Bugtraq: by date

• RSS Feed
• About List
• All Lists

Previous period

Next period

375 messages starting Aug 02 10 and ending Aug 31 10
Date index | Thread index | Author index

Monday, 02 August

Spielothek 1.6.9 Joomla Component Multiple Blind SQL Injection Salvatore Fresta aka Drosophila
[SECURITY] [DSA 2078-1] New mapserver packages fix arbitrary code execution Nico Golde
[SECURITY] [DSA 2078-1] New kvirc packages fix arbitrary IRC command execution Moritz Muehlenhoff
2nd. OWASP Ibero-American Web-Applications Security conference (IBWAS’10) - Call for Training Carlos Serrão
Directory Traversal Vulnerability in FTP Commander Pro advisory
Directory Traversal Vulnerability in TurboFTP Server advisory
Directory Traversal Vulnerability in TurboFTP 6 Client advisory
[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities Moritz Muehlenhoff
[SECURITY] [DSA 2082-1] New gmime2.2 packages fix arbitrary code execution Moritz Muehlenhoff
[ MDVSA-2010:143 ] gnupg2 security
Directory Traversal Vulnerability in FTP Commander advisory
Directory Traversal Vulnerability in 32bit FTP Client advisory
Directory Traversal Vulnerability in FTP Commander Deluxe advisory
[SECURITY] [DSA 2081-1] New libmikmod packages fix arbitrary code execution Moritz Muehlenhoff
[DCA-0007] Quick 'n Easy FTP Server v3.2 Rodrigo Escobar
[DCA-0005] Baby POP Server DoS Rodrigo Escobar
[DCA-0006] Baby ASP Web Server DoS Rodrigo Escobar
Information Leakage and Full path disclosure vulnerabilities in WordPress MustLive
[DCA-0004] Baby FTP Server DoS Rodrigo Escobar
[DCA-0008] Quick 'n Easy WEB Server DoS Rodrigo Escobar
[SECURITY] [DSA 2083-1] New moin packages fix cross-site scripting Nico Golde

Tuesday, 03 August

[security bulletin] HPSBMA02563 SSRT100165 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
[SECURITY] [DSA 2084-1] New tiff packages fix arbitrary code execution Moritz Muehlenhoff
TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra NAS appliance Trustwave Advisories
[R7-0034] VxWorks WDB Agent Debug Service Exposure HD Moore
[DCA-00014] Dlink WBR-2310 Wireless Router DoS Rodrigo Escobar
[DCA-0003] Simple Web Server DoS Rodrigo Escobar
68KB v1.0.0rc4 Remote File Include Vulnerability g1xsystem
[DCA-0009] - NetWordDLS Finger Server Denial of Service Crash
[R7-0035] VxWorks Authentication Library Weak Password Hashing HD Moore
Re: [R7-0035] VxWorks Authentication Library Weak Password Hashing Solar Designer
[SECURITY] [DSA 2085-1] New lftp packages fix file overwrite vulnerability Sebastien Delafond
[USN-964-2] Likewise Open regression Kees Cook

Wednesday, 04 August

[SECURITY] [DSA 2087-1] New cabextract packages fix arbitrary code execution Moritz Muehlenhoff
[SECURITY] [DSA 2086-1] New avahi packages fix denial of service Moritz Muehlenhoff
Heap Offset Overflow in Citrix ICA Clients Context IS - Disclosure
Quick Easy FTP Server USER command Vulnerability 黄超毅
Fwd: {Lostmon´s Group} Safari for windows Long link DoS Lostmon lords
Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Cisco Systems Product Security Incident Response Team
Fwd: {Lostmon´s Group} K-Meleon for windows about:neterror Stack Overflow DoS Lostmon lords

