Bugtraq: by author

• RSS Feed
• About List
• All Lists

Previous period

Next period

226 messages starting Aug 14 12 and ending Aug 23 12
Date index | Thread index | Author index

abhijeet

[Announcement] ClubHack Magazine's Aug 2012 Issue Released abhijeet (Aug 14)

Adam Caudill

NeoInvoice Blind SQL Injection (CVE-2012-3477) Adam Caudill (Aug 14)

admin

Sistem Biwes Multiple Vulnerability admin (Aug 29)

advisories

Paliz CMS Full Path Disclosure Vulnerability advisories (Aug 27)

advisory

Multiple vulnerabilities in PBBoard advisory (Aug 08)
Multiple Vulnerabilities in phpList advisory (Aug 08)
Cross-Site Scripting (XSS) in Phorum advisory (Aug 29)
XSS in PrestaShop advisory (Aug 29)

Alexander Polyakov

CFP for ZeroNights conference Moscow 19-20 November 2012 Alexander Polyakov (Aug 15)

Alexander Pruss

vulnerabilities in Samsung Epic 4G Touch with 2.3.6 and probably other Samsung Galaxies Alexander Pruss (Aug 16)

Apple Product Security

APPLE-SA-2012-08-20-1 Apple Remote Desktop 3.6.1 Apple Product Security (Aug 20)

Asterisk Security Team

AST-2012-012: Asterisk Manager User Unauthorized Shell Access Asterisk Security Team (Aug 31)
AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users Asterisk Security Team (Aug 31)

beford

Chamilo 1.8.8.4 Multiple Vulnerabilities beford (Aug 27)

Cisco Systems Product Security Incident Response Team

[2.0 Update] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Aug 15)

CorryL

Ad Manager Pro v. 4 Remote FLI CorryL (Aug 23)

Daniel Correa

Dir2web3 Mutiple Vulnerabilities Daniel Correa (Aug 06)

ds . adv . pub

Internet Explorer Script Interjection Code Execution ds . adv . pub (Aug 17)

explo21ter

Exploit Title: Mihalism Multi Host v 5.0 explo21ter (Aug 27)

Fabien DUCHENE

GreHack 2012 - LAST Call For Papers (Grenoble, France) till 15th August 2012 Fabien DUCHENE (Aug 14)

Florian Weimer

[SECURITY] [DSA 2533-1] pcp security update Florian Weimer (Aug 24)
[SECURITY] [DSA 2528-1] icedove security update Florian Weimer (Aug 15)
[SECURITY] [DSA 2530-1] rssh security update Florian Weimer (Aug 15)
[SECURITY] [DSA 2535-1] rtfm security update Florian Weimer (Aug 29)
[SECURITY] [DSA 2537-1] typo3-src security update Florian Weimer (Aug 31)
[SECURITY] [DSA 2536-1] otrs2 security update Florian Weimer (Aug 31)

FreeBSD Security Advisories

FreeBSD Security Advisory FreeBSD-SA-12:05.bind FreeBSD Security Advisories (Aug 07)

fukami

29C3: Call for Participation for 29th Chaos Communication Congress fukami (Aug 03)

h1kari

ToorCon 14 Call For Papers h1kari (Aug 29)

Hafez Kamal

[HITB-Announce] HITB Magazine Issue 009 - Call for Submissions Hafez Kamal (Aug 09)

Henri Salo

Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in Jara Henri Salo (Aug 24)
Re: [Full-disclosure] XSS Vulnerabilities in LabWiki Henri Salo (Aug 24)

irist . ir

Wordpress fckeditor Arbitrary File Upload Vulnerability irist . ir (Aug 27)

Jeffrey Walton

Re: [Full-disclosure] [SE-2012-01] information regarding recently discovered Java 7 attack Jeffrey Walton (Aug 29)

Jose Carlos de Arriba

[FOREGROUND SECURITY 2012-001] Lsoft ListServ v16 (WA revision R4241) SHOWTPL parameter Cross-SIte Scripting - XSS Jose Carlos de Arriba (Aug 17)

larry Cashdollar

Another Solaris 10 Patch Cluster Symlink Attack larry Cashdollar (Aug 10)

