struts 1 security vulnerabilities

Release date: 2012-03-21Updated on: 2012-03-23 Affected Systems:Google Chrome Description:--------------------------------------------------------------------------------Bugtraq id: 52674Cve id: CVE-2011-3050, CVE-2011-3051, CVE-2011-3053, CVE-2011-3054, CVE-2011-3055, CVE-2011-3056 Google Chrome is a simple and efficient Web browser tool developed by Google. Google Chrome versions earlier than 17.0.963.83 have multiple security

Affected Versions: Google Chrome 5.0Vulnerability description: Bugtraq id: 41334CVE ID: CVE-2010-2645, CVE-2010-2646, CVE-2010-2647, CVE-2010-2648, CVE-2010-2649, CVE-2010-2650, CVE-2010-2651, CVE-2010-2652Google Chrome is Google's open source WEB browser. Chrome 5.0.375.99 fixes multiple security vulnerabilities, A user who is cheated to access a malicious webpage may cause denial of service or complet

Release date:Updated on: Affected Systems:OpenJDKDescription:--------------------------------------------------------------------------------Bugtraq id: 67508CVE (CAN) ID: CVE-2014-0462OpenJDK is a cooperation Platform for open source implementation of Java Platform, Standard Edition and related projects.On Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS platforms, OpenJDK 6 6b31 and earlier versions have security

Release date:Updated on: Affected Systems:WordPress 3.xDescription:--------------------------------------------------------------------------------Bugtraq id: 57554WordPress is a blog platform developed using the PHP language. You can set up your own website on servers that support PHP and MySQL databases.Wordpress has multiple security vulnerabilities in implementation, which can be exploited by malicious

Release date:Updated on: Affected Systems:Sunway ForceContro 6.1 SP3Sunway ForceContro 6.1 SP2Sunway ForceContro 6.1 SP1Description:--------------------------------------------------------------------------------Bugtraq id: 49747 Sunway ForceControl is a Chinese SCADA/HMI software. Multiple security vulnerabilities exist in ForceControl implementation. Remote attackers may exploit this vulnerability to exec

be automatically filled out, from the interception request can be very easy to find the account and password information.TipsIn the most recent version of most browser products, this auto-save feature is still available. In this special easy to hit the library of the age, the password is really not good to remember, this is to see the choice of their own.5. Browser historyWhen a user submits data, not a GET request is a POST request. A GET request can be found by observing the URL itself, but t

Release date: 2012-03-16Updated on: 2012-03-19 Affected Systems:VMWare ESX Server 4.xVMWare ESXi 5.xVMWare ESXi 4.xDescription:--------------------------------------------------------------------------------CVE (CAN) ID: CVE-2010-0405, CVE-2012-1508, CVE-2012-1510 VMware ESX Server is an enterprise-level virtual computer software for any system environment. VMware ESX Server and VMware ESXi have multiple vulnerabilities in implementation, which can

[ +]; ShortLen = * ( Short*) Strm; STRM+=sizeof(len); if(Len +) {memcpy (buf, STRM, Len); Process (BUF); returnSTRM +Len; } Else { return-1; }}example4:[email protected]~/labs/integer $ cat add.c#include#includeintMainvoid){ intA;//a=2147483647;A=Int_max; printf ("int A (INT_MAX) =%d (0x%x), int a (INT_MAX) + 1 =%d (0x%x) \ n", a,a,a+1, A +

Release date:Updated on: 2012-04-10 Affected Systems:Real Networks Helix Mobile Server 14.xReal Networks Helix Server 14.xDescription:--------------------------------------------------------------------------------Bugtraq id: 52929Cve id: CVE-2012-0942, CVE-2012-1923, CVE-2012-1984, CVE-2012-1985 RealNetwork Helix Server is a multi-format, cross-platform Streaming Media Server software that can deliver high-quality multimedia content to no network location. Helix Server has multiple

