Bugtraq: by thread
296 messages
starting May 03 10 and
ending May 31 10
Date index |
Thread index |
Author index
- A vulnerability in Kaspersky Antivirus daniel lopez (May 03)
- Cross-Site Scripting vulnerability in Mango MustLive (May 03)
- [SECURITY] [DSA 2040-1] New squidguard packages fix several vulnerabilities Sebastien Delafond (May 03)
- Puntal (index.php) Remote File Inclusion Vulnerabilities eidelweiss (May 03)
- RE: Puntal (index.php) Remote File Inclusion Vulnerabilities Tom Walsh - lists (May 03)
- Re: Puntal (index.php) Remote File Inclusion Vulnerabilities Justin C. Klein Keane (May 04)
- <Possible follow-ups>
- Re: RE: Puntal (index.php) Remote File Inclusion Vulnerabilities donald00 (May 04)
- RE: Puntal (index.php) Remote File Inclusion Vulnerabilities Tom Walsh - lists (May 03)
- [ MDVSA-2010:089 ] gnutls security (May 03)
- XSRF (CSRF) in Zikula Application Framework advisory (May 04)
- XSRF (CSRF) in eliteCMS advisory (May 04)
- XSS in Acuity CMS advisory (May 04)
- [SECURITY] [DSA-2041-1] New mediawiki packages fix cross-site request forgery Raphael Geissert (May 04)
- [ MDVSA-2010:090 ] samba security (May 04)
- XSS in ecoCMS advisory (May 04)
- XSS in eliteCMS advisory (May 04)
- [CORE-2010-0428] Microsoft Office Visio DXF File Insertion Buffer Overflow Core Security Technologies Advisories Team (May 04)
- REC0N 2010 (MONTREAL) CFP Reminder & Preview David Mirza Ahmad (May 04)
- [ MDVSA-2010:091 ] openoffice.org security (May 05)
- Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit eidelweiss (May 05)
- Re: Knowledgeroot (fckeditor) Remote Arbitrary File Upload Exploit Frank Habermann (May 06)
- [security bulletin] HPSBMA02400 SSRT080144 rev.4 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
- SmartCMS v.2 SQL injection vulnerability Maciej Gojny (May 05)
- Vulnerabilities in t3m_cumulus_tagcloud for TYPO3 MustLive (May 05)
- [security bulletin] HPSBMA02416 SSRT090008 rev.5 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
- [CORE-2010-0427] Windows SMTP Service DNS query Id vulnerabilities Core Security Technologies Advisories (May 05)
- [security bulletin] HPSBMA02483 SSRT090257 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 05)
- KHOBE - 8.0 earthquake for Windows desktop security software www.matousec.com - Research (May 06)
- <Possible follow-ups>
- Re: KHOBE - 8.0 earthquake for Windows desktop security software noloader (May 07)
- [USN-936-1] dvipng vulnerability Marc Deslauriers (May 06)
- [USN-937-1] TeX Live vulnerabilities Marc Deslauriers (May 06)
- PCRE compile workspace overflow Michael Santos (May 06)
- [SECURITY] [DSA 2042-1] New iscsitarget packages fix arbitrary code execution Luciano Bello (May 06)
- VMSA-2010-0008 VMware View 3.1.3 addresses an important cross-site scripting vulnerability VMware Security team (May 06)
- fetchmail security announcement fetchmail-SA-2010-02 (CVE-2010-1167) ma+bt (May 06)
- [security bulletin] HPSBMA02201 SSRT071328 rev.1 - HP LoadRunner Agent on Windows, Remote Unauthenticated Arbitrary Code Execution security-alert (May 06)
- BaoFeng Storm M3U File Processing Buffer Overflow Vulnerability lilf (May 06)
- [USN-919-1] Emacs vulnerability Kees Cook (May 06)
- ZDI-10-080: HP Mercury LoadRunner Agent Trusted Input Remote Code Execution Vulnerability ZDI Disclosures (May 06)
- New web malwares attacking big hosting providers angelo (May 06)
- Re: New web malwares attacking big hosting providers Davide Canali (May 07)
- Vulnerability with Cisco ACE. A2 3.0 (probably all version) Alexis Tremblay (May 07)
- [ MDVSA-2010:092 ] cacti security (May 07)
