[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6531 Download | Alert*

Brad Hill of iSEC Partners discovered that many XML implementations are vulnerable to external entity expansion issues, which can be used for various purposes such as firewall circumvention, disguising an IP address, and denial-of-service. libxml2 was susceptible to these problems when performing string substitution during entity expansion.

Yamada Yasuharu discovered that cURL, an URL transfer library, is vulnerable to expose potentially sensitive information when doing requests across domains with matching tails. Due to a bug in the tailmatch function when matching domain names, it was possible that cookies set for a domain "ample.com" could accidentally also be sent by libcurl when communicating with "example.com". Both curl the co ...

Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related libraries: Various integer overflows, sign handling errors in integer conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.

Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution of arbitrary code, privilege escalation, information leaks or cross-site-scripting. We"re changing the approach for ...

It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition.

Timo Sirainen discovered that cURL, an URL transfer library, is prone to a heap overflow vulnerability due to bad checking of the input data in the curl_easy_unescape function. The curl command line tool is not affected by this problem as it doesn"t use the curl_easy_unescape function.

Multiple security issues have been found in Iceweasel, Debian"s version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementaton errors may lead to the execution of arbitrary code, privilege escalation, information disclosure or cross-site request forgery. The iceweasel version in ...

Multiple security issues have been found in Icedove, Debian"s version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, use-after-free vulnerabilities, missing permission checks, incorrect memory handling and other implementaton errors may lead to the execution of arbitrary code, privilege escalation, information disclosure or cross-site request forgery. As already an ...

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

It was discovered that PHP could perform an invalid free request when processing crafted XML documents, corrupting the heap and potentially leading to arbitrary code execution. Depending on the PHP application, this vulnerability could be exploited remotely.


Pages:      Start    293    294    295    296    297    298    299    300    301    302    303    304    305    306    ..   653

© SecPod Technologies