Bugtraq: by author
RSS Feed
About List
All Lists
Previous period
236 messages
starting Sep 01 10 and
ending Sep 14 10
Date index |
Thread index |
Author index
ACROS Lists
Online Binary Planting Exposure Test ACROS Lists (Sep 01)
ACROS Security Lists
ACROS Security: Remote Binary Planting in Apple Safari for Windows (ASPR #2010-09-08-1) ACROS Security Lists (Sep 09)
Binary Planting Goes "EXE" ACROS Security Lists (Sep 09)
Binary Planting Attack Vectors - There's more than one way to skin a cat... or plant a binary, for that matter ACROS Security Lists (Sep 20)
Aditya K Sood
CVE-2010-3200 : Microsoft Word 2003 MSO Null Pointer Dereference Vulnerability Aditya K Sood (Sep 14)
admin
Adobe LiveCycle ES DLL Hijacking Exploit (.dll) admin (Sep 13)
chillyCMS Multiple Vulnerabilities admin (Sep 07)
adv
[ECHO_ADV_113$2010] BSI Hotel Booking System Admin Login Bypass Vulnerability adv (Sep 22)
advisory
XSS vulnerability in Amiro.CMS FAQ advisory (Sep 01)
XSS vulnerability in AContent advisory (Sep 15)
XSS vulnerability in AContent search advisory (Sep 15)
XSS vulnerability in GetSimple CMS advisory (Sep 29)
XSRF (CSRF) in SantaFox advisory (Sep 15)
XSS vulnerability in Atutor edit content folder advisory (Sep 15)
XSS vulnerability in Rumba CMS tags advisory (Sep 01)
XSS vulnerability in ATutor advisory (Sep 15)
SQL injection vulnerability in e107 advisory (Sep 20)
XSS vulnerability in ArtGK CMS advisory (Sep 01)
XSS vulnerability in AChecker advisory (Sep 15)
XSS vulnerability in Entrans advisory (Sep 27)
XSS vulnerability in Pluck advisory (Sep 29)
XSS vulnerability in Rumba CMS advisory (Sep 01)
SQL injection vulnerability in e107 advisory (Sep 27)
XSRF (CSRF) in Zimplit advisory (Sep 29)
SQL injection vulnerability in Entrans advisory (Sep 27)
XSS (cross site scripting) vulnerability in Serendipity advisory (Sep 15)
XSS vulnerability in ArtGK CMS forum advisory (Sep 01)
SQL injection vulnerability in Entrans advisory (Sep 27)
XSS vulnerability in SantaFox search module advisory (Sep 15)
SQL injection vulnerability in e107 advisory (Sep 20)
XSS vulnerability in AContent advisory (Sep 15)
Albert Levi
Call for Participation - GameSec 2010 - Berlin, Germany Albert Levi (Sep 08)
Alex Legler
[ GLSA 201009-01 ] wxGTK: User-assisted execution of arbitrary code Alex Legler (Sep 03)
[ GLSA 201009-03 ] sudo: Privilege Escalation Alex Legler (Sep 07)
Amit Klein
New writeup by Amit Klein (Trusteer): "Cross-domain information leakage in Firefox 3.6.4-3.6.8, Firefox 3.5.10-3.5.11 and Firefox 4.0 Beta1" Amit Klein (Sep 14)
Andrea Barisani
[oCERT-2010-003] Free Simple CMS path sanitization errors Andrea Barisani (Sep 17)
[oCERT-2010-004] FFmpeg/libavcodec arbitrary offset dereference Andrea Barisani (Sep 28)
Andrzej Targosz
CONFidence 2.0 2010 - Call for Papers - 29-30.11.2010 Prague Andrzej Targosz (Sep 22)
Bogdan Calin
SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3 Bogdan Calin (Sep 09)
Security problems in Zenphoto version 1.3 Bogdan Calin (Sep 07)
[Suspected Spam]Directory Traversal in Axigen v7.4.1 running on Windows Bogdan Calin (Sep 15)
Christian Sciberras
Re: Binary Planting Goes "EXE" Christian Sciberras (Sep 10)
Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities Cisco Systems Product Security Incident Response Team (Sep 22)
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco Systems Product Security Incident Response Team (Sep 08)
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Sep 22)
Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities Cisco Systems Product Security Incident Response Team (Sep 22)
