CORE-2009-0521 - DX Studio Player Firefox plug-in command injection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. *Advisory Information* Title: DX Studio Player Firefox plug-in command injection

CORE-2008-0826 - Internet Explorer Security Zone restrictions bypass

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Security Zone restrictions bypass 1. *Advisory Information* Title: Internet Explorer Security Zone restrictions bypass

catching up on several recently fixed bugs of note

Hi all, I am way behind on this, so I wanted to drop a quick note regarding some of my vulnerabilities recently addressed by browser vendors - and provide some possibly interesting PoCs / fuzzers to go with them: Summary : MSIE same-origin bypass race condition (CVE-2007-3091) Impact :

[USN-775-2] Quagga regression

=== Ubuntu Security Notice USN-775-2 June 09, 2009 quagga regression https://launchpad.net/bugs/384193 === A security issue affects the following Ubuntu releases: Ubuntu

FreeBSD Security Advisory FreeBSD-SA-09:11.ntpd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-09:11.ntpd Security Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-09:10.ipv6

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-09:10.ipv6 Security Advisory The FreeBSD Project Topic:

FreeBSD Security Advisory FreeBSD-SA-09:09.pipe

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 = FreeBSD-SA-09:09.pipe Security Advisory The FreeBSD Project Topic:

[SECURITY] UPDATED CVE-2008-5515 RequestDispatcher directory traversal vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Updated to add additional patches required for 5.5.x and 4.1.x CVE-2008-5515: Apache Tomcat information disclosure vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Tomcat 4.1.0 to 4.1.39 Tomcat 5.5.0 to

[security bulletin] HPSBUX02435 SSRT090059 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01762423 Version: 1 HPSBUX02435 SSRT090059 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Bypass Security Restrictions NOTICE: The information in this Security Bulletin should

FortiGuard Advisory: Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability

Microsoft Internet Explorer DHTML Handling Remote Memory Corruption Vulnerability 2009.June.09 Fortinet's FortiGuard Global Security Research Team Discovers Memory Corruption Vulnerability in Microsoft's Internet Explorer. Summary: A memory corruption vulnerability exists in the DHTML

ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability

ZDI-09-038: Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-038 June 10, 2009 -- CVE ID: CVE-2009-1530 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- Vulnerability Details: This

ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability

ZDI-09-041: Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-041 June 10, 2009 -- CVE ID: CVE-2009-1532 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- Vulnerability

FortiGuard Advisory: Apple Safari Remote Memory Corruption Vulnerability

Apple Safari Remote Memory Corruption Vulnerability 2009.June.09 Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Apple Safari. Summary: A memory corruption vulnerability exists in Apple Safari which allows a remote attacker to execute arbitrary code

ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow Vulnerability

ZDI-09-035: Microsoft Word Document Stack Based Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-035 June 10, 2009 -- CVE ID: CVE-2009-0563 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Office Word -- Vulnerability Details: This vulnerability

XM Easy Personal FTP Server HELP and TYPE command Remote Denial of Service exploit

#!usr/bin/perl -w ### # XM Easy Personal FTP Server 5.x allows remote attackers to cause a denial of service # via a HELP or TYPE command with an overly long argument. # Refer: #

[ECHO_ADV_110$2009] Firefox (GNU/Linux version) = 3.0.10 Denial Of Services

___ ___ \_ _/\_ ___ \ / | \\_ \ |__)_ /\ \//~\/ | \ |\\ \___\Y/|\ /___ / \__ /\___|_ /\___ / \/ \/ \/ \/ .OR.ID

Secunia Research: Microsoft PowerPoint Freelance Layout Parsing Vulnerability

== Secunia Research 10/06/2009 - Microsoft PowerPoint Freelance Layout Parsing Vulnerability - == Table of Contents Affected

Secunia Research: Adobe Reader JBIG2 Text Region Segment Buffer Overflow

== Secunia Research 10/06/2009 - Adobe Reader JBIG2 Text Region Segment Buffer Overflow - == Table of Contents Affected

Apple Safari cross-domain XML theft vulnerability

Hi, Safari prior to version 4 may permit an evil web page to steal arbitrary XML data cross-domain. This is accomplished by abusing a relatively obscure cross-domain access point which was completely missing a cross-domain access check. The access point in question is the document() function in

ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption Vulnerability

ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-036 June 10, 2009 -- CVE ID: CVE-2009-1529 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer -- Vulnerability Details: This