- REZERVI (root) Remote Command Execution Vulnerability eidelweiss (May 07)
- Injection of ECShop apps. lis cker (May 07)
- XSS vulnerability in Jaws advisory (May 07)
- [Wintercore Research] Consona Products - Multiple vulnerabilities vulns (May 07)
- pmwiki: persistent cross site scripting (XSS), CVE-2010-1481 Hanno Böck (May 07)
- CMS Made Simple: backend cross site scripting (XSS), CVE-2010-1482 Hanno Böck (May 07)
- rPSA-2010-0034-1 ntp ntp-utils rPath Update Announcements (May 10)
- rPSA-2010-0036-1 openssl openssl-scripts rPath Update Announcements (May 10)
- rPSA-2010-0037-1 kernel rPath Update Announcements (May 10)
- [ MDVSA-2010:093 ] mysql security (May 10)
- Vulnerabilities in Sebo - webstore MustLive (May 10)
- Re: Vulnerabilities in Sebo - webstore Salvatore Fresta aka Drosophila (May 11)
- Re: Vulnerabilities in Sebo - webstore MustLive (May 11)
- Re: Vulnerabilities in Sebo - webstore Salvatore Fresta aka Drosophila (May 11)
- Re: Vulnerabilities in Sebo - webstore MustLive (May 11)
- Re: Vulnerabilities in Sebo - webstore Salvatore Fresta aka Drosophila (May 11)
- XSS vulnerability in EasyPublish CMS advisory (May 10)
- XSS vulnerability in Advanced Poll advisory (May 10)
- SA00001-2010 Zakar Miklós (May 10)
- Turnkey Innovations SQL Injection Vulnerability md . r00t . defacer (May 10)
- Month of PHP Security - Summary - 1st May - 10th May Stefan Esser (May 10)
- Re: [Full-disclosure] Month of PHP Security - Summary - 1st May - 10th May Eren Türkay (May 11)
- Family Connections 2.2.3 Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (May 10)
- 29o3 CMS (LibDir) Multiple Remote File Inclusion Vulnerability eidelweiss (May 11)
- XSS in Saurus CMS advisory (May 11)
- [SECURITY] [DSA 2044-1] New mplayer packages fix arbitrary code execution Devin Carraway (May 11)
- [ MDVSA-2010:090-1 ] samba security (May 11)
- {PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow Francis Provencher (May 11)
- XSS in DynamiXgate Affiliate Store Builder advisory (May 11)
- [security bulletin] HPSBMA02528 SSRT100106 rev.1 - HP Performance Center Agent on Windows, Remote Unauthenticated Arbitrary Code Execution security-alert (May 11)
- [SECURITY] [DSA 2043-1] New vlc packages fix arbitrary code execution Devin Carraway (May 11)
- [security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (May 11)
- [SECURITY] [DSA 2045-1] New libtheora packages fix arbitrary code execution Sebastien Delafond (May 12)
- [CORE-2010-0405] Adobe Director Invalid Read Core Security Technologies Advisories Team (May 12)
- Re: [CORE-2010-0405] Adobe Director Invalid Read Core Security Technologies Advisories (May 14)
- Vulnerability in widget Cumulus for BlogEngine.NET MustLive (May 12)
- Multiple memory corruption vulnerabilities in Ghostscript Dan Rosenberg (May 12)
- ZDI-10-081: HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- CFP for ekoparty 0x10 is now open! [ Buenos Aires, Argentina ] ekoparty Security Conference (May 12)
- ZDI-10-089: Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-082: HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability ZDI Disclosures (May 12)
- ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability ZDI Disclosures (May 12)
- [CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability Code Audit Labs (May 12)
- Palo Alto Network Vulnerability - Cross-Site Scripting (XSS) jeromie (May 12)
- [CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer overflow vulnerability Code Audit Labs (May 12)
- [CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite Code Audit Labs (May 12)