Cisco Security Advisory: Cisco IOS SSL VPN Vulnerability Cisco Systems Product Security Incident Response Team (Sep 22)
Cisco Security Advisory: Cisco IOS Software Internet Group Management Protocol Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team (Sep 22)
Crash
[DCA-00016 - Nokia E72 Keyboard Password bypass] Crash (Sep 14)
dann frazier
[SECURITY] [DSA 2110-1] New Linux 2.6.26 packages fix several issues dann frazier (Sep 17)
dave b
etax 2010 failure to validate remote ssl certificate properly dave b (Sep 08)
Re: etax 2010 failure to validate remote ssl certificate properly dave b (Sep 08)
Re: etax 2010 failure to validate remote ssl certificate properly dave b (Sep 09)
Florian Weimer
[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities Florian Weimer (Sep 30)
[SECURITY] [DSA-2104-1] New quagga packages fix denial of service Florian Weimer (Sep 07)
Francis Provencher
{PRL} Novell Netware OpenSSH Remote Stack Overflow Francis Provencher (Sep 02)
Freddie Witherden
Recent developments in FireWire Attacks Freddie Witherden (Sep 08)
FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-10:08.bzip2 FreeBSD Security Advisories (Sep 20)
Fyodor
Re: Nmap NOT VULNERABLE to Windows DLL Hijacking Vulnerability. Fyodor (Sep 09)
g1xsystem
Internet Download Accelerator 5.8 Remote Buffer Overflow g1xsystem (Sep 10)
Giuseppe Iuculano
[SECURITY] [DSA-2105-1] New freetype packages fix several vulnerabilities Giuseppe Iuculano (Sep 08)
[SECURITY] [DSA-2103-1] New smbind packages fix sql injection Giuseppe Iuculano (Sep 07)
info
Netscape Web Browser (CSS) Cross Domain Vulnerability info (Sep 23)
Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability info (Sep 23)
ISecAuditors Security Advisories
[ISecAuditors Security Advisories] SQL Injection and XSS in Motorito < v2.0 Ni 483 ISecAuditors Security Advisories (Sep 23)
[ISecAuditors Security Advisories] Reflected XSS in Atmail WebMail < v6.2.0 ISecAuditors Security Advisories (Sep 21)
[ISecAuditors Security Advisories] Insecure Direct Object Reference in tuenti.com allow to read of any message user ISecAuditors Security Advisories (Sep 21)
Jamie Strandboge
[USN-986-1] bzip2 vulnerability Jamie Strandboge (Sep 20)
[USN-975-1] Firefox and Xulrunner vulnerabilities Jamie Strandboge (Sep 09)
[USN-978-2] Thunderbird regression Jamie Strandboge (Sep 17)
[USN-978-1] Thunderbird vulnerabilities Jamie Strandboge (Sep 09)
[USN-983-1] Sudo vulnerability Jamie Strandboge (Sep 07)
[USN-986-2] ClamAV vulnerability Jamie Strandboge (Sep 20)
[USN-975-2] Firefox and Xulrunner regression Jamie Strandboge (Sep 17)
[USN-986-3] dpkg vulnerability Jamie Strandboge (Sep 20)
Kees Cook
[USN-985-1] mountall vulnerability Kees Cook (Sep 08)
Laurent OUDOT at TEHTRI-Security
[TEHTRI-Security Training + 0days] "Hunting Web Attackers" at HITBSecConf Laurent OUDOT at TEHTRI-Security (Sep 07)
Lyndon Nerenberg
[FLOCK-SA-2010-04] Flock Browser: window.open() Method Javascript Same-Origin Policy Violation (XSS) Lyndon Nerenberg (Sep 14)
[FLOCK-SA-2010-03] Flock Browser: javascript: url with a leading NULL byte can bypass cross origin protection (XSS) Lyndon Nerenberg (Sep 14)
[FLOCK-SA-2010-02] Flock Browser: A malicious RSS feed can bypass cross origin protection (XSS) Lyndon Nerenberg (Sep 14)
[FLOCK-SA-2010-01] Flock Browser: A malformed favourite can bypass cross origin protection (XSS) Lyndon Nerenberg (Sep 14)
Marc Deslauriers
[USN-987-1] Samba vulnerability Marc Deslauriers (Sep 14)
[USN-989-1] PHP vulnerabilities Marc Deslauriers (Sep 20)
[USN-984-1] LFTP vulnerability Marc Deslauriers (Sep 08)
[USN-990-2] Apache vulnerability Marc Deslauriers (Sep 21)
