[bugtraq] Thread Index

• Chronological Index · RSS feed

• [security bulletin] HPSBUX02418 SSRT090002 rev.1 - HP-UX Running OpenSSL, Remote Unauthorized Access, security-alert   (April 01, 2009)
• VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim, VMware Security team   (April 01, 2009)
• [ MDVSA-2009:084 ] firefox, security   (April 01, 2009)
• Microsoft Internet Explorer 8 - Anti Spoofing is a Myth, Aditya K Sood   (April 01, 2009)
  • Re: Microsoft Internet Explorer 8 - Anti Spoofing is a Myth, Michal Zalewski   (April 01, 2009)  
   
• [SecNiche Whitepaper] Evading Web XSS Filters with Microsoft Word - WAPT Perspective, Aditya K Sood   (April 01, 2009)
• Massive exploitation of instant messaging applications proved feasible, Julien TINNES   (April 01, 2009)
• Secunia Research: UltraISO Image Parsing Buffer Overflow Vulnerabilities, Secunia Research   (April 01, 2009)
• [ MDVSA-2009:083 ] mozilla-thunderbird, security   (April 01, 2009)
• OpenX 2.6.4 multiple vulnerabilities, publists   (April 01, 2009)
• EUSecWest 2009 CFP (May 27/28, Deadline April 7 2009), Dragos Ruiu   (April 02, 2009)
• [OPENX-SA-2009-002] OpenX 2.4.11, 2.6.5, 2.8.0 fix multiple vulnerabilities, Matteo Beccati   (April 02, 2009)
• OSCommerce Session Fixation Vulnerability, laurent . desaulniers   (April 02, 2009)
  • <Possible follow-ups>
  • Re: OSCommerce Session Fixation Vulnerability, tech107   (April 14, 2009)  
   
• Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3, dh   (April 02, 2009)
  • <Possible follow-ups>
  • Re: Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3, prabhup   (April 10, 2009)  
   
• Remote access vulnerability using File Thingie v2.5.4, xiashing   (April 02, 2009)
• Asbru Web Content Management Vulnerabilities, Patrick Webster   (April 02, 2009)
• Q2 Solutions ConnX - SQL Injection Vulnerability, Patrick Webster   (April 02, 2009)
• [SECURITY] [DSA 1762-1] New icu packages fix cross site scripting, Steffen Joeris   (April 02, 2009)
• ContentKeeper - Remote command execution and privilege escalation, Patrick Webster   (April 02, 2009)
• [TZO-05-2009] Clamav 0.94 and below - Evasion /bypass, Thierry Zoller   (April 02, 2009)
• [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details), Thierry Zoller   (April 02, 2009)
• [TZO-07-2009] F-PROT ZIP Method evasion, Thierry Zoller   (April 02, 2009)
• [ MDVSA-2009:085 ] gstreamer0.10-plugins-base, security   (April 02, 2009)
• [SECURITY] [DSA 1761-1] New moodle packages fix file disclosure, Nico Golde   (April 03, 2009)
• Autodesk IDrop ActiveX Control Heap Corruption Vulnerability, Elazar Broad   (April 03, 2009)
• glFusion <= 1.1.2 COM_applyFilter()/cookies remote blind sql injection exploit, nospam   (April 03, 2009)
• Family Connections 1.8.2 Arbitrary File Upload, Salvatore \"drosophila\" Fresta   (April 03, 2009)
• Family Connections <= 1.8.2 - Remote Shell Upload Exploit, Salvatore \"drosophila\" Fresta   (April 03, 2009)