iDefense Security Advisory 03.11.08
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 11, 2008
I. BACKGROUND
Microsoft Outlook provides an integrated solution for managing and
organizing e-mail messages, schedules, tasks, notes, contacts, and
other information. More information is availa
iDefense Security Advisory 03.11.08
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 11, 2008
I. BACKGROUND
Microsoft Excel is the spreadsheet application that is included with
Microsoft Corp's Office productivity software suite. More information
is available at the following website.
iDefense Security Advisory 03.11.08
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 11, 2008
I. BACKGROUND
Microsoft Excel is the spreadsheet application that is included with
Microsoft Corp's Office productivity software suite. More information
is available at the following website.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1515-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Florian Weimer
March 11, 2008
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-20
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200803-19
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory
Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-008
March 11, 2008
-- CVE ID:
CVE-2008-0113
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Office Excel Viewer
-- TippingPoint(TM)
I had to post this, this is actually my first post. You guys need
to check this out, Muts the main creator of the backtrack live
distro is starting to hold in person classes at a few locations
around the US.
http://www.offensive-security.com/ilt.php
I took his online course and its amazing. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs
Timbuktu Pro Remote Path Traversal and Log Injection
*Advisory Information*
Title: Timbuktu Pro Remote Path Traversal and Log Injection
Advisory ID
Summary
Name: Adobe LiveCycle Workflow XSS Vulnerability
Release Date: 11 March 2008
Reference: LSD002-2008
CVE Number: CVE-2008-1202
Discover: Dave Lewis
Vendor: Adobe Systems
Product: LiveCycle Workflow 6.2 Management Web Interface
Systems Affected: version 6.2 (as tested)
NB. Other versions may
___
Rapid7 Security Advisory
Visit http://www.rapid7.com/ to download NeXpose,
SC Magazine Winner of Best Vulnerability Management product.
___
[Forwarded from DailyDave]
Here's another shellcode paper for people who like that sort of thing:
It's good, although it will be swarms of people asking about SILICA. A
year from now it will fail on certain 2k/XP configurations with a
particular thread and just hard-kill it.
Anyways, this is just
<[EMAIL PROTECTED]> wrote:
> http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=589
"Motorola Inc. has addressed this vulnerability by releasing version
8.6.5 of Timbuktu Pro for Windows. For more information, consult the
release notes at the following URL."
I have tested versio
>
> Luigi Auriemma
>
> Application: Timbuktu Pro Remote Control Software
> [...snip...]
> -
> B] limited upload directory traversal
> -
> [...snip...]
> Currently I
Advisory: Remote Command Execution in Mapbender
During a penetration test RedTeam Pentesting discovered a remote command
execution vulnerability in Mapbender. An unauthorized user can create
arbitrary PHP-files on the Mapbender webserver, which can later be
executed.
Details
===
Product: Ma
Advisory: SQL-Injections in Mapbender
During a penetration test RedTeam Pentesting discovered multiple
SQL-Injections in Mapbender. A remote attacker is able to execute
arbitrary SQL commands and therefore can get e.g. valid usernames and
password hashes of the Mapbender users.
Details
===
Monitoring last week's IFRAME injection attack at high page rank-ed
sites, reveals a simple truth, that persistent simplicity seems to
work. The attack is still ongoing, this time successfully injecting a
multitude of new domains into Wired Magazine, and History.com's search
engines, which are agai
17 matches
Mail list logo