[USN-982-1] Wget vulnerability Marc Deslauriers (Sep 02)
[USN-992-1] Avahi vulnerabilities Marc Deslauriers (Sep 29)
[USN-990-1] OpenSSL vulnerability Marc Deslauriers (Sep 21)
[USN-993-1] libgdiplus vulnerability Marc Deslauriers (Sep 29)
[USN-996-1] Mako vulnerability Marc Deslauriers (Sep 29)
[USN-995-1] libMikMod vulnerabilities Marc Deslauriers (Sep 29)
[USN-994-1] libHX vulnerability Marc Deslauriers (Sep 29)
marian . ventuneac
MVSA-10-006 / CVE-2010-0153 - IBM Proventia Network Mail Security System - Cross-Site Request Forgery vulnerabilities marian . ventuneac (Sep 13)
MVSA-10-007 / CVE-2010-0152 - IBM Proventia Mail Security System - Multiple persistent and reflected XSS vulnerabilities marian . ventuneac (Sep 13)
MVSA-10-009 / CVE-2010-0155 - IBM Proventia Network Mail Security System - CRLF Injection vulnerability marian . ventuneac (Sep 13)
MVSA-10-002 - Google Message Security SaaS - Multiple XSS vulnerabilities marian . ventuneac (Sep 15)
MVSA-10-001 - Google Message Security SaaS - SQL Injection vulnerabilities marian . ventuneac (Sep 15)
MVSA-10-008 / CVE-2010-0154 - IBM Proventia Mail Security System - Insecure Direct Object Reference vulnerability marian . ventuneac (Sep 13)
Michal Zalewski
Re: Netscape Web Browser (CSS) Cross Domain Vulnerability Michal Zalewski (Sep 24)
Moritz Muehlenhoff
[SECURITY] [DSA 2106-1] New xulrunner packages fix several vulnerabilities Moritz Muehlenhoff (Sep 10)
[SECURITY] [DSA 2101-1] New wireshark packages fix several vulnerabilities Moritz Muehlenhoff (Sep 01)
Moritz Naumann
XSS in Horde Application Framework <=3.3.8, icon_browser.php Moritz Naumann (Sep 07)
XSS in Horde IMP <=4.3.7, fetchmailprefs.php Moritz Naumann (Sep 27)
MustLive
Vulnerabilities in CMS WebManager-Pro MustLive (Sep 02)
Vulnerabilities in IB Promotion Advanced Business Web Suite MustLive (Sep 20)
Vulnerabilities in CMS MYsite MustLive (Sep 27)
Nelson Brito
Exploit Next Generation® Methodology Nelson Brito (Sep 21)
Exploit Next Generation(R) Example Codes Nelson Brito (Sep 27)
nikhil_uitrgpv
nmap <= 5.21 is vulnerable to Windows DLL Hijacking Vulnerability. nikhil_uitrgpv (Sep 07)
Tortoise SVN DLL Hijacking Vulnerability nikhil_uitrgpv (Sep 01)
nullcon
nullcon Goa dwitiya (2.0) Call For Papers nullcon (Sep 03)
Onapsis Research Labs
[Onapsis Security Advisory 2010-007] SAP Management Console Multiple Denial of Service Onapsis Research Labs (Sep 29)
phara0h
Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability phara0h (Sep 23)
pocadm
International Hacking Conference "POC2001" Call for Paper pocadm (Sep 13)
psiinon
The Zed Attack Proxy (ZAP) version 1.0.0 psiinon (Sep 07)
Rebecca Menessec
Searching for DropBox security contact Rebecca Menessec (Sep 20)
Rodrigo Branco
Web commands injection through FTP Login in Synology Disk Station - CVE-2010-2453 Rodrigo Branco (Sep 27)
Rodrigo Escobar
[DCA-00015] YOPS Web Server Remote Command Execution Rodrigo Escobar (Sep 10)
Rodrigo Rubira Branco (BSDaemon)
H2HC 2010 Sao Paulo - Capture the Flag Rodrigo Rubira Branco (BSDaemon) (Sep 13)
H2HC São Paulo - Capture the Captcha Rodrigo Rubira Branco (BSDaemon) (Sep 07)
Call for Papers H2HC Cancun/Mexico and H2HC Sao Paulo/Brazil Rodrigo Rubira Branco (BSDaemon) (Sep 07)
Roman Medina-Heigl Hernandez
Web challenges from RootedCON'2010 CTF - Contest Roman Medina-Heigl Hernandez (Sep 14)
Román RamÃrez
Rooted CON 2011 - Call for Papers Román RamÃrez (Sep 03)
rPath Update Announcements
rPSA-2010-0056-1 httpd mod_ssl rPath Update Announcements (Sep 14)
Salvatore Fresta aka Drosophila
TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities Salvatore Fresta aka Drosophila (Sep 22)
JE Guestbook 1.0 Joomla Component Multiple Remote Vulnerabilities Salvatore Fresta aka Drosophila (Sep 30)
sattler
Joomla Component Clantools version 1.5 Blind SQL Injection Vulnerability sattler (Sep 07)
Joomla Component Clantools version 1.2.3 Multiple Blind SQL Injection Vulnerabilities sattler (Sep 07)
Joomla Component Aardvertiser 2.1 free Blind SQL Injection Vulnerability sattler (Sep 08)
Sebastien Delafond
[SECURITY] [DSA 2107-1] New couchdb package fixes arbitrary code execution Sebastien Delafond (Sep 09)
[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution Sebastien Delafond (Sep 03)
Sébastien Delafond
[SECURITY] [DSA 2108-1] New cvsnt package fixes arbitrary code execution Sébastien Delafond (Sep 14)
Secunia Research
Secunia Research: Microsoft Outlook Content Parsing Integer Underflow Vulnerability Secunia Research (Sep 14)
Secunia Research: MailEnable SMTP Service Two Denial of Service Vulnerabilities Secunia Research (Sep 13)
security
Re: Opera Web Browser v10.62 (CSS) Cross Domain Vulnerability security (Sep 24)
[ MDVSA-2010:180 ] rpm security (Sep 13)
[ MDVSA-2010:167 ] perl-libwww-perl security (Sep 01)
[ MDVSA-2010:168 ] openssl security (Sep 02)
[ MDVSA-2010:181 ] ntop security (Sep 14)
[ MDVSA-2010:169 ] mozilla-thunderbird security (Sep 02)
[ MDVSA-2010:172 ] kernel security (Sep 10)
[ MDVSA-2010:187 ] squid security (Sep 23)
[ MDVSA-2010:179 ] libglpng security (Sep 13)
[ MDVSA-2010:177 ] tomcat5 security (Sep 13)
n.runs-SA-2010.001 - Alcatel-Lucent - unauthenticated administrative access to CTI CCA Server security (Sep 20)
[ MDVSA-2010:176 ] tomcat5 security (Sep 13)
[ MDVSA-2010:171 ] lvm2 security (Sep 07)
[ MDVSA-2010:189 ] pcsc-lite security (Sep 24)
[ MDVSA-2010:184 ] samba security (Sep 17)
[ MDVSA-2010:174 ] quagga security (Sep 13)
[ MDVSA-2010:185 ] bzip2 security (Sep 20)
n.runs-SA-2010.002 - Alcatel-Lucent - arbitrary code execution on OmniVista 4760 security (Sep 20)
[ MDVSA-2010:175 ] sudo security (Sep 13)
[ MDVSA-2010:183 ] socat security (Sep 15)
n.runs-SA-2010.002 - Alcatel-Lucent - arbitrary code execution on OmniVista 4760 security (Sep 20)
[ MDVSA-2010:186 ] phpmyadmin security (Sep 21)
[ MDVSA-2010:170 ] wget security (Sep 03)
[ MDVSA-2010:189-1 ] pcsc-lite security (Sep 27)
[ MDVSA-2010:190 ] libtiff security (Sep 30)
[ MDVSA-2010:188 ] kernel security (Sep 23)
[ MDVSA-2010:182 ] kdegraphics security (Sep 14)
[ MDVSA-2010:178 ] ocsinventory security (Sep 13)
Security_Alert
ESA-2010-014: RSA, The Security Division of EMC, releases security hot fixes for potential vulnerability in RSA® Access Manager Server under certain conditions. Security_Alert (Sep 08)
ESA-2010-016: RSA, The Security Division of EMC, releases security hot fix for a potential vulnerability in RSA® Access Manager Agent when working with RSA® Adaptive Authentication. Security_Alert (Sep 08)
ESA-2010-015: EMC Celerra NFS authentication bypass vulnerability using IP spoofing. Security_Alert (Sep 08)
ESA-2010-017: RSA, The Security Division of EMC, announces a security update for RSA Authentication Agent 7.0 for Web, which addresses a potential directory traversal vulnerability Security_Alert (Sep 22)
security-alert
[security bulletin] HPSBMA02568 SSRT100219 rev.2 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities security-alert (Sep 20)
[security bulletin] HPSBMA02558 SSRT100158 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code security-alert (Sep 30)
[security bulletin] HPSBMA02566 SSRT100045 rev.1 - HP System Management Homepage (SMH) for Linux, Remote Disclosure of Sensitive Information security-alert (Sep 14)