Lists

Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 Lists (Aug 24)

lorenzo . cantoni86

[CVE-2012-3873] Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities lorenzo . cantoni86 (Aug 06)
[CVE-2012-3870] Openconstructor CMS 3.12.0 'createobject.php', 'name' and 'description' parameters Stored Cross-site Scrpting vulnerabilities lorenzo . cantoni86 (Aug 06)
[CVE-2012-3872] Openconstructor CMS 3.12.0 Multiple Reflected Cross-site Scrpting vulnerabilities lorenzo . cantoni86 (Aug 06)
[CVE-2012-3871] Openconstructor CMS 3.12.0 'data/hybrid/i_hybrid.php', 'header' parameter Stored Cross-site Scripting Vulnerability lorenzo . cantoni86 (Aug 06)

LpSolit

Security advisory for Bugzilla 4.3.3, 4.2.3, 4.0.8 and 3.6.11 LpSolit (Aug 31)

Luciano Bello

[SECURITY] [DSA 2531-1] xen security update Luciano Bello (Aug 20)

Moritz Muehlenhoff

[SECURITY] [DSA 2521-1] libxml2 security update Moritz Muehlenhoff (Aug 06)
[SECURITY] [DSA 2524-1] openttd security update Moritz Muehlenhoff (Aug 07)
[SECURITY] [DSA 2523-1] globus-gridftp-server security update Moritz Muehlenhoff (Aug 07)
[SECURITY] [DSA 2527-1] php5 security update Moritz Muehlenhoff (Aug 13)
[SECURITY] [DSA 2525-1] expat security update Moritz Muehlenhoff (Aug 07)

Netsparker Advisories

XSS Vulnerabilities in LabWiki Netsparker Advisories (Aug 22)
XSS and SQL Injection Vulnerabilities in Jara Netsparker Advisories (Aug 22)
XSS and SQL Injection Vulnerabilities in OrderSys Netsparker Advisories (Aug 22)
XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS Netsparker Advisories (Aug 22)

Nico Golde

[SECURITY] [DSA 2519-1] isc-dhcp security update Nico Golde (Aug 01)
[SECURITY] [DSA 2519-2] isc-dhcp regression Nico Golde (Aug 06)
[SECURITY] [DSA 2526-1] libotr security update Nico Golde (Aug 13)

nospam

Oracle Business Transaction Management Server FlashTunnelService WriteToFile Message Remote Code Execution nospam (Aug 07)
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution nospam (Aug 06)
Oracle Business Transaction Management Server FlashTunnelService Remote File Deletion nospam (Aug 07)

nullcon

nullcon International security conference Delhi 2012 Highlights nullcon (Aug 07)

pereira

CommPort 1.01 <= SQL Injection Vulnerability pereira (Aug 27)
MobileCartly 1.0 <= Remote Code Execution Vulnerability pereira (Aug 08)

Per Thorsheim

Last reminder for Passwords^12 : Call for Presentations Per Thorsheim (Aug 13)

research

TCExam Edit SQL Injection research (Aug 14)
Group-Office Cleartext Credentials Stored in Cookies research (Aug 14)
TCExam Edit Cross-Site Scripting research (Aug 14)
Total Shop UK eCommerce Generic Cross-Site Scripting research (Aug 14)
GIMP Scriptfu Python Remote Command Execution research (Aug 17)

Research@NGSSecure

NGS00208 Patch Notification: Moodle CMS stored XSS Research@NGSSecure (Aug 20)
NGS00330 Patch Notification: Squiz CMS Directory Traversal Research@NGSSecure (Aug 20)
NGS00242 Patch Notification: SysAid Helpdesk stored XSS Research@NGSSecure (Aug 20)
NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3 Research@NGSSecure (Aug 17)
NGS00241 Patch Notification: SysAid Helpdesk blind SQL injection Research@NGSSecure (Aug 20)

Rob Weir

CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0 Rob Weir (Aug 28)

SEC Consult Vulnerability Lab

SEC Consult SA-20120829-0 :: Symantec Messaging Gateway - Support Backdoor SEC Consult Vulnerability Lab (Aug 30)