Thursday, 05 August

Cisco Wireless Control System XSS Tom Neaves
[ MDVSA-2010:144 ] wireshark security
[Suspected Spam]CSRF, Information Leakage and Full path disclosure vulnerabilities in WordPress MustLive
iDefense Security Advisory 08.03.10: Citrix ICA Client ActiveX Memory Corruption Vulnerabillity iDefense Labs
[SECURITY] [DSA 2088-1] New wget packages fix potential code execution Florian Weimer
ZeusCart Ecommerce Shopping Cart Software Cross-Site scripting Vulnerability SecPod Research
Secunia Research: MantisBT "Add Category" Script Insertion Vulnerability Secunia Research
SQL injection vulnerability in BXR advisory
XSS vulnerability in Prado Portal advisory
XSS vulnerability in DT Centrepiece advisory
Directory Traversal in FTP Explorer advisory
Directory Traversal in FTP Rush advisory
XSS vulnerability in DiamondList advisory
XSRF (CSRF) in DiamondList advisory
XSS vulnerability in BXR search advisory
XSS vulnerability in Open Blog advisory
Directory Traversal in SmartFTP advisory
XSS vulnerability in DiamondList advisory
XSS vulnerability in SiteLoom CMS advisory
XSS vulnerability in Amethyst advisory
XSS vulnerability in BXR advisory
XSS vulnerability in Open blog advisory
XSRF (CSRF) in Open blog advisory
Directory Traversal in Frigate 3 built-in FTP client advisory
XSS vulnerability in BXR advisory
XSRF (CSRF) in BXR advisory
XSS vulnerability in Amethyst advisory
XSS vulnerability in Amethyst advisory
XSRF (CSRF) in Amethyst advisory
XSS vulnerability in DT Centrepiece advisory
XSS vulnerability in DT Centrepiece advisory
Application Logic Error in DT Centrepiece advisory
Application Logic Error in DT Centrepiece advisory
[security bulletin] HPSBGN02501 SSRT071407 rev.1 - HP ProCurve 1800 Switches running SNMP, Remote Disclosure of Information security-alert
[security bulletin] HPSBGN02562 SSRT090249 rev.1 - HP ProCurve Threat Management Services (TMS) zl Module J9155A and J9156A running TLS/SSL, Remote Unauthorized Data Injection, Denial of Service (DoS) security-alert
[security bulletin] HPSBGN02559 SSRT100192 rev.1 - HP ProCurve 2610 Switch In-band Agent, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBGN02561 SSRT100194 rev.1 - HP ProCurve 2610 Switches running DHCP, Remote Denial of Service (DoS) security-alert
[security bulletin] HPSBGN02560 SSRT100193 rev.1 - HP ProCurve 2626 and 2650 Switches, Remote Unauthorized Access security-alert
[USN-968-1] Dell Latitude 2110 vulnerability Kees Cook

Friday, 06 August

Vulnerabilities in Dataface Web Application Framework MustLive
ZDI-10-141: Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-142: Apple Webkit SVG First-Letter Style Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-140: Novell iPrint Client Browser Plugin operation Parameter Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-138: Novell iPrint Server Queue Name Remote Code Execution Vulnerability ZDI Disclosures
[SECURITY] [DSA-2089-1] New php5 packages fix several vulnerabilities Raphael Geissert
TPTI-10-06: Novell iPrint Client Browser Plugin ExecuteRequest debug Parameter Remote Code Execution Vulnerability ZDI Disclosures
[USN-969-1] PCSC-Lite vulnerability Kees Cook
TPTI-10-05: Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability ZDI Disclosures
ZDI-10-139: Novell iPrint Client Browser Plugin Parameter Name Remote Code Execution ZDI Disclosures
ESA-2010-013: RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision® versions prior to 3.7 SP1 security_alert
[ MDVSA-2010:145 ] libtiff security
Re: [CORE-2010-0405] Adobe Director Invalid Read Core Security Technologies Advisories
[ MDVSA-2010:146 ] libtiff security

