Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
236 messages
starting Jul 15 11 and
ending Jul 18 11
Date index |
Thread index |
Author index
abhijeet
[Annoucement] ClubHack Magazine - Call for Articles abhijeet (Jul 15)
[Announcement] ClubHack Magazine Issue 18-July2011 Released abhijeet (Jul 12)
adam . baso
OWASP AppSec USA 2011 Pre-conference Challenge #3 - July adam . baso (Jul 25)
AppSec USA 2011 Open Source Showcase Call for Demos adam . baso (Jul 29)
adic
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure adic (Jul 21)
Aditya K Sood
CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite Aditya K Sood (Jul 15)
admin
Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 Multiple Vulnerabilities admin (Jul 11)
advisory
XSS in FlatPress advisory (Jul 04)
Multiple vulnerabilities in Open-Realty advisory (Jul 04)
IDrive Online Backup ActiveX control Insecure Method advisory (Jul 06)
[DSB-2011-01] Security Advisory FreeRADIUS 2.1.11 advisory (Jul 25)
aTube Catcher ActiveX Control Insecure Method advisory (Jul 06)
Paltalk Messenger ActiveX Control Multiple Insecure Methods advisory (Jul 15)
Redirection vulnerability in MBoard advisory (Jul 27)
Multiple XSS in GBook PHP guestbook advisory (Jul 27)
XSS in Tiki Wiki CMS Groupware advisory (Jul 20)
alberto . morenot
HTC / Android OBEX FTP Service Directory Traversal Vulnerability alberto . morenot (Jul 20)
Andrea Barisani
[oCERT-2011-001] Chyrp input sanitization errors Andrea Barisani (Jul 15)
Apple Product Security
APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 Apple Product Security (Jul 04)
APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update Apple Product Security (Jul 18)
APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update Apple Product Security (Jul 25)
APPLE-SA-2011-07-20-2 iWork 9.1 Update Apple Product Security (Jul 25)
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone Apple Product Security (Jul 25)
APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone Apple Product Security (Jul 18)
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 Apple Product Security (Jul 21)
Asterisk Security Team
AST-2011-011: Possible enumeration of SIP users due to differing authentication responses Asterisk Security Team (Jul 02)
Barry Greene
Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers Barry Greene (Jul 07)
Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations Barry Greene (Jul 07)
beford
PHP-Barcode 0.3pl1 Remote Code Execution beford (Jul 26)
Call for papers
Call for Papers: ICITST-2011 Call for papers (Jul 18)
Cantor, Scott E.
Security Advisory: CVE-2011-2516 Cantor, Scott E. (Jul 07)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jul 06)
Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Cisco Systems Product Security Incident Response Team (Jul 21)
Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Cisco Systems Product Security Incident Response Team (Jul 29)
Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Jul 21)
coderman
Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request coderman (Jul 06)
CORE Security Technologies Advisories
CORE-2011-0514: Multiple vulnerabilities in HP Data Protector CORE Security Technologies Advisories (Jul 03)
CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability CORE Security Technologies Advisories (Jul 04)
CoreTex Team
Hiding Backdoors in plain sight, again CoreTex Team (Jul 25)
cxib
NetBSD 5.1 libc/net multiple functions stack buffer overflow cxib (Jul 04)
Dan Kaminsky
Re: [Full-disclosure] Binary Planting Goes "Any File Type" Dan Kaminsky (Jul 11)
Re: [Full-disclosure] Binary Planting Goes "Any File Type" Dan Kaminsky (Jul 11)
Darren Tucker
Re: [Full-disclosure] OpenSSH 3.5p1 Remote Root Exploit for FreeBSD Darren Tucker (Jul 04)
David Mirza
Vega beta release: a new open-source web-application security assessment platform David Mirza (Jul 04)
DeepSec Conference
Reminder - DeepSec 2011 Call For Papers DeepSec Conference (Jul 18)
Delaitre, Aurelien
Static Analysis Tool Exposition (SATE) - Call for Participation Delaitre, Aurelien (Jul 15)
dennis . brunnen
Re: Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460 dennis . brunnen (Jul 03)
Digit Security Research
Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation Digit Security Research (Jul 21)
Dragos Ruiu
PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo Dragos Ruiu (Jul 29)
ehsan_hp200
Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability ehsan_hp200 (Jul 28)
WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Funnel Web (directory.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 29)
Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Funnel Web (pages.php?page) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Coherendz (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
FootBall Cms (view_table_lig.php?group) XSS Vulnerability ehsan_hp200 (Jul 27)
Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Zones Web Solution (index.php?manufacturers_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
indiacon (selloffers.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Vegetav (news_item.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 29)
Precision (products.php?cat_id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 26)
Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 28)
CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability ehsan_hp200 (Jul 25)
Web Fusion Nepal (tour.php?category) XSS Vulnerability ehsan_hp200 (Jul 28)
Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities ehsan_hp200 (Jul 28)
Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability ehsan_hp200 (Jul 27)
fb1h2s Hack 2 Secure
Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability fb1h2s Hack 2 Secure (Jul 21)
Fernando Gont
Hacking IPv6 Networks (slides) Fernando Gont (Jul 26)
Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 Fernando Gont (Jul 06)
Florian Weimer
[SECURITY] [DSA 2272-1] bind9 security update Florian Weimer (Jul 06)
gerald
Re: Wireshark 1.4.0 Malformed IKE Packet Denial of Service gerald (Jul 15)
Giuseppe Iuculano
[SECURITY] [DSA 2271-1] curl security update Giuseppe Iuculano (Jul 04)
Hafez Kamal
[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th Hafez Kamal (Jul 11)
Henri Salo
Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar Henri Salo (Jul 06)
Re: [Full-disclosure] [BMSA-2009-07] Backdoor in PyForum Henri Salo (Jul 28)
Re: SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress Henri Salo (Jul 06)
Re: in_midi multiple vulnerabilities in Winamp 5.61 Henri Salo (Jul 06)
Re: [Full-disclosure] [Bkis] sNews 1.7.1 XSS vulnerability Henri Salo (Jul 25)
HI-TECH .
Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) HI-TECH . (Jul 04)
Re: [Full-disclosure] Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) HI-TECH . (Jul 04)
Jamie Strandboge
Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request Jamie Strandboge (Jul 06)
Jeffrey Walton
Ubuntu: reseed(8), random.org, and HTTP request Jeffrey Walton (Jul 06)
Kotas, Kevin J
CA20110720-01: Security Notice for CA Gateway Security and Total Defense Kotas, Kevin J (Jul 21)
labs-no-reply
iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability labs-no-reply (Jul 15)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability labs-no-reply (Jul 21)
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability labs-no-reply (Jul 21)
Lists
Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009 Lists (Jul 20)
Luciano Bello
[SECURITY] [DSA 2276-2] asterisk regression update Luciano Bello (Jul 12)
[SECURITY] [DSA 2276-1] asterisk security update Luciano Bello (Jul 11)
[SECURITY] [DSA 2254-2] oprofile security update Luciano Bello (Jul 18)
[SECURITY] [DSA 2287-1] libpng security update Luciano Bello (Jul 28)
Luigi Auriemma
Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2 Luigi Auriemma (Jul 04)
Off-by-one in Sybase Advantage Server 10.0.0.3 Luigi Auriemma (Jul 04)
in_midi multiple vulnerabilities in Winamp 5.61 Luigi Auriemma (Jul 04)
bcksrvr format string in Sybase Adaptive Server 15.5 Luigi Auriemma (Jul 04)
Arbitrary files deletion in HP OpenView Performance Agent Luigi Auriemma (Jul 04)
Integer overflow in foobar2000 1.1.7 Luigi Auriemma (Jul 06)
bcksrvr format string in Sybase Adaptive Server 15.5 Luigi Auriemma (Jul 11)
Arbitrary files deletion in HP OpenView Communication Broker Luigi Auriemma (Jul 06)
Major Malfunction
Re: [Full-disclosure] DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 Major Malfunction (Jul 15)
DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 Major Malfunction (Jul 15)
Mango
phpMyAdmin 3.x Multiple Remote Code Executions Mango (Jul 11)
phpMyAdmin 3.x Conditional Session Manipulation Mango (Jul 25)
phpMyAdmin 3.x preg_replace RCE POC Mango (Jul 11)
Mark Thomas
[SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities Mark Thomas (Jul 15)
michal . sajdak
SA500 vulnerabilities - details michal . sajdak (Jul 27)
Michal Zalewski
Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request Michal Zalewski (Jul 07)
Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request Michal Zalewski (Jul 07)
Mitja Kolsek
Re: [Full-disclosure] Binary Planting Goes "Any File Type" Mitja Kolsek (Jul 11)
Moritz Muehlenhoff
[SECURITY] [DSA 2262-2] php5 update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2266-1] php5 security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2267-1] perl security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2268-1] iceweasel security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2288-1] libsndfile security update Moritz Muehlenhoff (Jul 29)
[SECURITY] [DSA 2273-1] icedove security update Moritz Muehlenhoff (Jul 07)
[SECURITY] [DSA 2282-1] qemu-kvm security update Moritz Muehlenhoff (Jul 25)
[SECURITY] [DSA 2270-1] qemu-kvm security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2284-1] opensaml2 security update Moritz Muehlenhoff (Jul 25)
[SECURITY] [DSA 2269-1] iceape security update Moritz Muehlenhoff (Jul 04)
[SECURITY] [DSA 2274-1] wireshark security update Moritz Muehlenhoff (Jul 11)
[SECURITY] [DSA 2283-1] krb5-appl security update Moritz Muehlenhoff (Jul 25)
Moritz Naumann
Alice (Telefonica Germany) Modem 1111 DoS + XSS Moritz Naumann (Jul 15)
Nelson Brito
Permutation Oriented Programming Nelson Brito (Jul 25)
Nico Golde
[SECURITY] [DSA 2275-1] openoffice.org security update Nico Golde (Jul 11)
[SECURITY] [DSA 2277-1] xml-security-c security update Nico Golde (Jul 11)
[SECURITY] [DSA 2285-1] mapserver security update Nico Golde (Jul 26)
Nicolas Grégoire
[Tool] DoS for OpenSLP (and others) Nicolas Grégoire (Jul 26)
noreply
[PT-2011-05] Cross-Site Scripting in Koha Library Software noreply (Jul 26)
[PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker noreply (Jul 26)
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1 noreply (Jul 26)
nospam
Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability nospam (Jul 15)
CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Disclosure and Commands Execution nospam (Jul 26)
Patrick Webster
OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability Patrick Webster (Jul 20)
pi3
Torque Server Buffer Overflow Vulnerability pi3 (Jul 15)
pierre . ernst
Spring Source OXM Remote OS Command Injection when XStream and IBM JRE are used pierre . ernst (Jul 04)
pocadm
POC2011 Call for Paper pocadm (Jul 11)
randy
Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss) randy (Jul 12)
Research@NGSSecure
NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow Research@NGSSecure (Jul 25)
NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow Research@NGSSecure (Jul 04)
NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow Research@NGSSecure (Jul 04)
NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation Research@NGSSecure (Jul 04)
NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows Research@NGSSecure (Jul 04)
NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability Research@NGSSecure (Jul 06)
RGill
Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces RGill (Jul 07)
robkraus
Foxit Reader Insecure Library Loading robkraus (Jul 21)
Rodrigo Rubira Branco (BSDaemon)
H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers Rodrigo Rubira Branco (BSDaemon) (Jul 20)
SEC Consult Vulnerability Lab
SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress SEC Consult Vulnerability Lab (Jul 04)
security
[ MDVSA-2011:116 ] curl security (Jul 25)
[ MDVSA-2011:120 ] freetype2 security (Jul 27)
[ MDVSA-2011:117 ] krb5-appl security (Jul 25)
n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow security (Jul 28)
[ MDVSA-2011:119 ] libsndfile security (Jul 25)
[ MDVSA-2011:114 ] blender security (Jul 18)
[ MDVSA-2011:118 ] wireshark security (Jul 25)
[ MDVSA-2011:112 ] blender security (Jul 18)
[ MDVSA-2011:121 ] samba security (Jul 27)
n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption security (Jul 28)
[ MDVSA-2011:115 ] bind security (Jul 20)
Security_Alert
ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability Security_Alert (Jul 27)
ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability Security_Alert (Jul 18)
ESA-2011-024: EMC Captiva eInput multiple vulnerabilities Security_Alert (Jul 27)
security-alert
[security bulletin] HPSBMU02693 SSRT100583 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS) security-alert (Jul 28)
[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS) security-alert (Jul 06)
[security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion security-alert (Jul 28)