Secunia Research

Secunia Research: Citrix Access Gateway Plug-in for Windows nsepacom ActiveX Control Buffer Overflow Secunia Research (Aug 01)
Secunia Research: Citrix Access Gateway Plug-in for Windows nsepacom ActiveX Control Integer Overflow Secunia Research (Aug 01)

security

[ MDVSA-2012:125 ] wireshark security (Aug 06)
[ MDVSA-2012:128 ] bash security (Aug 09)
[ MDVSA-2012:138 ] acpid security (Aug 17)
[ MDVSA-2012:146 ] firefox security (Aug 29)
[ MDVSA-2012:130 ] openldap security (Aug 13)
[ MDVSA-2012:129-1 ] busybox security (Aug 13)
[ MDVSA-2012:147 ] mozilla-thunderbird security (Aug 29)
[ MDVSA-2012:139 ] postgresql security (Aug 20)
[ MDVSA-2012:124 ] openoffice.org security (Aug 06)
[ MDVSA-2012:131 ] libotr security (Aug 13)
[ MDVSA-2012:074-1 ] ffmpeg security (Aug 30)
[ MDVSA-2012:127 ] libtiff security (Aug 08)
[ MDVSA-2012:111 ] krb5 security (Aug 01)
[ MDVSA-2012:143 ] python-django security (Aug 23)
[ MDVSA-2012:135 ] wireshark security (Aug 17)
[ MDVSA-2012:132 ] glpi security (Aug 15)
[ MDVSA-2012:134 ] wireshark security (Aug 17)
[ MDVSA-2012:133 ] usbmuxd security (Aug 16)
[ MDVSA-2012:123 ] libreoffice security (Aug 06)
[ MDVSA-2012:141 ] openslp security (Aug 21)
[ MDVSA-2012:142 ] gimp security (Aug 22)
[ MDVSA-2012:148 ] ffmpeg security (Aug 30)
[ MDVSA-2012:122 ] icedtea-web security (Aug 03)
[ MDVSA-2012:136 ] phpmyadmin security (Aug 17)
[ MDVSA-2012:137 ] acpid security (Aug 17)
[ MDVSA-2012:126 ] libxml2 security (Aug 08)
[ MDVSA-2012:140 ] mono security (Aug 20)
[ MDVSA-2012:129 ] busybox security (Aug 13)
[ MDVSA-2012:144 ] tetex security (Aug 28)
[ MDVSA-2012:121 ] libjpeg-turbo security (Aug 02)
[ MDVSA-2012:145 ] firefox security (Aug 29)

Security Alert

ESA-2012-039: EMC ApplicationXtender Arbitrary File Upload Vulnerability Security Alert (Aug 24)
ESA-2012-034: EMC Cloud Tiering Appliance (CTA) Authentication Bypass Vulnerability Security Alert (Aug 28)
ESA-2012-038: EMC NetWorker Format String Vulnerability Security Alert (Aug 30)
ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability Security Alert (Aug 08)

security-alert

[security bulletin] HPSB3C02809 SSRT100377 rev.1 - HP iNode Management Center, Remote Execution of Arbitrary Code security-alert (Aug 30)
[security bulletin] HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Aug 14)
[security bulletin] HPSBUX02806 SSRT100789 rev.1 - HP Serviceguard, Remote Denial of Service (DoS) security-alert (Aug 17)
[security bulletin] HPSBUX02791 SSRT100856 rev.2 - HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS) security-alert (Aug 23)
[security bulletin] HPSBMU02803 SSRT100926 rev.1 - HP Service Manager and HP Service Center Web Tier, Remote Cross Site Scripting (XSS) security-alert (Aug 14)
[security bulletin] HPSBMU02801 SSRT100879 rev.1 - HP Fortify Software Security Center, Remote Unauthenticated Disclosure of Information security-alert (Aug 14)
[security bulletin] HPSBUX02805 SSRT100919 rev.3 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities security-alert (Aug 28)
[security bulletin] HPSBMU02781 SSRT100617 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) security-alert (Aug 07)
[security bulletin] HPSBMU02798 SSRT100908 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) security-alert (Aug 06)
[security bulletin] HPSBMU02802 SSRT100923 rev.1 - HP Fortify Software Security Center, Remote Disclosure of Privileged Information security-alert (Aug 14)
[security bulletin] HPSBMU02800 SSRT100921 rev.1 - HP Service Manager and HP Service Center Server, Remote Denial of Service (DoS) security-alert (Aug 14)
[security bulletin] HPSBMU02796 SSRT100594 rev.3 - HP Operations Agent and HP Performance Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code security-alert (Aug 02)
[security bulletin] HPSBHF02804 SSRT100631 rev.1 - HP Integrity Server rx2800 i2, BL860c i2, BL870c i2, BL890c i2, Potential Denial of Service (DoS) security-alert (Aug 13)
[security bulletin] HPSBUX02806 SSRT100789 rev.2 - HP Serviceguard, Remote Denial of Service (DoS) security-alert (Aug 24)

