|
|
|
|
|
|
|
|
|
 |
SN-2011-41018 GoAhead Webserver Stored XSS Vulnerability  |
| 2011-10-12 |
| The GoAhead WebServer is a standards-based Web server designed for cross-platform support. There are several stored cross-site scripting vulnerabilities found in GoAhead WebServer can be exploited to execute arbitrary JavaScript...
|
|
|
|
SN-2011-40017 Newgen Omnidocs Bypass Access Restriction Vulnerability |
| 2011-10-03 |
| OmniDocs is an Enterprise Document Management (EDM) platform for creating, capturing, managing, delivering and archiving large volumes of documents and contents. It also integrates seamlessly with other enterprise applications. Multiple bypass access restriction vulnerability has been reported in OmniDocs...
|
|
|
|
|
|
SN-2011-31015 WordPress TimThumb Plugin Remote Code Execution Vulnerability |
| 2011-08-04 |
| TimThumb is a simple, flexible, PHP script that resizes images. You give it a bunch of parameters, and it spits out a thumbnail image that you can display on your site. Feedjit CEO Mark Maunder discovered the remote code execution vulnerability during an audit of a successful attack on his own blog... |
|
|
|
SN-2011-31014 Safari 5.0.5 SVG Remote Code Execution Vulnerability |
| 2011-08-04 |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1... |
|
|
|
|
|
SN-2011-27012 HP OpenView Storage Data Protector Remote Buffer Oveflow_Vulnerability |
| 2011-07-08 |
| HP Data Protector is an automated backup and recovery software for singleserver to enterprise environments, supporting disk storage or tape storage targets. Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited by executing arbitrary code... |
|
|
|
|
|
|
|
2011-24009 Aastra IP Phone Web Interface Data Disclosure Vulnerability |
| 2011-06-14 |
| The Aastra 9480i is equipped with XML browser capabilities and an extra large display with dynamic softkeys to easily access customized services and applications. A data disclosure vulnerability have been reported in Aastra IP Phone 9480i web interface. The vulnerability allows an unprivileged attacker to read the sip details including password... |
|
|
|
|
|
2011-22007 Adobe Audition Session File Handling Buffer Overflow Vulnerability |
| 2011-05-31 |
| A buffer overflow vulnerability has been identified in Adobe Audition 3.0.1 and earlier versions for Windows. This flaw allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file... |
|
|
|
|
|
SN-2011-20005 IBM Tivoli Directory Server SASL Bind Request Remote Code Execution Vulnerability |
| 2011-05-17 |
| This flaw is caused by improper bounds checking by ibmslapd.exe. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted LDAP request could cause a buffer overrun in ber_get_int function. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user... |
|
|
|
|
|
|
|
|
|
WP-2011-03-31 Detection of Black Hat SEO Links |
| 2011-03-31 |
| To steal credit card numbers, passwords, and other sensitive personal information, malware writers always try to get their virus reach more people. They used to propagate virus via USB drives, spam and drive-by-download web site. Lately, they have increasingly been targeting the links served up by search engines. It is reported that 10 percent or more of the results returned by one-third of popular search terms led to malware. What's worse, downloaded malwares have very low detection rate among AV vendors ... |
|
|
|
WP-2011-03-22 AegisLab Mobile Malware Detection Rate Comparison |
| 2011-03-22 |
| AegisLab (http://www.aegislab.com) is a leading company of security solution provider. We use hundreds of mobile mal-wares (300+ samples) collected and analyzed by AegisLab to be the test samples. The coverage and distribution for test samples are almost the same as mobile mal-wares in the wild ... |
|
|
|
TN-2011-10002 AegisLab App-Guard can block JonDo |
| 2011-03-08 |
| JonDo Anonymous Proxy, a.k.a. JAP, is the ip changer tool which acts as a proxy and will forward the traffic of your internet applications encrypted to the mix cascades and so it will hide your ip address ... |
|
|
|
TN-2011-08001 AegisLab App-Guard can block LogMeIn Pro |
| 2011-02-25 |
| LogMeIn is one of the remote access software tool. It provides users access their PC anywhere anytime. From the convenience of a web browser, users can work with a remote computer securely as if they were sitting right in front of it ... |
|
|
|
|
|
|
|
TN-2010-51001 AegisLab App-Guard can block UltraSurf 9.5+ |
| 2010-12-21 |
| UltraSurf is a very sophisticated P2P software. It uses a distributed network of proxy servers, installed and maintained by volunteers around the world. Completely transparent data transfer and high level encryption of the content allow you to surf the web with high security ... |
|
|
|
