===
Ubuntu Security Notice USN-1108-1April 11, 2011
dhcp3 vulnerability
CVE-2011-0997
===
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu
I was recently taking a look at Konquerer and spotted an example of universal
XSS. Essentially, the error page displayed when a requested URL is not
available includes said URL. If said URL includes HTML fragments these will
be rendered. CVE-2010-2952 has been assigned to this issue.
Tim
--
Vulnerability ID: HTB22930
Reference: http://www.htbridge.ch/advisory/xss_in_webcalendar.html
Product: WebCalendar
Vendor: k5n.us ( http://www.k5n.us/ )
Vulnerable Version: 1.2.3
Vendor Notification: 29 March 2011
Vulnerability Type: XSS (Cross Site Scripting)
Risk level: Medium
Credit:
* [2011-04-11 22:07:24 +0100] Tim Brown wrote:
I was recently taking a look at Konquerer and spotted an example of universal
XSS. Essentially, the error page displayed when a requested URL is not
available includes said URL. If said URL includes HTML fragments these will
be rendered.
o
BugCON Security Conferences 2011
Safety is just a myth…!
October 5 - 7 @ Mexico City
CALL FOR PAPERS
www.bugcon.org
o
BugCON is a purely technical convention where all security researchers can show
their research, projects and ideas. The main topics for BugCON 2011 are:
* Software
Vulnerability ID: HTB22925
Reference: http://www.htbridge.ch/advisory/path_disclosure_in_plogger.html
Product: Plogger
Vendor: Plogger Team ( http://www.plogger.org/ )
Vulnerable Version: 1.0 RC1
Vendor Notification: 29 March 2011
Vulnerability Type: Path disclosure
Risk level: Low
Credit:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2218-1 secur...@debian.org
http://www.debian.org/security/Nico Golde
April 12, 2011
Dear all,
please find enclosed the call for participation for IMF 2011.
See the program at:
http://www.imf-conference.org/imf2011/program.html
The conference will take place from Tuesday, May 10th through Thursday,
May 12th in Stuttgart, Germany.
Registration Details can be found at:
###
Luigi Auriemma
Application: Microsoft HTML Help
http://www.microsoft.com
Versions: = 6.1
Platforms:Windows (any version included the latest Windows 7)
Bug: stack
Vulnerability ID: HTB22929
Reference:
http://www.htbridge.ch/advisory/multiple_path_disclosure_in_websitebaker.html
Product: WebsiteBaker
Vendor: Website Baker Org ( http://www.websitebaker2.org/ )
Vulnerable Version: 2.8.1
Vendor Notification: 29 March 2011
Vulnerability Type: Path disclosure
Vulnerability ID: HTB22928
Reference:
http://www.htbridge.ch/advisory/multiple_sql_injections_in_websitebaker.html
Product: WebsiteBaker
Vendor: Website Baker Org ( http://www.websitebaker2.org/ )
Vulnerable Version: 2.8.1
Vendor Notification: 29 March 2011
Vulnerability Type: SQL Injection
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c02267197
Version: 1
HPSBPI02656 SSRT090262 rev.1 - Certain HP Photosmart Printers, Remote
Unauthorized Access, Cross Site Scripting (XSS)
NOTICE: The information in this Security Bulletin
On Tuesday 12 April 2011 03:36:24 Vincent Danen wrote:
* [2011-04-11 22:07:24 +0100] Tim Brown wrote:
I was recently taking a look at Konquerer and spotted an example of
universal XSS. Essentially, the error page displayed when a requested
URL is not available includes said URL. If said URL
13 matches
Mail list logo