AegisLab - Safely exploring the world!

AegisLab HomePressNews

SN-2011-45021 Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability
Security researcher \"rgod\" has discovered a vulnerability in Oracle Hyperion Financial Management, which can be exploited by remote attacker to compromise a victim\'s system...
TN-2011-44004 Lionic AppGuard can block UltraSurf 11.01 and earlier versions
How To: 1. Enabled block P2P / UltraSurf in AppGuard. 2. Enabled block Common / Fake SSL in AppGuard. 3. And...
SN-2011-43020 Apple Safari File Arbitrary Code Execution Vulnerability
An arbitrary Code Execution vulnerability has been identified in Apple Safari before 5.1.1 on Mac OS X platform. A policy issue in the handling of file:// URLs may allow arbitrary remote code execution. This issue does not affect Windows systems...
SN-2011-42019 Mozilla Firefox Array.reduceRight Integer Overflow Vulnerability
Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano Security reported that Mozilla Firefox, SeaMonkey and Thunderbird could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow in the reduceRight() method...
SN-2011-41018 GoAhead Webserver Stored XSS Vulnerability
The GoAhead WebServer is a standards-based Web server designed for cross-platform support. There are several stored cross-site scripting vulnerabilities found in GoAhead WebServer can be exploited to execute arbitrary JavaScript...
SN-2011-40017 Newgen Omnidocs Bypass Access Restriction Vulnerability
OmniDocs is an Enterprise Document Management (EDM) platform for creating, capturing, managing, delivering and archiving large volumes of documents and contents. It also integrates seamlessly with other enterprise applications. Multiple bypass access restriction vulnerability has been reported in OmniDocs...
SN-2011-39016 AmmSoft ScriptFTP 3.3 Client Remote Buffer Overflow Vulnerability
ScriptFTP is a FTP client designed to automate file transfers. It follows the commands written on a text file (also called script file) and makes the uploads or downloads automatically. A remote stack overflow vulnerability has been identified in AmmSoft ScriptFTP 3.3...
SN-2011-31014 Safari 5.0.5 SVG Remote Code Execution Vulnerability
WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1...
SN-2011-31015 WordPress TimThumb Plugin Remote Code Execution Vulnerability
TimThumb is a simple, flexible, PHP script that resizes images. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site. Feedjit CEO Mark Maunder discovered the remote code execution vulnerability during an audit of a successful attack on his own blog...
SN-2011-28013 Microsoft Internet Explorer Time Element Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the logged-on user...
prev 1 2 3 4 5 next

About Solutions Support Press Contact
Copyright © AegisLab. All rights reserved.  
Add. 1F.-C6,No.1,Lising 1st Rd.,Science-Based Industrial Park, Hsinchu City 30078,Taiwan Tel. 886-3-5789399 Fax. 886-3-5789595