what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Oracle E-Business Suite 12.1.3 XXE Injection
Posted Oct 29, 2015
Authored by Alexey Tyurin, Ivan Chalykin, Nikita Kelesis

Oracle E-Business Suite version 12.1.3 suffers from an XXE injection vulnerability in the /OA_HTML/copxml servlet.

tags | advisory, xxe
advisories | CVE-2015-4886
MD5 | 9bdd1acc097b3690a708a7ce77004558

Related Files

Secunia Security Advisory 50168
Posted Aug 9, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Chaos tool suite module for Drupal, which can be exploited by malicious users to disclose potentially sensitive information.

tags | advisory
MD5 | bc757f8e74e0e3a929d505a787d3ef24
Drupal Chaos Tool Suite 6.x / 7.x LFI / XSS
Posted Aug 9, 2012
Authored by Casey | Site drupal.org

Drupal Chaos Tool Suite (ctools) third party module versions 6.x and 7.x suffer from cross site scripting and local file inclusion vulnerabilities.

tags | advisory, local, vulnerability, xss, file inclusion
MD5 | 161cabd8e0d53da5296d440b62ec5f88
Red Hat Security Advisory 2012-1151-01
Posted Aug 8, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1151-01 - OpenLDAP is an open source suite of LDAP applications and development tools. It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security negotiation with OpenLDAP clients.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-2668
MD5 | 5dbfb3d1c36d35bcadf0a4dde97a96d0
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
MD5 | e73f64f4087f2f9eb677c4d30cf57d9d
Secunia Security Advisory 49999
Posted Aug 8, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Matthew Joyce has discovered some vulnerabilities in ConcourseSuite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
MD5 | b2a5e7f8a8d7335bfc889cf30527b4c9
Debian Security Advisory 2520-1
Posted Aug 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2520-1 - Timo Warns from PRE-CERT discovered multiple heap-based buffer overflows in OpenOffice.org, an office productivity suite. The issues lies in the XML manifest encryption tag parsing code. Using specially crafted files, an attacker can cause application crash and could cause arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-2665
MD5 | 38da5b2350a1a010763130819f9e66fd
Secunia Security Advisory 50152
Posted Aug 2, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - GBS has acknowledged a vulnerability in multiple iQ.Suite products, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service
MD5 | 4406ae9998b511447175f8010fff6318
Red Hat Security Advisory 2012-1136-01
Posted Aug 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1136-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way OpenOffice.org processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in an OpenOffice.org application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2665
MD5 | 836e4df0eda645e1b201caf1b8979e5a
Red Hat Security Advisory 2012-1135-01
Posted Aug 2, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1135-01 - LibreOffice is an open source, community-developed office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. Multiple heap-based buffer overflow flaws were found in the way LibreOffice processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in a LibreOffice application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-2665
MD5 | b5f61d962177fc0ad23893983435bde7
Debian Security Advisory 2513-1
Posted Jul 19, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2513-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1948, CVE-2012-1954, CVE-2012-1967
MD5 | f45efe0e557249aa444e41fed1beef03
Secunia Security Advisory 49942
Posted Jul 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users to manipulate certain data and by malicious people to manipulate certain data and bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 488799c05f1de067f94c2bfb19ce9637
Secunia Security Advisory 49671
Posted Jun 22, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Hitachi Command Suite products, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss
MD5 | 577944aec8eb83a23c723ba5e1dafdce
Red Hat Security Advisory 2012-0899-04
Posted Jun 20, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0899-04 - OpenLDAP is an open source suite of LDAP applications and development tools. A denial of service flaw was found in the way the OpenLDAP server daemon processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially-crafted LDAP search query that, when processed by slapd, would cause slapd to crash due to an assertion failure. These updated openldap packages include numerous bug fixes. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2012-1164
MD5 | cc6930164cf8679c98026da4d84f6815
HP Security Bulletin HPSBUX02791 SSRT100856
Posted Jun 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02791 SSRT100856 - Potential security vulnerabilities have been identified with HP-UX Apache Web Server running PHP. These vulnerabilities could be exploited remotely to execute arbitrary code, elevate privileges, or create a Denial of Service (DoS). PHP is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, arbitrary, php, vulnerability
systems | hpux
advisories | CVE-2011-4153, CVE-2012-0830, CVE-2012-0883, CVE-2012-1172, CVE-2012-1823, CVE-2012-2311
MD5 | fad626e07cd3d3ff9ea78ea3818096f8
Debian Security Advisory 2494-1
Posted Jun 14, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2494-1 - It was discovered that ffmpeg, Debian's version of the libav media codec suite, contains vulnerabilities in the DPCM codecs (CVE-2011-3951), H.264 (CVE-2012-0851), ADPCM (CVE-2012-0852), and the KMVC decoder (CVE-2011-3952).

