Microsoft Internet explorer 8 DLL Hijacking (IESHIMS.DLL)

I found this Microsoft Internet explorer 8 DLL Hijacking at Inject0r db http://inj3ct0r.com/exploits/13898 This one is a similar variant of IE 7 http://www.exploit-db.com/exploits/2929/ It can be triggered only if attackers can put a IESHIMS.DLL file in user's desktop. However, there are

chillyCMS Multiple Vulnerabilities

##www.BugReport.ir # #AmnPardaz Security Research Team # # Title:chillyCMS Multiple Vulnerabilities # Vendor: http://frozenpepper.de/ # Vulnerable Version: 1.1.3 (Latest version till now) #

Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerabilities

# Exploit Title: Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerabilities # Date: 05.09.2010 # Author: Stephan Sattler // Solidmedia # Software Link: http://www.joomla-clantools.de/downloads/doc_download/7-clantools-123.html # Version: 1.2.3 [ Vulnerability

Joomla Component Clantools version 1.5 Blind SQL Injection Vulnerability

# Exploit Title: Joomla Component Clantools version 1.5 Blind SQL Injection Vulnerability # Date: 05.09.2010 # Author: Stephan Sattler // Solidmedia # Software Link: http://joomla-clantools.de/downloads/doc_download/26-clantools-v15-fuer-joomla-15x.html # Version: 1.5 [ Vulnerability 1

Re: KeePass version 2.12 = Insecure DLL Hijacking Vulnerability (dwmapi.dll)

The fixed version KeePass 2.13 has been released. http://keepass.info/news/n100906_2.13.html But failure to describe DLL Hijacking was fixed.

nmap = 5.21 is vulnerable to Windows DLL Hijacking Vulnerability.

1. Overview nmap = 5.21 is vulnerable to Windows DLL Hijacking Vulnerability. 2. Vulnerability Description nmap passes insufficiently qualified path for the dll airpcap.dll while opening a file using nmap Timeline 27-08-2010 - Discovered Vulnerability 31-08-2010 - Disclosed at nmap-dev mailing

[ GLSA 201009-03 ] sudo: Privilege Escalation

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201009-03 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - -

Call for Papers H2HC Cancun/Mexico and H2HC Sao Paulo/Brazil

CALL FOR PAPERS - Hackers 2 Hackers Conference 7th edition The call for papers for H2HC 7th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from 27 to 28 November 2010 and this year for the first time also in Cancun, on 3 of December 2010. [ - Introduction -

[USN-983-1] Sudo vulnerability

=== Ubuntu Security Notice USN-983-1 September 07, 2010 sudo vulnerability CVE-2010-2956 === A security issue affects the following Ubuntu releases: Ubuntu 9.10 Ubuntu 10.04

XSS in Horde Application Framework =3.3.8, icon_browser.php

Hi, Horde Application Framework v3.3.8 and lower are subject to a cross site scripting (XSS) vulnerability. The icon_browser.php script fails to properly sanitize user supplied input to the 'subdir' URL parameter before printing it out as part of a HTML formatted error message. The following

H2HC São Paulo - Capture the Captcha

We would like to thank to our sponsors for making this game possible: Bonsai for hosting the game and Tenable for providing the prize! A Captcha is a type of challenge-response test used in computing to ensure that the response is not generated by a computer. It is a contrived acronym for

[ MDVSA-2010:171 ] lvm2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ___ Mandriva Linux Security Advisory MDVSA-2010:171 http://www.mandriva.com/security/

Security problems in Zenphoto version 1.3

We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this blog post, we will look into the details of a number of security problems discovered by Acunetix WVS in the popular web gallery