Security Explorations

Re: [SE-2012-01] information regarding recently discovered Java 7 attack Security Explorations (Aug 29)
[SE-2012-01] New security issue affecting Java SE 7 Update 7 Security Explorations (Aug 31)
[SE-2012-01] information regarding recently discovered Java 7 attack Security Explorations (Aug 28)

Seeker Research Center

Seeker Adv MS-06 - .Net Cross Site Scripting - Request Validation Bypassing Seeker Research Center (Aug 29)

Slackware Security Team

[slackware-security] t1lib (SSA:2012-228-01) Slackware Security Team (Aug 16)
[slackware-security] emacs (SSA:2012-228-02) Slackware Security Team (Aug 17)
[slackware-security] dhcp (SSA:2012-237-01) Slackware Security Team (Aug 27)

Socket_0x03

Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability Socket_0x03 (Aug 02)

sschurtz

WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities sschurtz (Aug 10)
SaltOS 3.1 Cross-Site Scripting vulnerability sschurtz (Aug 23)

Stefan Bauer

squidGuard 1.4 - Remote Denial of Service - POC Stefan Bauer (Aug 29)

Stefan Kanthak

How well does Microsoft support (and follow) their mantra "keep your PC updated"? Stefan Kanthak (Aug 10)

Thomas D.

Re: How well does Microsoft support (and follow) their mantra "keep your PC updated"? Thomas D. (Aug 14)

Timo Warns

[PRE-SA-2012-05] Multiple heap-based buffer overflows in LibreOffice / OpenOffice Timo Warns (Aug 10)

Tomi Tuominen

t2′12: Challenge to be released 2012-09-01 10:00 EEST Tomi Tuominen (Aug 29)

VMware Security Team

VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries VMware Security Team (Aug 31)

voidloafer

apache struts2 remote code execute voidloafer (Aug 22)

Vulnerability Lab

Barracuda Appliances - Validation Filter Bypass Vulnerability Vulnerability Lab (Aug 01)
Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities Vulnerability Lab (Aug 09)
Joomla com_fireboard - SQL Injection Vulnerability Vulnerability Lab (Aug 09)
Kaspersky PM 5.0.0.164 - Software Filter Vulnerability Vulnerability Lab (Aug 01)
Nike+ Panel & Mobile App - Multiple Web Vulnerabilities Vulnerability Lab (Aug 17)
Joomla com_photo - SQL Injection Vulnerability Vulnerability Lab (Aug 06)
Social Engine v4.2.5 - Multiple Web Vulnerabilities Vulnerability Lab (Aug 17)
Flynax General Classifieds v4.0 CMS - Multiple Vulnerabilities Vulnerability Lab (Aug 14)
Barracuda SSL VPN 680 - Cross Site Scripting Vulnerabilities Vulnerability Lab (Aug 01)
ShopperPress v2.7 Wordpress - SQL Injection Vulnerability Vulnerability Lab (Aug 17)
iAuto Mobile Application 2012 - Multiple Web Vulnerabilities Vulnerability Lab (Aug 06)
7sepehr CMS 2012 - Multiple SQL Injection Vulnerabilities Vulnerability Lab (Aug 14)
ME Application Manager 10 - Multiple Web Vulnerabilities Vulnerability Lab (Aug 01)
ManageEngine OpStor v7.4 - Multiple Web Vulnerabilities Vulnerability Lab (Aug 17)
ME Mobile Application Manager v10 - SQL Vulnerabilities Vulnerability Lab (Aug 01)
Inout Mobile Webmail APP - Multiple Web Vulnerabilities Vulnerability Lab (Aug 06)
Distimo Monitor 6.0 - Multiple Cross Site Vulnerabilities Vulnerability Lab (Aug 01)
BeneficialBank Business v4.13.1 - Auth Bypass Vulnerability Vulnerability Lab (Aug 06)
Kaspersky Password Manager 5.0.0.164 - Software Filter Vulnerability Vulnerability Lab (Aug 02)
Arasism (IR) CMS - File Upload Vulnerability Vulnerability Lab (Aug 09)
ShopperPress v2.7 Wordpress - Cross Site Vulnerabilities Vulnerability Lab (Aug 17)
Joomla com_package - SQL Injection Vulnerability Vulnerability Lab (Aug 06)

