-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
DX Studio Player Firefox plug-in command injection
1. *Advisory Information*
Title: DX Studio Player Firefox plug-in command injection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
Internet Explorer Security Zone restrictions bypass
1. *Advisory Information*
Title: Internet Explorer Security Zone restrictions bypass
Hi all,
I am way behind on this, so I wanted to drop a quick note regarding
some of my vulnerabilities recently addressed by browser vendors - and
provide some possibly interesting PoCs / fuzzers to go with them:
Summary : MSIE same-origin bypass race condition (CVE-2007-3091)
Impact :
===
Ubuntu Security Notice USN-775-2 June 09, 2009
quagga regression
https://launchpad.net/bugs/384193
===
A security issue affects the following Ubuntu releases:
Ubuntu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:11.ntpd Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:10.ipv6 Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:09.pipe Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Updated to add additional patches required for 5.5.x and 4.1.x
CVE-2008-5515: Apache Tomcat information disclosure vulnerability
Severity: Important
Vendor:
The Apache Software Foundation
Versions Affected:
Tomcat 4.1.0 to 4.1.39
Tomcat 5.5.0 to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01762423
Version: 1
HPSBUX02435 SSRT090059 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service
(DoS), Bypass Security Restrictions
NOTICE: The information in this Security Bulletin should
Microsoft Internet Explorer DHTML Handling Remote Memory Corruption
Vulnerability
2009.June.09
Fortinet's FortiGuard Global Security Research Team Discovers Memory Corruption
Vulnerability in Microsoft's Internet Explorer.
Summary:
A memory corruption vulnerability exists in the DHTML
ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-038
June 10, 2009
-- CVE ID:
CVE-2009-1530
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- Vulnerability Details:
This
ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-041
June 10, 2009
-- CVE ID:
CVE-2009-1532
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- Vulnerability
Apple Safari Remote Memory Corruption Vulnerability
2009.June.09
Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in
Apple Safari.
Summary:
A memory corruption vulnerability exists in Apple Safari which allows a remote
attacker to execute arbitrary code
ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-035
June 10, 2009
-- CVE ID:
CVE-2009-0563
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office Word
-- Vulnerability Details:
This vulnerability
#!usr/bin/perl -w
###
# XM Easy Personal FTP Server 5.x allows remote attackers to cause a denial
of service
# via a HELP or TYPE command with an overly long argument.
# Refer:
#
___ ___
\_ _/\_ ___ \ / | \\_ \
|__)_ /\ \//~\/ | \
|\\ \___\Y/|\
/___ / \__ /\___|_ /\___ /
\/ \/ \/ \/ .OR.ID
==
Secunia Research 10/06/2009
- Microsoft PowerPoint Freelance Layout Parsing Vulnerability -
==
Table of Contents
Affected
==
Secunia Research 10/06/2009
- Adobe Reader JBIG2 Text Region Segment Buffer Overflow -
==
Table of Contents
Affected
Hi,
Safari prior to version 4 may permit an evil web page to steal
arbitrary XML data cross-domain.
This is accomplished by abusing a relatively obscure cross-domain
access point which was completely missing a cross-domain access check.
The access point in question is the document() function in
ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-036
June 10, 2009
-- CVE ID:
CVE-2009-1529
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet Explorer
-- Vulnerability Details:
This
20 matches
Mail list logo