[security bulletin] HPSBMU02690 SSRT100569 rev.1 - HP Business Availability Center (BAC) Running on Solaris and Windows, Remote Denial of Service (DoS) security-alert (Jul 11)
[security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS) security-alert (Jul 28)
[security bulletin] HPSBMA02674 SSRT100487 rev.2 - HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Remote Script Inject security-alert (Jul 07)
[security bulletin] HPSBMU02686 SSRT100541 rev.3 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code security-alert (Jul 04)
[security bulletin] HPSBUX02689 SSRT100494 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Jul 28)
[security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack security-alert (Jul 28)
[security bulletin] HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management Center User Access Manager (UAM) and Endpoint Admission Defense (EAD), Remote Execution of Arbitrary Code security-alert (Jul 04)
[security bulletin] HPSBUX02689 SSRT100494 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) security-alert (Jul 11)
Shatter
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page) Shatter (Jul 28)
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page) Shatter (Jul 28)
TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page) Shatter (Jul 28)
Slackware Security Team
[slackware-security] pidgin (SSA:2011-178-01) Slackware Security Team (Jul 03)
[slackware-security] seamonkey (SSA:2011-195-01) Slackware Security Team (Jul 15)
[slackware-security] mozilla-firefox (SSA:2011-195-02) Slackware Security Team (Jul 15)
[slackware-security] mozilla-thunderbird (SSA:2011-189-02) Slackware Security Team (Jul 11)
[slackware-security] bind (SSA:2011-189-01) Slackware Security Team (Jul 11)
spamgoeshere
phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability spamgoeshere (Jul 25)
sschurtz
Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar sschurtz (Jul 07)
Multiple Cross-Site Scripting vulnerabilities in WebCalendar sschurtz (Jul 04)
Steffen Joeris
[SECURITY] [DSA 2281-1] opie security update Steffen Joeris (Jul 21)
[SECURITY] [DSA 2280-1] libvirt security update Steffen Joeris (Jul 19)
[SECURITY] [DSA 2279-1] libapache2-mod-authnz-external security update Steffen Joeris (Jul 19)
[SECURITY] [DSA 2278-1] horde3 security update Steffen Joeris (Jul 18)
Thijs Kinkhorst
[SECURITY] [DSA 2286-1] phpmyadmin security update Thijs Kinkhorst (Jul 27)
Thilo Schulz
Two security issues fixed in ioQuake3 engine Thilo Schulz (Jul 28)
Tim Brown
Breaking the links: Exploiting the linker Tim Brown (Jul 04)
Tom Neaves
Sitecore CMS 6.4 Open URL Redirect Vulnerability Tom Neaves (Jul 29)
Tom Yu
MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] Tom Yu (Jul 06)
Trustwave Advisories
TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain Trustwave Advisories (Jul 26)
vuln
Wireshark 1.4.0 Malformed IKE Packet Denial of Service vuln (Jul 11)
Wireshark 1.6.1 Malformed IKE Packet Denial of Service vuln (Jul 28)
Williams, James K
Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Williams, James K (Jul 26)
YGN Ethical Hacker Group
Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities YGN Ethical Hacker Group (Jul 01)
Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities YGN Ethical Hacker Group (Jul 25)
ZDI Disclosures
ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability ZDI Disclosures (Jul 29)
ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability ZDI Disclosures (Jul 29)
ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 02)
ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability ZDI Disclosures (Jul 27)
ZDI-11-228: Apple ColorSync ICC Profile ncl2 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 01)
ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 03)
ZDI-11-232: HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability ZDI Disclosures (Jul 04)
ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability ZDI Disclosures (Jul 11)
ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 04)
ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Jul 21)
ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability ZDI Disclosures (Jul 11)
ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability ZDI Disclosures (Jul 12)
ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability ZDI Disclosures (Jul 04)
ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability ZDI Disclosures (Jul 28)
ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability ZDI Disclosures (Jul 18)