Monday, 09 August

cgTestimonial 2.2 Joomla Component Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila
[SECURITY] [DSA 2090-1] New socat packages fix arbitrary code execution Luciano Bello
Re: Pragyan CMS 2.6.4 Multiple SQL Injection Vulnerabilities i . abhi27
QQ Computer Manager TSKsp.sys Driver Local Denial of Service Vulnerability lilf
XSS vulnerability in allinta CMS advisory
XSS vulnerability in Eden Platform advisory
SQL injection vulnerability in allinta CMS advisory
XSS vulnerability in allinta CMS advisory
SQL injection vulnerability in allinta CMS advisory
XSS vulnerability in Eden Platform advisory
XSS vulnerability in allinta CMS advisory
ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities ZDI Disclosures
Nagios XI 2009R1.2B Multiple CSRF Adam Baldwin
ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-145: Novell ZENWorks Remote Management Agent Weak Authentication Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-146: Apple Webkit Anchor Tag Mouse Click Event Dispatch Remote Code Execution Vulnerability ZDI Disclosures

Tuesday, 10 August

Teams 1_1028_100809_1711 Joomla Component Multiple Blind SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
[USN-967-1] w3m vulnerability Steve Beattie
[USN-965-1] OpenLDAP vulnerabilities Steve Beattie
Secunia Research: Windows Movie Maker String Parsing Buffer Overflow Secunia Research
ZDI-10-147: Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability ZDI Disclosures
2Wire Broadband Router Session Hijacking Vulnerability YGN Ethical Hacker Group
Cross-Site Scripting vulnerability in Mozilla Firefox, Opera and other browsers MustLive
ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability ZDI Disclosures
ToorCon 12 Call for Papers h1kari
Re: ESA-2010-013: RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision® versions prior to 3.7 SP1 Security_Alert
CORE-2010-0407: Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow CORE Security Technologies Advisories
[CORE-2010-0623] Microsoft Windows CreateWindow function callback vulnerability CORE Security Technologies Advisories
ZDI-10-149: Adobe Flash Player LocalConnection Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures

Wednesday, 11 August

iDefense Security Advisory 08.10.10: Microsoft Word RTF File Parsing Heap Buffer Overflow Vulnerability iDefense Labs
VUPEN Security Research - Microsoft Internet Explorer "boundElements" Property Use-after-free Vulnerability (CVE-2010-2557) VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer "OnPropertyChange_Src()" Use-after-free Vulnerability (CVE-2010-2556) VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer "CIframeElement" Object Use-after-free Vulnerability (CVE-2010-2558) VUPEN Security Research
VUPEN Security Research - Microsoft Internet Explorer Table Element Use-after-free Vulnerability (CVE-2010-2560) VUPEN Security Research
Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability - CVE-2010-1903 Rodrigo Branco
PR10-07: Unauthenticated File Retrieval (traversal) within ColdFusion administration console research
Collisions in PDF signatures Florian Zumbiehl
ZDI-10-150: Microsoft Office Word sprmCMajority Record Parsing Remote Code Execution Vulnerability ZDI Disclosures
Cisco Security Advisory: SQL Injection Vulnerability in Cisco Wireless Control System Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco Systems Product Security Incident Response Team
RE: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures
Secunia Research: glpng PNG Processing Two Integer Overflow Vulnerabilities Secunia Research

Thursday, 12 August

[USN-970-1] GnuPG2 vulnerability Marc Deslauriers
ZDI-10-151: Microsoft Office Word 2007 plcffldMom Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-152: Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-153: Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-154: Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability ZDI Disclosures
Secunia Research: Opera "Download" Dialog File Execution Security Issue Secunia Research
[ MDVSA-2010:148 ] pidgin security
[ MDVSA-2010:149 ] freetype2 security
[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery Luciano Bello
SQL Injection vulnerability in CMS WebManager-Pro MustLive