[security bulletin] HPSBMA02572 SSRT100082 rev.1 - HP Operations Agent Running on Windows, Local Elevation of Privileges and Remote Execution of Arbitrary Code security-alert (Sep 03)
[security bulletin] HPSBMA02585 SSRT100256 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) security-alert (Sep 23)
[security bulletin] HPSBMA02568 SSRT100219 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Cross Site Scripting (XSS), HTTP Response Splitting, and Other Vulnerabilities security-alert (Sep 16)
[security bulletin] HPSBMA02574 SSRT100038 rev.1 - HP ProLiant G6 Lights-Out 100, Remote Management, Denial of Service (DoS) security-alert (Sep 08)
[security bulletin] HPSBUX02587 SSRT100215 rev.1 - HP-UX Directory Server and Red Hat Directory Server for HP-UX, Local Disclosure of Information, Privilege Escalation security-alert (Sep 29)
[security bulletin] HPSBGN02577 SSRT100224 rev.2 - 3Com OfficeConnect Gigabit VPN Firewall (3CREVF100-73), Remote Cross Site Scripting (XSS) security-alert (Sep 16)
[security bulletin] HPSBMA02578 SSRT100069 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Information Disclosure security-alert (Sep 23)
[security bulletin] HPSBMA02516 SSRT090232 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local security-alert (Sep 09)
[security bulletin] HPSBMA02576 SSRT090231 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code security-alert (Sep 09)
[security bulletin] HPSBUX02546 SSRT100159 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS), Unauthorized Disclosure of Information security-alert (Sep 17)
[security bulletin] HPSBMA02584 SSRT100230 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection security-alert (Sep 23)
[security bulletin] HPSBMA02583 SSRT100070 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote URL Redirection security-alert (Sep 23)
security curmudgeon
Re: XSS vulnerability in Auto CMS security curmudgeon (Sep 29)
Re: XSS vulnerability in CompuCMS security curmudgeon (Sep 29)
Re: XSS vulnerability in Pluck security curmudgeon (Sep 30)
sk
CollabNet Subversion Edge Log Parser XSS/Code Injection Vulnerability sk (Sep 21)
Stefan Bauer
Security Contact Allianz IT-Infrastructure - Germany Stefan Bauer (Sep 21)
Stefan Behte
[ GLSA 201009-08 ] python-updater: Untrusted search path Stefan Behte (Sep 22)
[ GLSA 201009-04 ] SARG: User-assisted execution of arbitrary code Stefan Behte (Sep 08)
[ GLSA 201009-09 ] fence: Multiple symlink vulnerabilites Stefan Behte (Sep 30)
[ GLSA 201009-05 ] Adobe Reader: Multiple vulnerabilities Stefan Behte (Sep 08)
[ GLSA 201009-07 ] libxml2: Denial of Service Stefan Behte (Sep 22)
Stefan Fritsch
[SECURITY] [DSA-2112-1] New bzip2 packages fix integer overflow Stefan Fritsch (Sep 20)
[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow Stefan Fritsch (Sep 16)
[SECURITY] [DSA-2114-1] New git-core packages fix regression Stefan Fritsch (Sep 27)
[SECURITY] [DSA-2106-2] New xulrunner packages fix regression Stefan Fritsch (Sep 20)
Stefan Kanthak
Vulnerable 3rd-party DLLs used in TrendMicro's malware scanner HouseCall Stefan Kanthak (Sep 20)
Re: Binary Planting Goes "EXE" Stefan Kanthak (Sep 10)
Steffen Joeris
[SECURITY] [DSA 2113-1] New drupal6 packages fix several vulnerabilities Steffen Joeris (Sep 20)
[SECURITY] [DSA 2111-1] New squid3 packages fix denial of service Steffen Joeris (Sep 20)
steve . povolny
Re: Re: IIS5.1 Directory Authentication Bypass by using ?:$I30:$Index_Allocation? steve . povolny (Sep 03)
Thijs Kinkhorst
