ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability

ZDI-10-063: Mozilla Firefox Cross Document DOM Node Moving Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-063 April 5, 2010 -- CVE ID: CVE-2010-1121 -- Affected Vendors: Mozilla Firefox -- Affected Products: Mozilla Firefox 3.6.x -- TippingPoint(TM) IPS

ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities

ZDI-10-062: Novell Netware NWFTPD RMD/RNFR/DELE Argument Parsing Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-062 April 5, 2010 -- CVE ID: CVE-2010-0625 -- Affected Vendors: Novell -- Affected Products: Novell Netware -- TippingPoint(TM) IPS

Vulnerabilities in TAK cms

Hello Bugtraq! I want to warn you about security vulnerabilities in TAK cms. It's Ukrainian commercial CMS. - Advisory: Vulnerabilities in TAK cms - URL: http://websecurity.com.ua/4050/ - Timeline: 04.02.2009 -

[SECURITY] [DSA 2029-1] New imlib2 packages fix arbitrary code execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-2029-1secur...@debian.org http://www.debian.org/security/ Nico Golde April 5th, 2010

Miranda TLS MitM with XMPP/Jabber protocol

The Miranda IM instant messaging software silently falls back to unencrypted connections if a Jabber/XMPP server does not report that it supports TLS, even if Use TLS is checked. This allows an active attacker to perform MitM attacks on Jabber/XMPP connections which the user assumes to be

Hack.lu 2010 CfP

Call for Papers Hack.lu 2010 The purpose of the hack.lu convention is to give an open and free playground where people can discuss the implication of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet each

CA20100406-01: Security Notice for CA XOsoft

-BEGIN PGP SIGNED MESSAGE- CA20100406-01: Security Notice for CA XOsoft Issued: April 6, 2010 CA's support is alerting customers to multiple security risks with CA XOsoft products. Multiple vulnerabilities exist that can allow a remote attacker to gain sensitive information, cause a

ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities

ZDI-10-065: CA XOsoft xosoapapi.asmx Multiple Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-065 April 6, 2010 -- CVE ID: CVE-2010-1223 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates XOsoft High Availability Computer

MITKRB5-SA-2010-003 [CVE-2010-0629] denial of service in kadmind in older krb5 releases

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 MITKRB5-SA-2010-003 MIT krb5 Security Advisory 2010-003 Original release: 2010-04-06 Last update: 2010-04-06 Topic: denial of service in kadmind in older krb5 releases CVE-2010-0629 denial of service in kadmind in older krb5 releases CVSSv2

ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability

ZDI-10-066: CA XOsoft Control Service entry_point.aspx Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-066 April 6, 2010 -- CVE ID: CVE-2010-1223 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates XOsoft High Availability

[SECURITY] [DSA 2030-1] New mahara packages fix sql injection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA-2030-1secur...@debian.org http://www.debian.org/security/ Nico Golde April 6th, 2010

ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability

ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-067 April 6, 2010 -- CVE ID: CVE-2010-0529 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPoint(TM) IPS Customer Protection: TippingPoint