Friday, 13 August

Re: Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities tibor . fogler
XSRF (CSRF) in Mystic advisory
Cisco Security Advisory: Cisco IOS Software TCP Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
XSS vulnerability in Mystic advisory
XSS vulnerability in Mystic advisory
XSS vulnerability in Onyx advisory
XSS vulnerability in Onyx advisory
SQL injection vulnerability in SyntaxCMS advisory
XSS vulnerability in Edit-X CMS advisory
Directory Traversal in SoftX FTP Client advisory
XSS vulnerability in i-Web Suite advisory
SQL injection vulnerability in i-Web Suite advisory
SQL injection vulnerability in CMS Source advisory
XSS vulnerability in CMS Source advisory
XSS vulnerability in eazyCMS advisory
XSS vulnerability in eazyCMS advisory
XSS vulnerability in eazyCMS advisory
Local File Inclusion in CMS Source advisory
SQL injection vulnerability in CMS Source advisory
XSS vulnerability in CMS Source advisory
Local File Inclusion in CMS Source advisory
SQL injection vulnerability in CMS Source advisory
XSS vulnerability in CMS Source advisory
XSS vulnerability in eazyCMS advisory
[MajorSecurity SA-080]WordPress 3.0.1 - Cross Site Scripting Issue david . kurz
Secunia Research: SWFTools Two Integer Overflow Vulnerabilities Secunia Research
Re: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability Steve Shockley

Monday, 16 August

iDefense Security Advisory 08.10.10: Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability iDefense Labs
ACollab Multiple Vulnerabilities admin
Easy FTP Server v1.7.0.11 DELE, STOR, RNFR, RMD, XRMD Command Buffer Overflow Glafkos Charalambous
[ MDVSA-2010:150 ] libsndfile security
Re: XSS vulnerability in CruxCMS security curmudgeon
Re: XSS vulnerability in WebPress security curmudgeon
Re: XSS vulnerability in Theeta CMS security curmudgeon
Re: XSS vulnerability in Eden Platform security curmudgeon
Insecure secure cookie in Tornado Nam Nguyen
Jgrid 1.0 Joomla Component Local File Inclusion Vulnerability Salvatore Fresta aka Drosophila
Re: Re: Amblog 1.0 Joomla Component Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
[ MDVSA-2010:151 ] libmikmod security
XSS vulnerability in pimcore advisory
XSRF (CSRF) in CMSimple advisory
XSS vulnerability in CMSimple advisory
XSS vulnerability in CMSimple advisory
Xilisoft Video Converter Wizard 3 ogg file processing DoS praveen_recker
XSS vulnerability in CMSimple advisory
[ MDVSA-2010:153 ] apache security
[ MDVSA-2010:154 ] cabextract security
[USN-971-1] OpenJDK vulnerabilities Kees Cook
[ MDVSA-2010:152 ] apache security
CVE-2010-3014: Coda Filesystem Kernel Memory Disclosure VSR Advisories

Tuesday, 17 August

Windows Kerberos Authentication Bypass Tommaso Malgherini
CVE-2010-2234: Apache CouchDB Cross Site Request Forgery Attack Jan Lehnardt
Triologic Media Player 8 (.m3u) Local Universal Unicode Buffer Overflow [SEH] glafkos
Geolocation spoofing and other UI woes Michal Zalewski
[SECURITY] [DSA 2092-1] New lxr-cvs packages fix cross-site scripting Sebastien Delafond
[USN-973-1] KOffice vulnerabilities Jamie Strandboge
[USN-972-1] FreeType vulnerabilities Marc Deslauriers

Wednesday, 18 August

[SECURITY] [DSA 1919-2] New smarty packages fix regression Thijs Kinkhorst
Re: Geolocation spoofing and other UI woes Michal Zalewski
Medium security hole in Rekonq web browser Tim Brown
Web Tool Announcement: ismymailsecure.com Holger Rabbach
Better Security Through Sacrificing Maidens Pete Herzog
ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1) Mitja Kolsek

