iBrowser plugin version 1.4.1 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to ibrowser.php, loadmsg.php, rfiles.php and symbols.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.
a153b7a4a47ff146d91e0d79e554e424553ad4ca1efa41e15eaa049ec8a0b46dThis is an e-book called Hacking Wifi Networks On Windows. It primarily focuses on cracking WEP.
27337d4f71becb39e2b9e4355352494736f4a9f97170b086769dab940dd0e2f9The ZeroNights 2011 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia on the 25th of November.
54f7a0de97801f1e51a857091337fddb53bae6cb6928955482679fdf7afcd177SAP Crystal Report Server 2008 suffers from a cross site scripting vulnerability.
5d317ae48eb94648a5577e2a7ecbcc8a552c5f1dd2741d04fd386f0cc7d2d72fSAP NetWeaver suffers from an ipcpricing information disclosure vulnerability.
f625ce738f7a43d442cf465887a9c7c56ad9a8aaa71fb6e7ea81ef2d91773df2Card Sharj suffers from a remote SQL injection vulnerability that allows for authentication bypass.
00174e0df37ba26c5e7d8098d60774ad35617d9cb21acffa02a1b7e1e94afc46Adobe Reader X suffers from a sandbox bypass vulnerability.
9da44ca25607b6788dfb6efbe18fce72d3cb353aca2ee8eba8a621e745be983dMy MP3 Player version 3.0 buffer overflow exploit with DEP bypass.
b54cbd0865162eb25b5c22342efed86f3a18573bfb45a369f7c7720750c06179Mini-Stream Ripper version 2.9.7 buffer overflow exploit with DEP bypass.
adab7efd625de89ea37ad48d9dc534b72cc56c9f5bf0af4fbf105a62532378b7Red Hat Security Advisory 2011-1313-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise BRMS Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
bcce8533979c638668151132f981467813cec5cba502f114c265c6c93313102fRed Hat Security Advisory 2011-1312-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
f674c959b4fadafa704f6a8f6a5d9ce06d0eff03b9fde2aa39d8272bf997d3e0Red Hat Security Advisory 2011-1311-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
3a011bc6de5554c758d0b9fa6c9334f214bc04d0eea99bd443d11a05a1ad832eRed Hat Security Advisory 2011-1310-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
a31bba9cc3ae91ff188a9cc9203f8da900de211d6981af12ab071393fae6af1aRed Hat Security Advisory 2011-1309-01 - JBoss Enterprise Application Platform is the market-leading platform for innovative and scalable Java applications. JBoss Enterprise Application Platform integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam into a complete and simple enterprise solution. JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
4405b67f4aeda82db06f3d697104eafbd0885396c23ef06fdd16cc7853e83719Red Hat Security Advisory 2011-1308-01 - JBoss Web Services Native is a web service framework included as part of JBoss Communications Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
ea964738f1be59a4557cc2b56dc3bbbea521cae78a84bed00c60d2b4417d6898Red Hat Security Advisory 2011-1307-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
cbd71fe2dde78be667b43b0a399f1b66f17d766d8629c56c48326376cb041dadRed Hat Security Advisory 2011-1306-01 - The jbossws-common package provides JBoss Web Services Native, a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
53a2c62ad66a1a6a43bdc577ce1ca6419fe718721d2bb3a0111dfe72aebc2b2eRed Hat Security Advisory 2011-1305-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise SOA Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.
8841a70ed396dd48e91337e711c2c99e21af87c85ce24c3935c6d6a4c1eef571
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed