From: Cisco Systems Product Security Incident Response Team
- [DSECRG-09-049] IBM BladeCenter Management Module - DoS vulnerability
- [DSecRG-09-053] VMware Remoute Console - format string
- VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow Vulnerability
- VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow Vulnerability
- VUPEN Web Security Research - WebAsyst Shop-Script Multiple Input Validation Vulnerabilities
- [ MDVSA-2010:073 ] cups
- Ziggurat CMS Multiple Vulnerabilities
- [ MDVSA-2010:073-1 ] cups
- ZDI-10-070: Microsoft Windows Media Player Codec Retrieval Dangling Pointer Remote Code Execution Vulnerability
- [security bulletin] HPSBUX02517 SSRT100058 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Information Disclosure, Unauthorized Data Modification, Denial of Service (DoS)
- [ MDVSA-2010:071 ] krb5
- 60cycleCMS (DOCUMENT_ROOT) Multiple Local File Inclusion Vulnerability
- Cert-Lexsi - Microsoft Windows Media Services MMS Buffer Overflow Vulnerability
- [ MDVSA-2010:072 ] cups
- RJ-iTop Network Vulnerability Scanner System Multiple SQL Injection Vulnerabilities
- ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
- [ MDVSA-2010:070 ] firefox
- Secunia Research: Visualization Library DAT File Parsing Vulnerabilities
- ZDI-10-075: Sun Microsystems Directory Server Enterprise DSML UTF-8 Denial of Service Vulnerability
- ZDI-10-069: Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability
- ZDI-10-073: Sun Microsystems Directory Server DSML-over-HTTP Username Search Denial of Service Vulnerability
- Unauthenticated Filesystem Access in iomega Home Media Network Hard Drive
- ZDI-10-071: Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability
- Micropoint Proactive Denfense Mp110013.sys <= 1.3.10123.0 Local Privilege Escalation Exploit
- Imperva SecureSphere Web Application Firewall and Database Firewall Bypass Vulnerability
- From: Clear Skies Security
- Advisory 02/2010: MyBB Password Reset Weak Random Numbers Vulnerability
- Advisory 01/2010: MyBB Password Reset Email BCC: Injection Vulnerability
- Vana CMS Remote File Download
- Insufficient Anti-automation and Denial of Service vulnerabilities in multiple systems
- ACROS Security: Remote Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-1)
- [USN-927-1] NSS vulnerability
- iDefense Security Advisory 04.09.10: VMware VMnc Codec Heap Overflow Vulnerability
- ACROS Security: Local Binary Planting in VMware Tools for Windows (ASPR #2010-04-12-2)
- [security bulletin] HPSBPI02398 SSRT080166 rev.5 - Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files
- Re: Vulnerabilities in phpCOIN
- [USN-920-1] Firefox 3.0 and Xulrunner vulnerabilities
- CVE-2009-4509: TANDBERG VCS Authentication Bypass
- CVE-2009-4510: TANDBERG VCS Static SSH Host Keys
- CVE-2009-4511: TANDBERG VCS Arbitrary File Retrieval
- Vulnerabilities in CMS SiteLogic
- [SECURITY] [DSA 2031-1] New krb5 packages fix denial of service
- [USN-927-2] NSS regression
- [SECURITY] [DSA 2032-1] New libpng packages fix several vulnerabilities
- HITBSecConf DUBAI 2010: Learn more about web attacks and stealth hacking
- From: Laurent OUDOT at TEHTRI-Security
- [USN-921-1] Firefox 3.5 and Xulrunner vulnerabilities
- [USN-927-3] Thunderbird regression
- AneCMS Multiple Vulnerabilities
- VUPEN Security Research - VMware Products Movie Decoder Heap Overflow Vulnerability
- From: VUPEN Security Research
- Re: Vulnerabilities in Dunia Soccer
- Secunia Research: VMWare VMnc Codec HexTile Encoding Buffer Overflow
- Secunia Research: VMWare VMnc Codec HexTile Encoding Two Integer Truncation Vulnerabilities
- Re: Vulnerabilities in Dunia Soccer
- Vulnerabilities in phpCOIN
- JAVA web start arbitrary command-line injection - "-XXaltjvm" arbitrary dll loading (0day)
- WinSoftMagic Photo Editor .PNG File Buffer Overflow
- ZDI-10-068: Apple QuickTime H.263 Array Index Parsing Remote Code Execution Vulnerability
- [USN-624-2] Erlang vulnerability
- VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
- From: VMware Security team
- [USN-926-1] ClamAV vulnerabilities
- Secunia Research: Pulse CMS Cross-Site Request Forgery
- Secunia Research: Pulse CMS Arbitrary File Upload Vulnerability
- Re: Vulnerabilities in Dunia Soccer
- [USN-925-1] MoinMoin vulnerabilities
- Vulnerabilities in CMS SiteLogic
- TCPDF Library Remote Code Execution Vulnerability
- From: Matthias -apoc- Hecker
- DeepSec 2010 - Call for Papers and Experts
- [HITB-Announce] FINAL CALL - CFP for HITBSecConf2010 Amsterdam
- Vulnerabilities in Dunia Soccer
- [ MDVSA-2010:069 ] nss
- [USN-924-1] Kerberos vulnerabilities
- [USN-923-1] OpenJDK vulnerabilities
- CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin
- From: CORE Security Technologies Advisories
- ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability
- [SECURITY] [DSA 2030-1] New mahara packages fix sql injection
- ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability
- MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases
- ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities
- CA20100406-01: Security Notice for CA XOsoft
- Miranda TLS MitM with XMPP/Jabber protocol
- Hack.lu 2010 CfP
- [SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution
- ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability
- Vulnerabilities in TAK cms
- ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities
- ZDI-10-048: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability
- ZDI-10-057: Sun Java Runtime Environment JPEGImageDecoderImpl Remote Code Execution Vulnerability
- ZDI-10-059: Sun Java Runtime Environment JPEGImageEncoderImpl Remote Code Execution Vulnerability
- ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
- Re: DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
- [SECURITY] [DSA 2028-1] New xpdf packages fix several vulnerabilities
- ZDI-10-052: Sun Java Runtime Environment XNewPtr Remote Code Execution Vulnerability
- ZDI-10-050: Mozilla Firefox nsTreeSelection EventListener Remote Code Execution Vulnerability
- ZDI-10-058: Apple Mac OS X ImageIO Framework JPEG2000 Remote Code Execution Vulnerability
- ZDI-10-051: Sun Java Runtime RMIConnectionImpl Privileged Context Remote Code Execution Vulnerability
- ZDI-10-049: Mozilla Firefox PluginArray nsMimeType Dangling Pointer Remote Code Execution Vulnerability
- ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability
- Vulnerabilities in HoloCMS
- ZDI-10-060: Sun Java Runtime Environment MixerSequencer Invalid Array Index Remote Code Execution Vulnerability
- ZDI-10-047: Mozilla Firefox libpr0n imgContainer Bits-Per-Pixel Change Remote Code Execution Vulnerability
- ZDI-10-046: Mozilla Firefox Web Worker Array Remote Code Execution Vulnerability
- ZDI-10-045: Apple QuickTime MPEG-1 genl Atom Remote Code Execution Vulnerability
- ZDI-10-054: Sun Java Runtime Environment JPEGImageReader stepX Remote Code Execution Vulnerability
- ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability
- ZDI-10-056: Sun Java Runtime Environment Trusted Methods Chaining Remote Code Execution Vulnerability
- Apple Safari <= Tag (heap spray) Remote Buffer Overflow Exploit (osX)
- [SECURITY] [DSA 2027-1] New xulrunner packages fix several vulnerabilities
- [security bulletin] HPSBMA02490 SSRT090222 rev.2 - HP SOA Registry Foundation, Remote Unauthorized Access to Data, Cross Site Scripting (XSS), Privilege Escalation
- ZDI-10-044: Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
- ZDI-10-043: Apple QuickTime FlashPix NumberOfTiles Remote Code Execution Vulnerability
- ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
- ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability
- ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability
- ZDI-10-039: Apple OS X Internet Enabled Disk Image Remote Code Execution Vulnerability
- ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability
- ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability
- ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability
- ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability
- ZDI-10-034: Microsoft Internet Explorer Tabular Data Control ActiveX Remote Code Execution Vulnerability
- ZDI-10-033: Microsoft Internet Explorer TIME2 Behavior Remote Code Execution Vulnerability
- [SECURITY] [DSA 2026-1] New netpbm-free packages fix denial of service
- Vulnerability Centreon IT & Network Monitoring v2.1.5
- From: Mehdi Mahdjoub - Sysdream IT Security Services
- VMSA-2010-0006 ESX Service Console updates for samba and acpid
- From: VMware Security Team
- VUPEN Security Research - Apple Quicktime PICT Handling Heap Overflow Vulnerability
- From: VUPEN Security Research
- Juniper SRX Critical Denial of Service Vulnerability
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Index Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability
- From: VUPEN Security Research
- Zabbix <= 1.8.1 SQL Injection
- VUPEN Security Research - Apple Quicktime FLC Encoded Movie Heap Overflow Vulnerability
- From: VUPEN Security Research
- DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability
- CSRF Vulnerability in OSSIM 2.2.1
- From: nicolas . grandjean
- VUPEN Security Research - Sun Java JDK/JRE Unpack200 Buffer Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Apple Quicktime PICT Processing Integer Overflow Vulnerability
- From: VUPEN Security Research
- VUPEN Security Research - Apple iTunes ColorSync Profile Integer Overflow Vulnerability
- From: VUPEN Security Research
- [USN-922-1] libnss-db vulnerability
