Unintended Consequences: Seven Years under the DMCA - This document collects a number of reported cases where the anti-circumvention provisions of the DMCA have been invoked not against pirates, but against consumers, scientists, and legitimate competitors.
9b4867ac6e0d711e6186f442c0e61ee8a8772a69c991704e1f8c49ac85df8787
Google reader is supposed to display only those contents which the user has subscribed to however two vulnerabilities has been identified which may allow an attacker to entice it's victim (using google reader service) to view unwanted web contents carrying malicious payloads.
7b5cfc8166efe4aad445c202f3c534911b697134b00dbe62e5e065872e8c800a
Microsoft Internet Explorer DBCS Remote Memory Corruption Vulnerability: This vulnerability affects systems that use Double-Byte Character Sets. Systems that are affected are Windows language versions that use a Double Byte Character Set language. Examples of languages that use DBCS are Chinese, Japanese, and Korean languages. Customers using other language versions of Windows might also be affected if "Language for non-Unicode programs" has been set to a Double Byte Character Set language.
9928b78c2e165f8d0be66728788d0d369520d36f2e3f50b6f0342f762ba5d58c
GMail and Google Groups are vulnerable to an cross site scripting (XSS) attack due to their reliance on Content-Disposition to provide separation between the HTML file download and application scopes.
36c3caf867d3ffaeb99e710551c40b989b1ec886d122466cd3668d577cdf5d67
Microsoft Internet Explorer Content-Disposition HTML File Handling Flaw
574a829b559c4c5a3baadc376478a5b2bd98146b0176aa0b1c002faa78f2dace
Oracle versions 9.2.0.0-10.2.0.3 suffer from an unpatched vulnerability which allows users with SELECT only privileges on a base table to insert/update/ delete data via a specially crafted view.
52fce6051885e4c90f88131ef99b44526f5d4aaf91684d6e8bede57d2e41a144
It is possible to bypass the open_basedir restriction in PHP 4.4.2 and 5.1.2 by using the tempnam() function.
f538262704c21a70a6e2d64df6548a15f178d6808a99ab84feba29ddc913d87f
It is possible to crash php and possibly apache by using a recursive function call. Tested on PHP 4.4.2 and 5.1.2.
629e887103a607ea88675761f74bad078c61e2d2c8db6ebab560d5d9890a5b87
PHP 4.4.2 and 5.1 allows for a safe mode bypass via the copy() function.
e61c4b8601115e3b07ad0f6eb72b0832ffcff46804cbfef6a2c12db9fdcc6a03
phpinfo() in PHP 5.1.2 and 4.4.2 suffers from a XSS vulnerability.
9955b8c58a297e95b17dd458fac33b5f9fdec78ea074960b389f9b29b3c05c08
Overflow.pl Security Advisory #5 - Clam AntiVirus Win32-UPX Heap Overflow: Remote exploitation of an integer overflow vulnerability could allow execution of arbitrary code or cause denial of service.
a079b9e2c3c8cd3397a0b0dcf893077f32ec7c922641600173613bedb7dccf63
PHP121 Instant Messenger versions less than or equal to 1.4 remote commands execution exploit.
4f500420ae021a12f0c97b72682ef7dc378e59151587d6457602e17d599689fe
Sphider versions less than or equal to 1.3 remote file inclusion exploit.
1d87ea3e22a1f16c087df435b92e9cffdcd916d065e20b1073384c7074645933
PHPList versions less than or equal to 2.10.2 remote command execution exploit. Requires register_globals to be on.
ed08f2e6861b32d6f2d0788d7ce4eaeacb13c209f65ee7b01c880b309f350f3a
phpBB remote command execution exploit. Requires administrative access on the forum. Tested on 2.0.12, 2.0.13, 2.0.19.
f009df4e0f190e91ba722fdf1f0317ec936d8de0bc6de12914478646cc8e6945
PhpOpenChat 3.0.x and ADODB versions less than 4.70 SQL injection exploit. Requires a blank mysql root password.
52e060638d3b695d7178ecc602a375536408442e2504a9b0d5ba9ff349dd7426
Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in Adobe Document Server for Reader Extensions, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks, or by malicious people to gain knowledge of sensitive information or conduct cross-site scripting attacks.
9a62766fd2ab38c607cb1dcd701fdc5ce9bf0f41b32560a42c71e4887865b9f4
Secunia Security Advisory - A security issue has been reported in NetBSD, which can weaken certain security features.
8d1fc904126dcb25d4249126aa9f7ec22c10e54b35da14058bd39af52843d816
Secunia Security Advisory - A security issue has been reported in Sybase EAServer, which can be exploited by malicious, local users to disclose sensitive information.
2d80e1eb090995f82038f96243aa73e3b2a6c6fe52ee3edfad8c06bb9e0380f2
Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
3f2b15645bc76ff146839678164992fe688df5de8cbba2fc2ae9bb483cba9729
Secunia Security Advisory - A vulnerability has been reported in NetBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
cba055d5fef8b0cfbec74e801de9c3cfa2846305961e125afbf1a2c8a0f65a8b
Secunia Security Advisory - Debian has issued an update for horde3. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks, and by malicious people to disclose sensitive information or compromise a vulnerable system.
20f798285d47c24aebc9b504e9a865e8c6010e9a702deda263a92515b8a3dc41
Secunia Security Advisory - A vulnerability has been reported in Adobe LiveCycle Workflow and Adobe LiveCycle Form Manager, which can be exploited by malicious users to bypass certain security restrictions.
b4d0aa81af1bf252034a787ddba0097cb697f97d185fcdd920aafdb908afa9d4
Secunia Security Advisory - benozor77 has discovered a vulnerability in Aweb's Banner Generator, which can be exploited by malicious people to conduct cross-site scripting attacks.
54e221af0519a3f82560aba2a2bd65ca18d314bd21bf517879da9251c7b5e031
Secunia Security Advisory - mj has reported a vulnerability in Plone, which can be exploited by malicious people to manipulate certain information.
89cd4bb45f827229f9fc532b4fc63bd99184586f4a9cf554e5c8c11684185be9