[Forgot Password]
Login  Register Subscribe

24437

 
 

132035

 
 

118831

 
 

909

 
 

92766

 
 

143

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server . The updated packages have been patched to correct these issues.

A vulnerability has been found and corrected in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification . This ...

Multiple Java OpenJDK security vulnerabilities has been identified and fixed: The design of the W3C XML Signature Syntax and Processing recommendation specifies an HMAC truncation length but does not require a minimum for its length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits . The Java Web Start f ...

Multiple security vulnerabilities has been identified and fixed in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature s ...

A vulnerability has been found and corrected in ntp: Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution . The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in mono: Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to HtmlControl.cs , HtmlForm.cs , HtmlInputButton , HtmlInputRadioButton , and HtmlSelect . The XML HMAC signature system did not correc ...

A vulnerability has been found and corrected in mono: The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation . This update fixes this vulnerability.

Samba 3.2.0 through 3.2.6, when registry shares are enabled, allows remote authenticated users to access the root filesystem via a crafted connection request that specifies a blank share name . This update provides samba 3.2.7 to address this issue.

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.19 . This update provides the latest Thunderbird to correct these issues.

Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5 . This update provides the latest Mozilla Firefox 3.x to correct these issues.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   182

© SecPod Technologies