ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-174
September 13, 2010
-- CVE ID:
CVE-2010-3007
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
Advisory
Microsoft Word 2003 MSO Null Pointer Dereference Vulnerability
CVE: 2010-3200
Version
Word 2003 (SP3) 11.8326.11.8324 tested on windows XP SP2/SP3
Details :
A null pointer dereference vulnerability has been noticed in MS Word.The
exception results in the MSO.dll library which fails
rPath Security Advisory: 2010-0056-1
Published: 2010-09-13
Products:
rPath Appliance Platform Linux Service 2
rPath Linux 2
Rating: Minor
Exposure Level Classification:
Remote User Non-deterministic Vulnerability
Updated Versions:
httpd=conary.rpath@rpl:2/2.2.9-4.4-1
[DCA-00016 - Nokia E72 Keyboard Password bypass]
[Software/Hardware]
- Nokia E72
[Vendor Product Description]
- Nokia E72 is a high-performance device tailor-made for seamless
business and personal communication.
[Bug Description]
- The Nokia E72 keyboard lock have a delay to validate the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2108-1 secur...@debian.org
http://www.debian.org/security/ Sébastien Delafond
Sep 14, 2010
ZDI-10-176: Mozilla Firefox normalizeDocument Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-176
September 13, 2010
-- CVE ID:
CVE-2010-2766
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla
Hello,
Next Friday I will be running a web-based challenges contest. Winner will
be awarded with the new iPod touch from Apple. Thanks to Hispasec Sistemas
(you probably know them as the makers of VirusTotal service) from
sponsoring the prize.
Full info (registration currently open):
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2010:181
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02475053
Version: 1
HPSBMA02566 SSRT100045 rev.1 - HP System Management Homepage (SMH) for Linux,
Remote Disclosure of Sensitive Information
NOTICE: The information in this Security Bulletin
===
Ubuntu Security Notice USN-987-1 September 14, 2010
samba vulnerability
CVE-2010-3069
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
Hi list
I would like to announce a new writeup, titled Cross-domain
information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11
and Firefox 4.0 Beta1.
The writeup is available in the following URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FLOCK-SA-2010-01
http://flock.com/security/
Title: A malformed favourite can bypass cross origin
protection (XSS)
Impact: Moderate
Announced on: 2010-09-09
Affected Products: Flock 3 versions prior to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FLOCK-SA-2010-02
http://flock.com/security/
Title: A malicious RSS feed can bypass cross origin
protection (XSS)
Impact: High
Announced on: 2010-09-09
Affected Products: Flock 3 versions prior to 3.0.0.4114
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FLOCK-SA-2010-03
http://flock.com/security/
Title: javascript: url with a leading NULL byte can bypass
cross origin protection (XSS)
Impact: High
Announced on: 2010-09-09
Affected Products: Flock 3 versions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FLOCK-SA-2010-04
http://flock.com/security/
Title: window.open() Method Javascript Same-Origin Policy
Violation (XSS)
Impact: High
Announced on: 2010-09-09
Affected Products: Flock 3 versions prior to
ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-177
September 14, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
-- Affected Products:
IBM Lotus Domino
-- TippingPoint(TM) IPS Customer
==
Secunia Research 14/09/2010
- Microsoft Outlook Content Parsing Integer Underflow Vulnerability -
==
Table of Contents
Affected
17 matches
Mail list logo