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-3951, CVE-2011-3952, CVE-2012-0851, CVE-2012-0852
MD5 | 07b44cc2d7e4a61b0e6567294b5f306e
Secunia Security Advisory 49499
Posted Jun 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in BMC Identity Management Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | f10eaf15120bd3930cdb03a9189de2f5
ClanSuite 2.9 Shell Upload
Posted Jun 12, 2012
Authored by Adrien Thierry

ClanSuite version 2.9 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 239410758d9299d9a124141b36ad479f
Debian Security Advisory 2489-1
Posted Jun 8, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2489-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-1937, CVE-2012-1940, CVE-2012-1947
MD5 | 2c8c3fb339d6d006375ae4383bb28b44
Red Hat Security Advisory 2012-0705-01
Posted Jun 5, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0705-01 - OpenOffice.org is an office productivity suite that includes desktop applications, such as a word processor, spreadsheet application, presentation manager, formula editor, and a drawing program. An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-1149, CVE-2012-2334
MD5 | 2b488e5a4f1a6c07613cd269959708c0
libwpd WPXContentListener::_closeTableRow() Memory Overwrite
Posted May 18, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

OpenOffice.org includes the customized libwpd version 0.8.8 library for parsing WordPerfect documents. The used version of the libwpd library suffers from a memory overwrite vulnerability when reading a specially crafted WPD file. Successful exploitation of this vulnerability could result in an arbitrary code execution within the OpenOffice.org software suite.

tags | advisory, arbitrary, code execution
advisories | CVE-2012-2149
MD5 | 3ccebc2967c3d54458d31d8698a6518d
Wonderware Archestra SuiteLink Resource Consumption
Posted May 13, 2012
Authored by Luigi Auriemma | Site aluigi.org

Wonderware Archestra SuiteLink suffers from resource consumption and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
systems | linux
MD5 | 27b4027a8182b544cdd344d135d4a53b
Mandriva Linux Security Advisory 2012-073
Posted May 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-073 - A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers. The updated packages have been patched to correct this issue.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2012-2333
MD5 | 43c03f45092b5fbb61721bc76bf257e0
Apple Security Advisory 2012-05-09-1
Posted May 10, 2012
Authored by Apple | Site apple.com

Apple Security Advisory 2012-05-09-1 - OS X Lion v10.7.4 and Security Update 2012-002 is now available and addresses multiple security issues. An issue existed in the handling of network account logins. The login process recorded sensitive information in the system log, where other users of the system could read it. A temporary file race condition issue existed in blued's initialization routine. There are known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode. curl disabled the 'empty fragment' countermeasure which prevented these attacks. This issue is addressed by enabling empty fragments. A data injection issue existed in curl's handling of URLs. This issue is addressed through improved validation of URLs. This issue does not affect systems prior to OS X Lion. Various other vulnerabilities have been addressed.

tags | advisory, vulnerability
systems | apple, osx
advisories | CVE-2011-0241, CVE-2011-1004, CVE-2011-1005, CVE-2011-1167, CVE-2011-1777, CVE-2011-1778, CVE-2011-1944, CVE-2011-2692, CVE-2011-2821, CVE-2011-2834, CVE-2011-2895, CVE-2011-3212, CVE-2011-3328, CVE-2011-3389, CVE-2011-3919, CVE-2011-4566, CVE-2011-4815, CVE-2011-4885, CVE-2012-0036, CVE-2012-0642, CVE-2012-0649, CVE-2012-0651, CVE-2012-0652, CVE-2012-0654, CVE-2012-0655, CVE-2012-0656, CVE-2012-0657, CVE-2012-0658
MD5 | 9614673327dc336467f1b3577177a46e
Mandriva Linux Security Advisory 2012-070
Posted May 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-070 - A file existence disclosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.

tags | advisory, remote, local
systems | linux, mandriva
advisories | CVE-2012-1586
MD5 | 640015dbb9e334517799f9c5ccc440ea
Mandriva Linux Security Advisory 2012-069
Posted May 6, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-069 - A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run. The updated packages have been patched to correct this issue.

tags | advisory, remote, local
systems | linux, mandriva
advisories | CVE-2012-1586
MD5 | d69472912b4c9f639f947f72c301f442
Page 1 of 4
Back1234Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    1 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close