Thursday, 19 August

[security bulletin] HPSBST02536 SSRT100057 rev.2 - HP StorageWorks Storage Mirroring, Remote Unauthorized Access security-alert
[security bulletin] HPSBMA02424 SSRT080125 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert
MUSE v4.9.0.006 (.pls) Local Universal Buffer Overflow [SEH] glafkos
[SECURITY] [DSA 2093-1] New ghostscript packages fix several vulnerabilities Giuseppe Iuculano
NSOADV-2010-005: SonicWALL E-Class SSL-VPN ActiveX Control format string overflow NSO Research
Flock Browser 3.0.0.3989 Malformed Bookmark XSS and script insertion Lostmon lords
MUSE v4.9.0.006 (.m3u) Local Buffer Overflow Exploit glafkos

Friday, 20 August

[security bulletin] HPSBMA02477 SSRT090177 rev.5 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert
Re: ACROS Security: Remote Binary Planting in Apple iTunes for Windows (ASPR #2010-08-18-1) larry

Monday, 23 August

Re: Web Tool Announcement: ismymailsecure.com Chuck Swiger
[SECURITY] [DSA 2094-1] New Linux 2.6.26 packages fix several issues dann frazier
Ruxcon 2010 Final Call For Papers cfp
Directory Traversal in FTPGetter advisory
Nagios XI Login XSS Adam Baldwin
Directory Traversal in AutoFTP Manager advisory
Secunia Research: Novell iPrint Client "call-back-url" Buffer Overflow Vulnerability Secunia Research
Directory Traversal in 3D FTP Client advisory
phpMyAdmin 3.3.5 / 2.11.10 <= Cross Site Scripting (XSS) Vulnerability YGN Ethical Hacker Group
Re: [MajorSecurity SA-080]WordPress 3.0.1 - Cross Site Scripting Issue MustLive
[ MDVSA-2010:158 ] squirrelmail security
Biblioteca 1.0 Beta Joomla Component Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila
[Bkis-04-2010] Multiple Vulnerabilities in OpenBlog Bkis
[SECURITY] [DSA 2095-1] New lvm2 packages fix denial of service Giuseppe Iuculano
XSS vulnerability in MAXdev advisory
Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated) Aditya K Sood
Re: 2Wire Broadband Router Session Hijacking Vulnerability YGN Ethical Hacker Group
[ MDVSA-2010:155 ] mysql security
Secunia Research: Mono libgdiplus Image Processing Three Integer Overflows Secunia Research
[ MDVSA-2010:157 ] freetype2 security
[ MDVSA-2010:156 ] freetype2 security

Tuesday, 24 August

[ MDVSA-2010:159 ] gv security
Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated) Tim
[ MDVSA-2010:159 ] gv security
[ MDVSA-2010:159 ] gv security
[security bulletin] HPSBGN02569 SSRT100200 rev.1 - HP MagCloud iPad App, Remote Unauthorized Access to Data security-alert
ZDI-10-156: IBM Lotus Notes Autonomy KeyView Word Parsing Remote Code Execution Vulnerability ZDI Disclosures
Re: 2Wire Broadband Router Session Hijacking Vulnerability Mike Duncan
TPTI-10-08: Novell iPrint Client Browser PluginGetDriverFile Uninitialized Pointer Remote Code Execution Vulnerability ZDI Disclosures
[security bulletin] HPSBST02536 SSRT100057 rev.3 - HP StorageWorks Storage Mirroring, Local Unauthorized Access security-alert
ZDI-10-155: Cisco WebEx Player ARF String Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-158: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability ZDI Disclosures
Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated) Aditya K Sood
Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated) Tim
Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated) Aditya K Sood
ZDI-10-159: IBM Lotus Notes Autonomy KeyView WK3 Parsing Remote Code Execution Vulnerability ZDI Disclosures
London DEFCON - DC4420 - August meet - Wednesday 25th August 2010 Major Malfunction
[ MDVSA-2010:160 ] cacti security
WinAppDbg 1.4 is out! Mario Vilas
t2′10 Challenge to be released 2010-08-28 10:00 EEST Tomi Tuominen