Williams, James K

CA20111208-01: Security Notice for CA SiteMinder [updated] Williams, James K (Aug 28)

YGN Ethical Hacker Group

ocPoral CMS 8.x | Session Hijacking Vulnerability YGN Ethical Hacker Group (Aug 20)
ocPoral CMS 8.x | Cross Site Request Forgery (CSRF) Vulnerability YGN Ethical Hacker Group (Aug 20)

Young Jun Ko

My ROP mitigation Young Jun Ko (Aug 02)

Yves-Alexis Perez

[SECURITY] [DSA 2518-1] krb5 security update Yves-Alexis Perez (Aug 01)
[SECURITY] [DSA 2520-1] openoffice.org security update Yves-Alexis Perez (Aug 03)
[SECURITY] [DSA 2522-1] fckeditor security update Yves-Alexis Perez (Aug 06)

ZDI Disclosures

ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-175 : (0Day) HP SiteScope SOAP Call create Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-164 : (0Day) HP Intelligent Management Center img.exe Integer Wrap Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty ZDI Disclosures (Aug 17)
ZDI-12-170 : (0Day) HP Application Lifecycle Management XGO.ocx ActiveX Control Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-167 : (0Day) Novell File Reporter NFRAgent.exe VOL Tag Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-129 : Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel) ZDI Disclosures (Aug 06)
ZDI-12-171 : (0Day) Hewlett-Packard Intelligent Management Center UAM sprintf Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-132 : IBM Lotus iNotes dwa85W ActiveX Attachment_Times Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-176 : (0Day) HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-145 : Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-128 : Mozilla Firefox nsHTMLSelectElement Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-146 : Novell eDirectory RelativeToFullDN Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-168 : InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-172 : (0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-149 : Cisco AnyConnect VPN Client Verification Bypass Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-134 : IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-131 : Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-150 : Oracle Outside In XPM Processing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-165 : (0Day) HP Operations Agent for NonStop Server HEALTH Packet Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-130 : Apple QuickTime Player MP4A Uninitialized Pointer Remote Code Execution Vulnerability ZDI Disclosures (Aug 06)
ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-174 : (0Day) HP SiteScope UploadFilesHandler Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-133 : GE Proficy Historian ihDataArchiver.exe Multiple Opcode Parsing Remote Code Execution Vulnerabilities ZDI Disclosures (Aug 06)
ZDI-12-181 : Novell iPrint nipplib.dll client-file-name Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-179 : EMC ApplicationXtender Desktop Viewer AEXView ActiveX AnnoSave Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-180 : Novell ZENWorks AdminStudio ISGrid.dll ActiveX Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-163 : (0Day) HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. ZDI Disclosures (Aug 23)
ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-148 : GE Proficy Real-Time Information Portal Remote Interface Service Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-166 : (0Day) HP LeftHand Virtual SAN Appliance Unauthenticated Access Remote Command Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-154 : IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-169 : GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-173 : (0Day) HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-178 : (0Day) HP SiteScope SOAP Call update Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-137 : Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-151 : Oracle Outside In Excel File TxO Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-177 : (0Day) HP SiteScope SOAP Call loadFileContent Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)
ZDI-12-182 : EMC AppXtender WxSuperCtrl650.ocx ActiveX Control Remote Code Execution Vulnerability ZDI Disclosures (Aug 29)
ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 17)
ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability ZDI Disclosures (Aug 23)

Previous period

Next period