[Full-disclosure] Vulnerable MSVC++ runtime distributed with OpenOffice.org 3.1.1 for Windows

The just released latest version of OpenOffice.org 3.1.1 for Windows distributes (once again) a completely outdated and vulnerable MSVC++ runtime. The unpacked installation archive contains in subdirectory \REDIST\ the installer of the Microsoft Visual C++ 2008 Redistributable, VCRedist_x86.exe,

[Full-disclosure] Secunia Research: OpenOffice.org Word Document Table Parsing Integer Underflow

== Secunia Research 01/09/2009 - OpenOffice.org Word Document Table Parsing Integer Underflow - == Table of Contents Affected

[Full-disclosure] Secunia Research: OpenOffice.org Word Document Table Parsing Buffer Overflow

== Secunia Research 01/09/2009 - OpenOffice.org Word Document Table Parsing Buffer Overflow - == Table of Contents Affected

[Full-disclosure] Think Drupal was FLOSS and non-profit? Think again.

Thought Drupal was open source and non-profit? Not anymore. This brings back memories of when Mambo and Joomla split. If you want to build a website based around this GPL+MIT framework, you should read the fine print. For your convenience of course, it's governed by the laws and regulations of

[Full-disclosure] SEC Consult SA-20090901-0 :: File disclosure vulnerability in JSFTemplating, Mojarra Scales and GlassFish Application Server v3 Admin console

SEC Consult Security Advisory 20090901-0 === title: File disclosure vulnerability in JSFTemplating, Mojarra Scales and GlassFish Application Server v3 Admin console

[Full-disclosure] Pwning Opera Unite with Inferno's Eleven

Pwning Opera Unite with Inferno's Eleven Complete Post at http://securethoughts.com/2009/08/pwning-opera-unite-with-infernos-eleven/ Opera Unite, the upcoming version of the Opera browser has a strong vision to change how we look at the web. For those who

[Full-disclosure] [BMSA-2009-06] Remote code execution in BKAV eOffice

BLUE MOON SECURITY ADVISORY 2009-06 === :Title: Remote code execution in BKAV eOffice :Severity: Critical :Reporter: Blue Moon Consulting :Products: eOffice v5.1.5 :Fixed in: -- Description --- We could not find out the definitive description for eOffice

[Full-disclosure] [ MDVSA-2009:197 ] nss

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2009:197 http://www.mandriva.com/security/

Re: [Full-disclosure] Think Drupal was FLOSS and non-profit? Think again.

dru...@hush.com wrote: Thought Drupal was open source and non-profit? Not anymore. This seems like a relatively minor issue. I thought the fact that it is written by newbs in PHP (if they weren't newbs they wouldn't still be coding php) and therefore a remote root server would be enough to keep

[Full-disclosure] [SECURITY] [DSA 1876-1] New dnsmasq packages fix remote code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - Debian Security Advisory DSA-1876-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer September 01, 2009

[Full-disclosure] Nipper licensing

Which version of nipper will you be using? 0.10.x or 0.12.6? Which one is not governed by the new Titania license? Sent from my Verizon Wireless BlackBerry ___ Full-Disclosure - We believe in it. Charter:

[Full-disclosure] [USN-827-1] Dnsmasq vulnerabilities

=== Ubuntu Security Notice USN-827-1 September 01, 2009 dnsmasq vulnerabilities CVE-2009-2957, CVE-2009-2958 === A security issue affects the following Ubuntu releases: Ubuntu

Re: [Full-disclosure] Nipper licensing

Which version of nipper will you be using? 0.10.x or 0.12.6? Which one is not governed by the new Titania license? Sent from my Verizon Wireless BlackBerry ___ Full-Disclosure - We believe in it. Charter:

[Full-disclosure] [USN-810-2] NSS regression

=== Ubuntu Security Notice USN-810-2 September 02, 2009 nss regression https://launchpad.net/bugs/409864 === A security issue affects the following Ubuntu releases: Ubuntu 8.04