Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to conduct script insertion attacks.
6812fa55f098aeee713be71b7102e2f66b06617c93135fd1fbfcb5f5fab0781c
Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Sony CONNECT Player (SonicStage), which can be exploited by malicious people to compromise a user's system.
633bc6cea6499368e4d45e0fccb534093a1681962f9f60e0d87148d31adef1ca
Secunia Security Advisory - Luigi Auriemma has reported a vulnerability in World in Conflict, which can be exploited by malicious people to cause a DoS (Denial of Service).
a49a95916949b04fa10fc0c26252d17714395c7b26f40f70886cca5bd934f9fb
Secunia Security Advisory - 0x90 has discovered a security issue in Micro Login System, which can be exploited by malicious people to disclose sensitive information.
3324e104df37ae8a8439b83b93cb911085a1b64d53e8a0038e775b2e35092381
Secunia Security Advisory - Debian has issued an update for iceweasel. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, manipulate certain data, and potentially compromise a user's system.
7dee8ca847a9c13023dc020421443330027063e2567b529ca30886c590e99eb9
Secunia Security Advisory - Sun has acknowledged some vulnerabilities in Mozilla 1.7 for Sun Solaris, which potentially can be exploited by malicious people to compromise a user's system.
8a2d69cfe9205357b4c4a32e4dcb5e08ab812882ccb76f9b28bdf849a772789e
Secunia Security Advisory - Nortel has acknowledged a vulnerability in Business Communications Manager, which potentially can be exploited by malicious people to poison the DNS cache.
92de1d096683678e2872055e78c3c19ada2307b1bbe2a11b203c09412e951f67
All versions of RealPlayer 10 and some builds of RealPlayer 10.5 suffer from a heap overflow in the ID3 tag parsing code.
46421bbdec94678eace2f1448aa87b7317888d18e61f1d242f583bc1db79e149
Debian Security Advisory 1388-3 - The patch used to correct the DHCP server buffer overflow in DSA-1388-1 was incomplete and did not adequately resolve the problem. This update to the previous advisory makes available updated packages based on a newer version of the patch.
aa575a2ef5aed2ab88c2ec89366c596430eecb1fb84615f855448062aeb85f21
TikiWiki versions 1.9.8.1 and below suffer from a remote PHP code evaluation vulnerability.
1e448247e42b5213f25a1930d3dc3f1fbd07ce7769c7aa65080d354bf82a5b72
Secunia Security Advisory - A vulnerability has been reported in Django, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
239531467915702198504158e73a5888cdba35a74b67ca748f5f24b2bb72a569
Secunia Security Advisory - rPath has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct phishing attacks, manipulate certain data, and compromise a user's system.
c0102b05fd0443b258507f466521284e422cb330cfbf597967c54ad4f676e86e
Team SHATTER Security Alert - Oracle Database Server provides the SYS.DBMS_AQADM_SYS package that is used internally by the SYS.DBMS_AQADM package to provide procedures to manage Oracle Streams Advanced Queuing (AQ) configuration and administration information. This package contains the procedure DBLINK_INFO which is vulnerable to buffer overflow attacks. Affected versions include Oracle Database Server versions 9iR1, 9iR2 (9.2.0.7 and previous patchsets) and 10gR1.
58d76e3a0aef0c6352b4c4758f736521b656d25dc7b79ead00dce2d59a6de04b
Team SHATTER Security Alert - Oracle Database Server provides the MDSYS.SDO_CS package that contains subprograms for working with coordinate systems. This package contains the function TRANSFORM which is vulnerable to buffer overflow attacks. Affected versions include Oracle Database Server versions 8iR3, 9iR1, 9iR2 (9.2.0.6 and previous patchsets) and 10gR1 (10.1.0.4 and previous patchsets).
c1a8396a98fadf1347f49ba35e4dac43085a4c2e84bd788266f80b864f34c281
Omnistar Live suffers from a cross site scripting vulnerability.
67292beadd7560c2dab90692f7e2f9806dcc6e9822d9df3c8059a1ba90df0c36
AGTC-Membership system version 1.1a remote add administrator exploit.
0b9b008502ba04e1769466e8168120c061c7f4b6e6b26aa36cebd8b6fcf37de5
GOM Player version 2.1.6.3499 remote overflow exploit that makes use of GomWeb3.dll version 1.0.0.12. Spawns calc.exe.
906d927f7281a8d6b9f463de5a38983fe8e053fcbf3c0fe5cc7a02137c97ef19
Kodak Image Viewer code execution exploit that takes advantage of the MS07-055 TIFF vulnerability. Spawns calc.exe.
ac113a9757fdb12baa7a63fe821b53472c829b45ebe854614e258959e2d484e4
Sony CONNECT Player M3U playlist processing stack buffer overflow local exploit.
19b107d7edc7d67b224ebaa14f6fd2ba851bdbb98711f2d2ce4880a13495b6e4
Slides from the presentation Oracle Database Vault: Design Failures.
aa413dac2420e9793150ea25140ef356d8f3b5c166c5a82b88e5082a51840006
Slides from a lecture discussing Next Generation Viruses.
6cfbaacb1ce17979d011060139f0ba7bfe18bf60ee51ae17acf2c0723f1c8117
Slides from a lecture discussing Shadow Software Attacks.
9d3f365a840d4fe79ac57428f939eee876ade4b85c65af44212870259fb87bd6
Slides from a lecture given by the Technical University of Vienna Politecnico di Milano regarding AntiPhish: An Anti-Phishing Browser Plug-in based Solution.
11fdb1fd6cf3504814e13cee83b573ad2c17c0fd9b5ca17d7c6ea7217edc9c3e
Slides from a lecture discussing Writing Behind A Buffer.
67417f7ee79d3f522c2a4e3d577097a0fbf2a4fb4b71b2b080564f565d937cd5
SAXON version 5.4 is susceptible to a SQL injection vulnerability.
23411f8d6a90e9b31e57ceffd7996d568c7aa8f2fdbeaa3bac734ad639ddb4e4