On 9/12/2010 4:43 PM, paul.sz...@sydney.edu.au wrote:
Firefox's interpretation of the same-origin policy is more strict than
most other browsers, and it affects how fonts are loaded with the
@font-face CSS directive. ...
There is a solution to this, however, if you manage the
fwd for FD
-
Mac OS X 10.6 Security Configuration Guide - Link Posted on NSA's IA Guidance
Portal
I am very pleased to announce the immediate availability of the much
anticipated Security Configuration Guide for Mac OS X 10.6 at the NSA
Information Assurance / Security Guidance
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-2097-2 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
September 11, 2010
Christian Sciberras wrote:
I can't take THAT seriously. At least not all of it.
The part that interested me most:
4. Should I find such vulnerability in many applications as I can?
You should not. It's just a waste of time and your energy. Focus on most
popular application
==
Secunia Research 13/09/2010
- MailEnable SMTP Service Two Denial of Service Vulnerabilities -
==
Table of Contents
Affected
The game this year is entitled Capture the Captcha!
A Captcha is a type of challenge-response test used in computing to
ensure that the response is not generated by a computer. It is a
contrived acronym for Completely Automated Public Turing test to tell
Computers and Humans Apart.
The process
DLL Hijacking is highly effective in combination with use of Social
Engineering Toolkit.
Isn't *any* mechanism for code execution going to be effective with the use
of social engineering? I mean, isn't that what we've known for years, that
the weakest component of any security system is the
Hello Full-Disclosure!
I want to warn you about DLL Hijacking vulnerability in Opera. As I wrote in
Saturday in my post DLL Hijacking in different browsers
(http://websecurity.com.ua/4522/), besides Mozilla Firefox (which was fixed
in version 3.6.9) there is also vulnerable such browser as Opera.
ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-169
September 1, 2010
-- CVSS:
9, (AV:N/AC:L/Au:S/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Netware
-- Vulnerability Details:
This
It was reported on 24th August already
http://www.exploit-db.com/exploits/14732/
It takes only a few seconds to check it
http://secunia.com/advisories/41083/
Juha-Matti
MustLive [mustl...@websecurity.com.ua] wrote:
Hello Full-Disclosure!
I want to warn you about DLL Hijacking vulnerability
ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-170
September 13, 2010
-- CVE ID:
CVE-2010-1806
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple WebKit
--
ZDI-10-171: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-171
September 13, 2010
-- CVE ID:
CVE-2010-3167
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected
ZDI-10-172: Mozilla Firefox tree Object Removal Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-172
September 13, 2010
-- CVE ID:
CVE-2010-3168
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla
ZDI-10-173: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-173
September 13, 2010
-- CVE ID:
CVE-2010-2760
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected
Isn't *any* mechanism for code execution going to be effective with the use
of social engineering? I mean, isn't that what we've known for years, that
the weakest component of any security system is the users?
Yes, we know. Don't get us wrong. We're not telling Social Engineering.
We're
Hello,
Next Friday I will be running a web-based challenges contest. Winner will
be awarded with the new iPod touch from Apple. Thanks to Hispasec Sistemas
(you probably know them as the makers of VirusTotal service) from
sponsoring the prize.
Full info (registration currently open):
ZDI-10-176: Mozilla Firefox normalizeDocument Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-176
September 13, 2010
-- CVE ID:
CVE-2010-2766
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
Mozilla
ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-174
September 13, 2010
-- CVE ID:
CVE-2010-3007
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
18 matches
Mail list logo
