Showing 1 - 7 of 7

Files Date: 2013-05-10 to 2013-05-11

RSA Authentication Agent 7.1 Cross Site Scripting: Posted May 10, 2013; Site emc.com; A cross site scripting vulnerability could be potentially exploited by a malicious attacker for conducting scripting attacks in RSA Authentication Agent. The vulnerability could be exploited by getting an authenticated user to click on specially-crafted links that a malicious attacker can embed within an e-mail message, web page, or other source. This may lead to execution of malicious html requests or scripts in the context of the authenticated user.; tags | advisory, web, xss; advisories | CVE-2013-0942; SHA-256 | 60c2408d2fe62788b2cbc510da0866dd0087c1d236f7ee0f72f7e8c309d66045; Download | Favorite | View

Apache Tomcat 7.0.39 AsyncListener RuntimeException: Posted May 10, 2013; Authored by Mark Thomas | Site tomcat.apache.org; There was a scenario where elements of a previous request may be exposed to a current request. This was very difficult to exploit deliberately but fairly likely to happen unexpectedly if an application used AsyncListeners that threw RuntimeExceptions. The issue was fixed by catching the RuntimeExceptions. Apache Tomcat versions 7.0.0 through 7.0.39 are affected.; tags | advisory; advisories | CVE-2013-2071; SHA-256 | cde648eb3c646ccc296e6a2d348bb89e68c2c0471e19b83178341c84734cf58f; Download | Favorite | View

Hacktivity 2013 Call For Papers: Posted May 10, 2013; Site hacktivity.com; The Hacktivity 2013 Call For Papers has been announced. It will be held from October 11th through the 12th, 2013 in Budapest, Hungary.; tags | paper, conference; SHA-256 | 0dd244dd954136a6ef1cb1f25cf13f79762f808fda091726afe166aa5f9766b3; Download | Favorite | View

WordPress Securimage 3.2.4 Cross Site Scripting: Posted May 10, 2013; Authored by LiquidWorm | Site zeroscience.mk; WordPress Securimage plugin version 3.2.4 suffers from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 78e5ebebeb9ae585297520432443259b68de5fd5982df5f0a234decfca3ca168; Download | Favorite | View

Apache Tomcat 7.0.29 / 6.0.36 Denial Of Service: Posted May 10, 2013; Authored by Mark Thomas | Site tomcat.apache.org; Tomcat versions 7.0.0 through 7.0.29 and 6.0.0 through 6.0.36 are affected by a chunked transfer encoding extension size denial of service vulnerability.; tags | advisory, denial of service; advisories | CVE-2013-3544; SHA-256 | 7b8a19be00ce9beba765f4af2ea6f609a46b4c63b7dc0253a2f02a2038b02112; Download | Favorite | View

Apache Tomcat 7.0.32 / 6.0.36 Session Fixation: Posted May 10, 2013; Authored by Mark Thomas | Site tomcat.apache.org; Tomcat versions 7.0.0 through 7.0.32 and 6.0.21 through 6.0.36 are affected by a session fixation vulnerability. FORM authentication associates the most recent request requiring authentication with the current session. By repeatedly sending a request for an authenticated resource while the victim is completing the login form, an attacker could inject a request that would be executed using the victim's credentials. This attack has been prevented by changing the session ID prior to displaying the login page as well as after the user has successfully authenticated.; tags | advisory; advisories | CVE-2013-2067; SHA-256 | c8f95bbcb876695ebd34e27d13ce0bb5f986515a5720bbeae4dd29d1525ffba1; Download | Favorite | View

Lan Messenger 1.2 Buffer Overflow: Posted May 10, 2013; Authored by ariarat; Lan Messenger version 1.2 suffers from a buffer overflow vulnerability.; tags | exploit, overflow; SHA-256 | 5cb457c623df5ba754d6e21eb829eba1a7d60b5a17ed00b9f696fc8e72589070; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days