iBrowser plugin version 1.4.1 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to ibrowser.php, loadmsg.php, rfiles.php and symbols.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.
a153b7a4a47ff146d91e0d79e554e424553ad4ca1efa41e15eaa049ec8a0b46d
This is an e-book called Hacking Wifi Networks On Windows. It primarily focuses on cracking WEP.
27337d4f71becb39e2b9e4355352494736f4a9f97170b086769dab940dd0e2f9
The ZeroNights 2011 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia on the 25th of November.
54f7a0de97801f1e51a857091337fddb53bae6cb6928955482679fdf7afcd177
SAP Crystal Report Server 2008 suffers from a cross site scripting vulnerability.
5d317ae48eb94648a5577e2a7ecbcc8a552c5f1dd2741d04fd386f0cc7d2d72f
SAP NetWeaver suffers from an ipcpricing information disclosure vulnerability.
f625ce738f7a43d442cf465887a9c7c56ad9a8aaa71fb6e7ea81ef2d91773df2
Card Sharj suffers from a remote SQL injection vulnerability that allows for authentication bypass.
00174e0df37ba26c5e7d8098d60774ad35617d9cb21acffa02a1b7e1e94afc46
Adobe Reader X suffers from a sandbox bypass vulnerability.
9da44ca25607b6788dfb6efbe18fce72d3cb353aca2ee8eba8a621e745be983d
My MP3 Player version 3.0 buffer overflow exploit with DEP bypass.
b54cbd0865162eb25b5c22342efed86f3a18573bfb45a369f7c7720750c06179
Mini-Stream Ripper version 2.9.7 buffer overflow exploit with DEP bypass.
adab7efd625de89ea37ad48d9dc534b72cc56c9f5bf0af4fbf105a62532378b7
Red Hat Security Advisory 2011-1313-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise BRMS Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
bcce8533979c638668151132f981467813cec5cba502f114c265c6c93313102f
Red Hat Security Advisory 2011-1312-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
f674c959b4fadafa704f6a8f6a5d9ce06d0eff03b9fde2aa39d8272bf997d3e0
Red Hat Security Advisory 2011-1311-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
3a011bc6de5554c758d0b9fa6c9334f214bc04d0eea99bd443d11a05a1ad832e
Red Hat Security Advisory 2011-1310-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
a31bba9cc3ae91ff188a9cc9203f8da900de211d6981af12ab071393fae6af1a
Red Hat Security Advisory 2011-1309-01 - JBoss Enterprise Application Platform is the market-leading platform for innovative and scalable Java applications. JBoss Enterprise Application Platform integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam into a complete and simple enterprise solution. JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
4405b67f4aeda82db06f3d697104eafbd0885396c23ef06fdd16cc7853e83719
Red Hat Security Advisory 2011-1308-01 - JBoss Web Services Native is a web service framework included as part of JBoss Communications Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
ea964738f1be59a4557cc2b56dc3bbbea521cae78a84bed00c60d2b4417d6898
Red Hat Security Advisory 2011-1307-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
cbd71fe2dde78be667b43b0a399f1b66f17d766d8629c56c48326376cb041dad
Red Hat Security Advisory 2011-1306-01 - The jbossws-common package provides JBoss Web Services Native, a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
53a2c62ad66a1a6a43bdc577ce1ca6419fe718721d2bb3a0111dfe72aebc2b2e
Red Hat Security Advisory 2011-1305-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise SOA Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
8841a70ed396dd48e91337e711c2c99e21af87c85ce24c3935c6d6a4c1eef571