Wednesday, 25 August

[SECURITY] [DSA 2096-1] New zope-ldapuserfolder packages fix authentication bypass Sebastien Delafond
[ MDVSA-2010:161 ] vte security
TPTI-10-11: Adobe Shockwave tSAC Chunk Pointer Offset Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-09: Adobe Shockwave CSWV Chunk Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-14: Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-12: Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-13: Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability ZDI Disclosures
TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-160: Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-161: Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-162: Adobe Shockwave Director rcsL Chunk Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-163: Adobe Shockwave Director tSAC Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures
ZDI-10-164: Adobe Shockwave Player Director File FFFFFF88 Record Processing Remote Code Execution Vulnerability ZDI Disclosures
Nagios XI users.php SQL Injection Adam Baldwin
iDefense Security Advisory 08.24.10: Adobe Shockwave Player Memory Corruption Vulnerability iDefense Labs
DLL hijacking on Linux Tim Brown
TeamViewer <= 5.0.8703 DLL Hijacking Exploit (dwmapi.dll) glafkos
Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta
Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach
Re: Web Tool Announcement: ismymailsecure.com Kari Hurtta
GFI WebMonitor Admin UI Remote Script Code Injection Oliver Karow
Re: Web Tool Announcement: ismymailsecure.com Holger Rabbach
Adobe Device Central CS5 DLL Hijacking Exploit (qtcf.dll) glafkos
Firefox <= 3.6.8 DLL Hijacking Exploit [dwmapi.dll] glafkos
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2881 Rodrigo Branco
[USN-977-1] MoinMoin vulnerabilities Marc Deslauriers
ZDI-10-165: Trend Micro Internet Security Pro 2010 ActiveX extSetOwner Remote Code Execution Vulnerability ZDI Disclosures
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2864 Rodrigo Branco
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2869 Rodrigo Branco
Adobe Premier Pro CS4 DLL Hijacking Exploit (ibfs32.dll) glafkos
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2880 Rodrigo Branco
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2882 Rodrigo Branco
Secunia Research: KDE Okular PDB Parsing RLE Decompression Buffer Overflow Secunia Research
Deepin TFTP Server Directory Traversal Vulnerability 黄超毅
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team
Adobe On Location CS4 DLL Hijacking Exploit (ibfs32.dll) glafkos
Adobe Illustrator CS4 DLL Hijacking Exploit (aires.dll) glafkos
ZDI-10-157: IBM Lotus Notes Autonomy KeyView Office Shape Parsing Remote Code Execution Vulnerability ZDI Disclosures
[USN-976-1] Tomcat vulnerability Marc Deslauriers
Re: WinAppDbg 1.4 is out! Aleksandr Yampolskiy
Adobe InDesign CS4 DLL Hijacking Exploit (ibfs32.dll) glafkos
Re: WinAppDbg 1.4 is out! Mario Vilas
[Positive Technologies Research] Open Source WebEngine and Web Crawler v.0.2 is out! aanisimov
Re: Web Tool Announcement: ismymailsecure.com Tim
Re: Web Tool Announcement: ismymailsecure.com Tim
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-2868 Rodrigo Branco

Thursday, 26 August

Skype <= 4.2.0.169 DLL Hijacking Exploit (wab32.dll) glafkos
Apple CoreGraphics (Preview) Memory Corruption Vulnerability - CVE-2010-1801 Rodrigo Branco
XSS vulnerability in Webmatic advisory
XSS vulnerability in Auto CMS advisory
Re: Web Tool Announcement: ismymailsecure.com Brian Behlendorf
Details of cisco-sa-20081022-asa security advisory? Fernando Gont
XSS vulnerability in Webmatic advisory
XSS vulnerability in CompuCMS advisory
SQL injection vulnerability in TCMS advisory
XSS vulnerability in TCMS advisory
SQL injection vulnerability in TCMS advisory
SQL injection vulnerability in CompuCMS advisory
Re: DLL hijacking on Linux Pavel Kankovsky
Local File Inclusion in TCMS advisory
Multiple vulnerabilities in eSitesBuilder MustLive
SQL injection vulnerability in CompuCMS advisory
XSS vulnerability in CompuCMS advisory
XSS vulnerability in CompuCMS advisory
XSRF (CSRF) in Webmatic advisory
SQL injection vulnerability in TCMS advisory
SQL injection vulnerability in TCMS advisory
SQL injection vulnerability in TCMS advisory
File Content Disclosure in TCMS advisory
SQL injection vulnerability in CompuCMS advisory
SQL injection vulnerability in CompuCMS advisory
XSS vulnerability in TCMS advisory
[HITB-Announce] HITB2010 SIGNINT Sessions Hafez Kamal
Joomla! Component com_bc Cross Script Scripting (XSS) Vulnerability YGN Ethical Hacker Group
BlastChat Chat Client Component version 3.3 <= Cross Script Scripting (XSS) Vulnerability YGN Ethical Hacker Group
ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities ZDI Disclosures
ZDI-10-166: RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability ZDI Disclosures
BugTracker.net 3.4.3 SQL Injection Mark van Tilburg

