-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:159
http://www.mandriva.com/security/
Hi Aditya,
Google Chrome ( 5.0.375.127 and previous versions) suffers from HTTP
Auth Dialog spoofing vulnerability due to possible
realm manipulation in the HTTP header. Previously, Google chrome has got
a similar bug which can be seen on the following link
How is this significantly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:159
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:159
http://www.mandriva.com/security/
ZDI-10-158: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-158
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Autonomy
-- Affected Products:
IBM Lotus Notes
Autonomy KeyView
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02478639
Version: 1
HPSBGN02569 SSRT100200 rev.1 - HP MagCloud iPad App, Remote Unauthorized Access
to Data
NOTICE: The information in this Security Bulletin should be acted upon as soon
as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Good to hear, but hard to see how this will really fix anything. Unlike
most modern application and devices, these routers do not update
firmware automatically or allow for the user to update them in any real
world scenario. Hell, most ISPs who use
ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-156
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Autonomy
-- Affected Products:
IBM Lotus Notes
Autonomy
TPTI-10-08: Novell iPrint Client Browser PluginGetDriverFile Uninitialized
Pointer Remote Code Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-08
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-10-155: Cisco WebEx Player ARF String Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-155
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Cisco
-- Affected Products:
Cisco WebEx
-- TippingPoint(TM) IPS Customer
Hi Tim
First of all, the dialog spoofing issue still works in Google Chrome and
it has not been patched. A lot of tests have been
conducted considering different variants spoofing. I missed your paper
previously. I must say its a very good read. A similar issue about
Google URL obfuscation, which
Aditya,
First of all, the dialog spoofing issue still works in Google Chrome and
it has not been patched.
I'm not surprised. There didn't seem to be a lot of interest in these
issues from any browser vendor when I brought them to their attention.
A lot of tests have been
conducted
Hi Tim
You can have a look at the screenshot at below mentioned link
http://www.secniche.org/goog_chr_auth_spoof.jpg
Kind Regards
Aditya
Tim wrote:
Aditya,
First of all, the dialog spoofing issue still works in Google Chrome and
it has not been patched.
I'm not surprised.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:160
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02056045
Version: 3
HPSBST02536 SSRT100057 rev.3 - HP StorageWorks Storage Mirroring, Local
Unauthorized Access
NOTICE: The information in this Security Bulletin should be acted upon as soon
ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-159
August 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
Autonomy
-- Affected Products:
IBM Lotus Notes
Autonomy KeyView
allegedly, it's that time of the month again...
as all our speakers are either dying from strep throat having spent more
hours than is medically advisable in the company of desert heat and/or
air conditioning, or are sunning themselves on some far away beach where
dc4420 is the last thing on
What is WinAppDbg?
==
The WinAppDbg python module allows developers to quickly code instrumentation
scripts in Python under a Windows environment.
It uses ctypes to wrap many Win32 API calls related to debugging, and provides
an object-oriented abstraction layer to manipulate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
Since the dawn of our species (well 2005, if you want to be picky about
it) t2 has been granting free admission to the elite of their kind, the
winners of the t2 Challenges. Don’t be suckered in by all the cheap
imitations out there, their
19 matches
Mail list logo