- iDefense Security Advisory 05.11.10: Abobe Shockwave Player Heap Memory Indexing Vulnerability iDefense Labs (May 12)
- Secunia Research: Adobe Shockwave Player 3D Parsing Memory Corruption Secunia Research (May 12)
- Secunia Research: Adobe Shockwave Player Signedness Error Vulnerability Secunia Research (May 12)
- Secunia Research: Adobe Shockwave Player Array Indexing Vulnerability Secunia Research (May 12)
- Secunia Research: Adobe Shockwave Player Integer Overflow Vulnerability Secunia Research (May 12)
- [ MDVSA-2010:094 ] tetex security (May 12)
- PolyPager 1.0rc10 (fckeditor) File Upload Security Issue eidelweiss (May 12)
- Secunia Research: Adobe Shockwave Player Asset Entry Parsing Vulnerability Secunia Research (May 12)
- Secunia Research: Adobe Shockwave Player Font Processing Buffer Overflow Secunia Research (May 12)
- VUPEN Security Research - Adobe Shockwave IML32 Multiple Code Execution Vulnerabilities (CVE-2010-0129) VUPEN Security Research (May 12)
- VUPEN Security Research - Adobe Shockwave 3D Two Remote Code Execution Vulnerabilities (CVE-2010-1284) VUPEN Security Research (May 12)
- VUPEN Security Research - Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities (CVE-2010-1280) VUPEN Security Research (May 12)
- VUPEN Security Research - Adobe Shockwave 3D Blocks Field Code Execution Vulnerability (CVE-2010-1283) VUPEN Security Research (May 12)
- [security bulletin] HPSBMA02522 SSRT100086 rev.1 - HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS) security-alert (May 12)
- [security bulletin] HPSBMA02520 SSRT100071 rev.1 - HP Systems Insight Manager (SIM) for HP-UX, Linux, and Windows, Remote Unauthorized Access to Data security-alert (May 12)
- Secunia Research: TomatoCMS Script Insertion Vulnerabilities Secunia Research (May 12)
- Secunia Research: TomatoCMS "q" SQL Injection Vulnerability Secunia Research (May 12)
- Secunia Research: IrfanView PSD Image Parsing Sign-Extension Vulnerability Secunia Research (May 12)
- Secunia Research: IrfanView PSD RLE Decompression Buffer Overflow Secunia Research (May 12)
- Cisco Security Advisory: Multiple vulnerabilities in Cisco PGW Softswitch Cisco Systems Product Security Incident Response Team (May 12)
- Secunia Research: KDE KGet metalink "name" Directory Traversal Vulnerability Secunia Research (May 13)
- [security bulletin] HPSBPI02532 SSRT100111 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Unauthorized Access security-alert (May 13)
- Secunia Research: Free Download Manager metalink "name" Directory Traversal Secunia Research (May 13)
- Secunia Research: Free Download Manager Four Buffer Overflow Vulnerabilities Secunia Research (May 13)
- Secunia Research: KDE KGet Insecure File Operation Vulnerability Secunia Research (May 13)
- Re: Secunia Research: KDE KGet Insecure File Operation Vulnerability Vladimir '3APA3A' Dubrovin (May 14)
- Secunia Research: aria2 metalink "name" Directory Traversal Vulnerability Secunia Research (May 13)
- [USN-938-1] KDENetwork vulnerability Jamie Strandboge (May 13)
- [ MDVSA-2010:095 ] libxext security (May 13)
- XSS vulnerability in NPDS advisory (May 13)
- <Possible follow-ups>
- Re: XSS vulnerability in NPDS developpeur (May 18)
- Blind SQL injection vulnerability in NPDS REvolution advisory (May 13)
- Joomla Component advertising (com_aardvertiser) File Inclusion Vulnerability eidelweiss (May 13)
- LinksAutomation Multiple Remote Vulnerabilities md . r00t . defacer (May 13)
- CfP: GameSec 2010 - Deadline extended to 31 May 2010 Albert Levi (May 14)
- Mathematica on Linux /tmp/MathLink vulnerability paul . szabo (May 14)