[SECURITY] [DSA 2097-2] New phpmyadmin packages fix several vulnerabilities Thijs Kinkhorst (Sep 13)
[SECURITY] [DSA 2098-2] New typo3-src packages fix regression Thijs Kinkhorst (Sep 08)
Tim Brown
Medium security flaw in Apache Traffic Server Tim Brown (Sep 10)
Tobias Heinlein
[ GLSA 201009-06 ] Clam AntiVirus: Multiple vulnerabilities Tobias Heinlein (Sep 08)
Trustwave Advisories
TWSL2010-005: FreePBX recordings interface allows remote code execution Trustwave Advisories (Sep 24)
VMware Security Team
VMSA-2010-0013 VMware ESX third party updates for Service Console VMware Security Team (Sep 01)
VMSA-2010-0013 VMware Security Team (Sep 01)
VMSA-2010-0015 VMware ESX third party updates for Service Console VMware Security team (Sep 30)
VMSA-2010-0014 VMware Workstation, Player, and ACE address several security issues VMware Security team (Sep 24)
VUPEN Security Research
VUPEN Security Research - Google Chrome Focus Processing Memory Corruption Vulnerability (VUPEN-SR-2010-249) VUPEN Security Research (Sep 03)
Yam Mesicka
Fwd: 2.6.6 <= phpMyFAQ <= 2.6.8 XSS Yam Mesicka (Sep 29)
yangdn
Wireshark 1.4.0 Malformed SNMP V1 Packet Denial of Service yangdn (Sep 13)
yawninglol
Battle.net Mobile Authenticator MITM Vulnerability yawninglol (Sep 20)
YGN Ethical Hacker Group
Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll) YGN Ethical Hacker Group (Sep 02)
Microsoft Internet explorer 8 DLL Hijacking (IESHIMS.DLL) YGN Ethical Hacker Group (Sep 07)
PGP Desktop version 9.10.x-10.0.0 Insecure DLL Hijacking Vulnerability (tsp.dll, tvttsp.dll) YGN Ethical Hacker Group (Sep 10)
Adobe Flash Player IE version 10.1.x Insecure DLL Hijacking Vulnerability (dwmapi.dll) YGN Ethical Hacker Group (Sep 10)
Re: KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll) YGN Ethical Hacker Group (Sep 07)
ZDI Disclosures
ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability ZDI Disclosures (Sep 13)
ZDI-10-178: Novell PlateSpin Orchestrate Graph Rendering Remote Code Execution Vulnerability ZDI Disclosures (Sep 15)
ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability ZDI Disclosures (Sep 13)
ZDI-10-181: IBM TSM FastBack Server ActivateLTScriptReply Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-180: IBM TSM FastBack Server _SendToLog Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-183: IBM TSM FastBack Server FXCLI_checkIndexDBLocation Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-184: IBM TSM FastBack Server USER_S_AddADGroup Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-185: IBM TSM FastBack Server _Eventlog Format String Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-176: Mozilla Firefox normalizeDocument Remote Code Execution Vulnerability ZDI Disclosures (Sep 14)
ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities ZDI Disclosures (Sep 30)
ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-171: Mozilla Firefox nsTreeContentView Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Sep 13)
ZDI-10-179: IBM TSM FastBack Mount Service Arbitrary Overwrite Remote Code Execution Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-187: IBM TSM FastBack Server _DAS_ReadBlockReply Remote Denial of Service Vulnerability ZDI Disclosures (Sep 30)
ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability ZDI Disclosures (Sep 14)
ZDI-10-172: Mozilla Firefox tree Object Removal Remote Code Execution Vulnerability ZDI Disclosures (Sep 13)
ZDI-10-173: Mozilla Firefox nsTreeSelection Dangling Pointer Remote Code Execution Vulnerability ZDI Disclosures (Sep 13)
ZDI-10-177: IBM Lotus Domino iCalendar MAILTO Stack Overflow Vulnerability ZDI Disclosures (Sep 14)