FontForge .BDF Buffer Overflow
FontForge version 0.0.20100501-2 is vulnerable to a .bdf file font file stack-based buffer overflow vulnerability.
View ArticleHP Security Bulletin HPSBUX02608 SSRT100333
HP Security Bulletin HPSBUX02608 SSRT100333 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These...
View ArticleZero Day Initiative Advisory 10-283
Zero Day Initiative Advisory 10-283 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. Authentication is not required to exploit this...
View ArticleZero Day Initiative Advisory 10-284
Zero Day Initiative Advisory 10-284 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENWorks. Authentication is not required to exploit this...
View ArticleZero Day Initiative Advisory 10-285
Zero Day Initiative Advisory 10-285 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Desktop Management. Authentication is not...
View ArticleSecunia Security Advisory 42569
Secunia Security Advisory - Fedora has issued an update for firefox and xulrunner. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site...
View ArticleSecunia Security Advisory 42568
Secunia Security Advisory - Fedora has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.
View ArticleSecunia Security Advisory 42573
Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and...
View ArticleSecunia Security Advisory 42346
Secunia Security Advisory - Two weaknesses and some vulnerabilities have been discovered in SilverStripe, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose...
View ArticleSecunia Security Advisory 42492
Secunia Security Advisory - Some vulnerabilities with an unknown impact have been reported in Adobe Photoshop.
View ArticleSecunia Security Advisory 42626
Secunia Security Advisory - A vulnerability has been reported in Lotus Mobile Connect, which can be exploited by malicious people to conduct cross-site scripting attacks.
View ArticleSecunia Security Advisory 42486
Secunia Security Advisory - Multiple vulnerabilities have been reported in Orion Network Performance Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks.
View ArticleACROS Security Problem Report 2010-12-14.1
ACROS Security Problem Report #2010-12-14-1 - A binary planting vulnerability in Windows Address Book and Windows Contacts allows local or remote (even Internet-based) attackers to deploy and execute...
View ArticleRealPlayer RealMedia Data Handling Heap Overflow
VUPEN Vulnerability Research Team discovered three critical vulnerabilities in RealPlayer. These vulnerabilities are caused by heap overflow errors when handling malformed RealMedia data, which could...
View ArticleHonggfuzz CLI Fuzzer 0.1
Honggfuzz is a general-purpose, easy-to-use fuzzer with interesting analysis options. Given a starting corpus of test files, Honggfuzz supplies and modifies input to a test program and utilizes the...
View ArticleiDEFENSE Security Advisory 2010-12-14.1
iDefense Security Advisory 12.14.10 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the...
View ArticleslickMsg 0.7-alpha Cross Site Scripting
slickMsg version 0.7-alpha suffers from a cross site scripting vulnerability.
View ArticleGoogle Urchin 5.7.03 Local File Inclusion
Google Urchin version 5.7.03 suffers from a local file inclusion vulnerability.
View ArticleBlogCFC Cross Site Scripting
BlogCFC suffers from multiple cross site scripting vulnerabilities.
View ArticleRealPlayer RA5 Data Handling Heap Overflow Vulnerability
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by...
View ArticleUSBsploit 0.5
USBsploit is a proof of concept that will generate Reverse TCP backdoors (x86, x64, all ports) and malicious LNK files. USBsploit works through Meterpreter sessions with a light (27MB) modified version...
View ArticleInternet Explorer CSS SetUserClip Memory Corruption
This Metasploit module exploits a memory corruption vulnerability within Microsoft's HTML engine (mshtml). When parsing an HTML page containing a specially crafted CSS tag, memory corruption occurs...
View ArticleBotan C++ Crypto Algorithms Library 1.9.12
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate...
View ArticleOpenBSD IPSEC Backdoored
Theo de Raadt has received a mail stating that the IPSEC stack in OpenBSD may have been backdoored since the year 2000 thanks to the FBI.
View Article