Friday, 27 August

wp-10-0001: Multiple Browser Wildcard Cerficate Validation Weakness Richard Moore
[USN-974-2] Linux kernel regression Jamie Strandboge
[USN-979-1] okular vulnerability Steve Beattie
Flash Player 9 DLL Hijacking Exploit (schannel.dll) info

Monday, 30 August

[SECURITY] [DSA 2097-1] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst
[SECURITY] [DSA 2098-1] New typo3-src packages fix several vulnerabilities Thijs Kinkhorst
[ MDVSA-2010:163 ] phpmyadmin security
Re: SQL injection vulnerability in TCMS security curmudgeon
QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll) YGN Ethical Hacker Group
Cisco Security Advisory: Cisco IOS XR Software Border Gateway Protocol Vulnerability Cisco Systems Product Security Incident Response Team
ekoparty Security Conference 2010 Announcements Federico Kirschbaum
[ MDVSA-2010:164 ] phpmyadmin security
Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll) YGN Ethical Hacker Group
Notepad++ version 5.7 Insecure DLL Hijacking Vulnerability YGN Ethical Hacker Group
Microsoft Windows wscript.exe (XP) DLL Hijacking Exploit (wshfra.dll) info
The Smarter Safer Better Seminar Series Pete Herzog
EC2ND 2010, Call for Participation Konrad Rieck
[SECURITY] [DSA 2099-1] New OpenOffice.org packages fix arbitrary code execution Martin Schulze
[0day] Apple QuickTime "_Marshaled_pUnk" backdoor param arbitrary code execution Reversemode
R7-0036: FCKEditor.NET File Upload Code Execution HD Moore
{Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS Lostmon lords
[ MDVSA-2010:165 ] libHX security
Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll) security curmudgeon
[SECURITY] [DSA 2100-1] New openssl packages fix double free Moritz Muehlenhoff

Tuesday, 31 August

[security bulletin] HPSBUX02552 SSRT100062 rev.1 - HP-UX running Software Distributor (sd), Local Privilege Increase, Unauthorized Access security-alert
[security bulletin] HPSBMA01212 SSRT5998 rev.4 - HP System Management Homepage Running PHP, Remote Denial of Service (DoS), Cross Site Scripting (XSS), Execution of Arbitrary Code security-alert
[USN-980-1] bogofilter vulnerability Marc Deslauriers
[USN-981-1] libwww-perl vulnerability Marc Deslauriers
django in combination with mod wsgi on apache on default debian and ubuntu installations does not place any bounds on the maximum size of a file upload dave b
[security bulletin] HPSBMA02571 SSRT100034 rev.1 - HP Insight Diagnostics Online Edition, Remote Cross Site Scripting (XSS) security-alert
Tortoise SVN DLL Hijacking Vulnerability nikhil_uitrgpv
[ MDVSA-2010:166 ] libgdiplus security
ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability ZDI Disclosures
ApPHP Calendar XSS - CSRF edgard . chammas
KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll) YGN Ethical Hacker Group

Previous period

Next period