Posts Tagged ‘Vulnerabilities’

BASE – 3 Persistent Cross Site Scripting Vulnerabilities

May 30th, 2009
by invalid string.
No comments yet

BASE – 3 Persistent Cross Site Scripting Vulnerabilities

Posted by Jabra on May 30

BASE, a well known Snort Frontend has 3 Persistent Cross Site Scripting Vulnerabilities.
For those who don’t know, Cross-Site Scripting allows the attacker to inject Javascript to modify the functionality of the webpages. Since this vulnerability exists in [...]

An Avenue for Cyberterrorism?, (Sat, May 30th)

May 30th, 2009
by invalid string.
No comments yet

Embedded Devices: An Avenue for Cyberterrorism?, (Sat, May 30th)

There has been growing concern with the security of embedded devices as they continue to proliferate in several industries. This is caused by a confluence of several issues that makes for a difficult problem to solve.

First, these devices more and more rely on commodity operating [...]

VMware fixes security bugs

May 29th, 2009
by invalid string.
No comments yet

VMware fixes security bugs

VMware has released fixes for multiple vulnerabilities in several of its products, including VMware Workstation, Player, ACE, Server, Fusion, ESX and ESXi. One of the vulnerabilities was caused by an error in the VMware Descheduled Time Accounting driver, which could open a way for hackers to launch a denial-of-service attack in Windows-based [...]

VMWare Patches Released, (Fri, May 29th)

May 29th, 2009
by invalid string.
No comments yet

VMWare Patches Released, (Fri, May 29th)

Patches were released yesterday to fix a DoS vulnerability and potential arbitrary code execution. Here are the two vulnerabilities: 1. VMWare Descheduled Time Accounting driver: The issue affects the VMWare Descheduled Time Accounting driver and can cause a denial of service in Windows based virtual machines on the vulnerable [...]

Achievo Multiple Cross Site Scripting Vulnerabilities

May 28th, 2009
by invalid string.
No comments yet

Vuln: Achievo Multiple Cross Site Scripting Vulnerabilities

Achievo Multiple Cross Site Scripting Vulnerabilities
URL: http://www.securityfocus.com/bid/35140

[InterN0T] AMember 3.1.7 – Multiple Vulnerabilities

May 28th, 2009
by invalid string.
No comments yet

Bugtraq: Re: [InterN0T] AMember 3.1.7 – Multiple Vulnerabilities

Re: [InterN0T] AMember 3.1.7 – Multiple Vulnerabilities
URL: http://www.securityfocus.com/archive/1/503877

quotMIMEContent-Type-Sniffingquot Issues in Image Uploads in Forum Scripts

May 28th, 2009
by invalid string.
No comments yet

Survey: quotMIMEContent-Type-Sniffingquot Issues in Image Uploads in Forum Scripts

Posted by Jacques Copeau on May 28

Survey: "MIME/Content-Type-Sniffing" Issues in Image Uploads in Forum Scripts Author: Jacques Copeau
Abstract ==================================================== Internet Explorer, especially versions 7 and 6, can be tricked to treat images as html, opening XSS vulnerabilities in…
URL: http://seclists.org/fulldisclosure/2009/May/0255.html

Drupal Embedded Media Field Module Create Content Multiple HTML Injection Vulnerabilities

May 27th, 2009
by invalid string.
No comments yet

Vuln: Drupal Embedded Media Field Module Create Content Multiple HTML Injection Vulnerabilities

Drupal Embedded Media Field Module Create Content Multiple HTML Injection Vulnerabilities
URL: http://www.securityfocus.com/bid/35131

libsndfile Audio Data Multiple Denial Of Service Vulnerabilities

May 27th, 2009
by invalid string.
No comments yet

Vuln: libsndfile Audio Data Multiple Denial Of Service Vulnerabilities

libsndfile Audio Data Multiple Denial Of Service Vulnerabilities
URL: http://www.securityfocus.com/bid/35126

[InterN0T] AdPeeps 8.5d1 – XSS and HTML Injection Vulnerabilities

May 27th, 2009
by invalid string.
No comments yet

Bugtraq: [InterN0T] AdPeeps 8.5d1 – XSS and HTML Injection Vulnerabilities

[InterN0T] AdPeeps 8.5d1 – XSS and HTML Injection Vulnerabilities
URL: http://www.securityfocus.com/archive/1/503855

BlackBerry patches PDF flaws

May 27th, 2009
by invalid string.
No comments yet

BlackBerry patches PDF flaws

Research In Motion on Tuesday issued a security software update to address multiple vulnerabilities that exist in the PDF Distiller of the BlackBerry Attachment Service component in BlackBerry Enterprise Server. Because of these vulnerabilities, an attacker could create a malicious PDF file, which when opened on a BlackBerry smartphone, could corrupt memory [...]

Twitter API ripe for abuse by web worms

May 26th, 2009
by invalid string.
No comments yet

Twitter API ripe for abuse by web worms

A security researcher is warning that the Twitter API can be trivially abused by hackers to launch worm attacks.
The red-hot social networking/microblogging service has been scrambling to plug cross-site scripting and other Web site vulnerabilities to thwart worm attacks but, as researcher Aviv Raff points out, it¡¦s much [...]

RoomPHPlanning Multiple Vulnerabilities

May 26th, 2009
by invalid string.
No comments yet

Vuln: RoomPHPlanning Multiple Vulnerabilities

RoomPHPlanning Multiple Vulnerabilities
URL: http://www.securityfocus.com/bid/35110

Threatscape Report – May 2009 Edition

May 26th, 2009
by invalid string.
No comments yet

Threatscape Report – May 2009 Edition

The following statistics are compiled from Fortinet’s FortiGate network security appliances and intelligence systems for the period April 21st – May 20th, 2009.

Table of Contents:

Exploits and Intrusion Prevention

Top 10 Exploitations & Regions
New Vulnerability Coverage

Malware Today

Top 10 Variants
Regions & Volume

Spam and Email Threats

Spam Rate & Regions
Top 3 In The Wild

Crawling the [...]

Graphiks MyForum Login Multiple SQL Injection Vulnerabilities

May 25th, 2009
by invalid string.
No comments yet

Vuln: Graphiks MyForum Login Multiple SQL Injection Vulnerabilities

Graphiks MyForum Login Multiple SQL Injection Vulnerabilities
URL: http://www.securityfocus.com/bid/35096

← Earlier Posts