- phpGroupWare SQL Injections and Local File Inclusion Vulnerabilities (CVE-2010-0403 and CVE-2010-0404) VUPEN Web Security (May 14)
- [SECURITY] [DSA-2046-1] New phpgroupware packages fix several vulnerabilities Giuseppe Iuculano (May 14)
- Vulnerability in tagcloud for Kasseler CMS MustLive (May 16)
- DEF CON 18 CFP closing in two weeks The Dark Tangent (May 17)
- phpvidz Administrative Password Disclosure mike (May 17)
- Vulnerability in 3D user cloud for Joomla MustLive (May 17)
- Message not available
- Re: Vulnerability in 3D user cloud for Joomla MustLive (May 18)
- Message not available
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 18)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 20)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Susan Bradley (May 20)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 28)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
- Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 28)
- Re: Re[2]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 28)
- Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers Vladimir '3APA3A' Dubrovin (May 31)
- Re: Re[4]: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers John Smith (May 31)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome, Opera and other browsers MustLive (May 20)
- Re: The New ISO Hacking Standard Simon Kilvington (May 20)
- Re: The New ISO Hacking Standard Pete Herzog (May 21)
- <Possible follow-ups>
- XSS vulnerability in LiSK CMS advisory (May 21)
- <Possible follow-ups>
- SQL injection vulnerability in LiSK CMS advisory (May 21)
- Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability Jabłoński , Paweł (May 25)
- <Possible follow-ups>
- Re: Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability info (May 25)
- <Possible follow-ups>
- [Bkis-01-2010] Multiple Vulnerabilities in BigAce - Bkis Bkis (May 25)
- <Possible follow-ups>
- [SECURITY] [DSA 2052-1] New krb5 packages fix denial of service Thijs Kinkhorst (May 25)
- Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 26)
- Re: Ghostscript 8.64 executes random code at startup Krzysztof Żelechowski (May 26)
- Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 26)
- Re: Ghostscript 8.64 executes random code at startup Krzysztof Żelechowski (May 26)
- <Possible follow-ups>
- Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 27)
- Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 28)
- Re: Ghostscript 8.64 executes random code at startup paul . szabo (May 31)
- Re: Sun Solaris 10 filesystem rm(1),find(1),etc, Denial-of-service Casper . Dik (May 26)
- <Possible follow-ups>
- Kingsoft WebShield KAVSafe.sys <= 2010.4.14.609(2010.5.23) Kernel Mode Local Privilege Escalation Vulnerability yicong2010 (May 25)
- Re: SQL injection vulnerability in 360 Web Manager Packet Storm (May 27)
- <Possible follow-ups>
- SQL injection vulnerability in 360 Web Manager advisory (May 26)
- <Possible follow-ups>
- [ MDVSA-2010:108 ] kolab-horde-framework security (May 26)
- [ MDVSA-2010:108 ] kolab-horde-framework security (May 26)
- Re: Administrivia: Real domain names in PoC/exploit examples Nate Eldredge (May 28)
- Re: [Suspected Spam]DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera Susan Bradley (May 28)
- Re: DoS vulnerabilities in Firefox, Internet Explorer, Chrome and Opera MustLive (May 31)
- <Possible follow-ups>
- SQL injection vulnerability in ImpressPages CMS advisory (May 28)
- SQL injection vulnerability in ImpressPages CMS advisory (May 28)
- <Possible follow-ups>
- Re: Nginx 0.8.35 Space Character Remote Source Disclosure abc12345 (May 31)