SANS @RISK

Syndicate content SANS RSS Feed
All Updates From Vol: 9 - Issue: 35
URL: http://www.sans.org/newsletters/risk/display.php
Updated: 47 min 48 sec ago

10.32.9 GetMySystem BarCodeWiz BarcodeWiz.dll ActiveX Control Remote Buffer Overflow

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Third Party Windows Apps

Categories: Security Alerts

10.32.10 TurboFTP Directory Traversal Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Third Party Windows Apps

Categories: Security Alerts

10.32.11 32bit FTP Client Directory Traversal

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Third Party Windows Apps

Categories: Security Alerts

10.32.12 Citrix XenApp Online Plug-in ActiveX Control Remote Code Execution

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Third Party Windows Apps

Categories: Security Alerts

10.32.15 Apache "mod_proxy_http" 2.2.9 for Unix Timeout Handling Information Disclosure

Tue, 2010-08-10 06:00

CVEs: CVE: CVE-2010-2791

Platform: Unix

Categories: Security Alerts

10.32.91 Drupal Simple Gallery Module Multiple Unspecified HTML Injection Vulnerabilities

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.92 MediaWiki "api.php" Information Disclosure Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.93 PHP-Fusion Remote Command Execution Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.94 Subrion Auto Classifieds Script HTML Injection

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.95 Yacs CMS "context[path_to_root]" Parameter Remote File Include

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.96 Group-Office SQL Injection Vulnerability and Remote Command Execution

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.97 Freelancer Marketplace Script "post_project.php" Multiple HTML Injection

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.98 TenderSystem "main.php" Multiple Local File Include Issues

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.99 Nuggetz "ajaxsave.php" Multiple Directory Traversal Vulnerabilities

Tue, 2010-08-10 06:00

CVEs: CVE: CVE-2009-4315

Platform: Web Application

Categories: Security Alerts

10.32.100 oBlog "article.php" Multiple HTML Injection Issues

Tue, 2010-08-10 06:00

CVEs: CVE: CVE-2009-4908

Platform: Web Application

Categories: Security Alerts

10.32.101 PHP Wares PHP Inventory Cross-Site Scripting and SQL Injection Vulnerabilities

Tue, 2010-08-10 06:00

CVEs: CVE: CVE-2009-4595, CVE-2009-4596, CVE-2009-4597

Platform: Web Application

Categories: Security Alerts

10.32.102 Uploaderr Arbitrary File Upload Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.103 SweetRice "root_dir" Parameter Multiple Remote File Include Vulnerabilities

Tue, 2010-08-10 06:00

CVEs: CVE: CVE-2009-4224

Platform: Web Application

Categories: Security Alerts

10.32.104 PHP Chat Module for 123 Flash Chat "login_chat.php" Remote File Include Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts

10.32.105 MultipleFileUpload Arbitrary File Upload Issue

Tue, 2010-08-10 06:00

CVEs: CVE: Not Available

Platform: Web Application

Categories: Security Alerts