Release date: Update Date: Affected system: phpPHP lt; 5.2.5 not affected system: PHPPHP5.2.5 description: BUGTRAQID: 26403----CVE (CAN) ID: CVE-2007-4887PHP is a widely used general purpose scripting language, especially suitable for Web development, can be embedded into HT Release date: Updated on: 2007-11-13 Affected systems: Php Unaffected system: PHP 5.2.5 Description: Bugtraq id: 26403 ---- CVE (CAN) ID: CVE-2007-4887 PHP is a widely used scripting language. it is especially s

Release date:Updated on: Affected Systems:Novell eDirectory 8.8.7.2Novell eDirectory 8.8.6.7Description:--------------------------------------------------------------------------------Bugtraq id: 57038CVE (CAN) ID: CVE-2012-0428, CVE-2012-0429, CVE-2012-0430, CVE-2012-0432Novell eDirectory is a cross-platform Directory Server.Novell eDirectory versions earlier than 8.8.8.7.2 and 8.8.6.7 have cross-site scripting, DOS, information leakage, and stack buffer overflow

Release date:Updated on: 2012-05-10 Affected Systems:Cisco Secure ACS 5.xDescription:--------------------------------------------------------------------------------Bugtraq id: 53436Cve id: CVE-2011-3293, CVE-2011-3317 Cisco Secure ACS is a central RADIUS and TACACS + server that integrates user authentication, user and administrator device access control, and policy control into a centralized unified network solution. Cisco Secure Access Control System 5.2.0.26 patch 9 and earlier versions h

Release date:Updated on: Affected Systems:WordPress FoxyPress 0.xDescription:--------------------------------------------------------------------------------FoxyPress is a free shopping cart and product management tool that integrates FoxyCart's e-commerce solutions. FoxyPress plugin for WordPress 0.4.2.5 and other versions have multiple security vulnerabilities, which can be exploited to execute cross-site

Pointter is a PHP-based content management system. Multiple security vulnerabilities in Pointter 1.2 may cause sensitive information leakage.[+] Info:~~~~~~~~~ Pointter PHP Content Management System 1.2 Multiple VulnerabilitiesVendor: PangramSoft GmbHProduct web page: http://www.pointter.comAffected version: 1.2 [+] Poc:~~~~~~~~~XSS: The stored XSS is pretty much everywhere in the admin panel, just posting

Affected System setuid Program (Linux, patch) involved program: Red Hat LinuxDescription RedHat Linux core security vulnerability affects the system's setuid ProgramDetailsVersions with vulnerabilities: Red Hat Linux 6.0 - i386 alpha sparc Red Hat Linux 6.1 - i386 alpha sparc Red Hat Linux 6.2 - i386 alpha sparc Drivers added or updated to the core in vulnerability patches:The AMI MegaRAID d

Release date:Updated on: Affected Systems:IBM Maximo Asset Management 7.xIBM Maximo Asset Management 6.xIBM Maximo Asset Management essenessen7.xIBM Maximo Asset Management Essentials 6.xDescription:--------------------------------------------------------------------------------Cve id: CVE-2011-1394, CVE-2011-1395, CVE-2011-1396, CVE-2011-1397, CVE-2011-4816, CVE-2011-4817, CVE-2011-4818, CVE-2011-4819 The IBM Maximo Asset Management software provides comprehensive Asset lifecycle and maintenanc

Affected Systems: PhpShop 0.6.1-B Detailed description: PhpShop is a PHP-based e-commerce program that can easily expand WEB functions. PhpShop has multiple security issues. Remote attackers can exploit these vulnerabilities to attack the database, obtain sensitive information, and execute arbitrary script code. The specific problems are as follows: 1. SQL i

Release date:Updated on: Affected Systems:HP Insight Management Agents 8.9HP Insight Management Agents 8.6HP Insight Management Agents 8.5Unaffected system:HP Insight Management Agents 9.0Description:--------------------------------------------------------------------------------Bugtraq id: 53341Cve id: CVE-2012-2003, CVE-2012-2004, CVE-2012-2005, CVE-2012-2006 HP Performance Insight software is used to collect, collect, and centralize Performance data. HP Insight Management Agents has multiple

Affected Versions: Django 1.2.5Django 1.3 beta 1Django 1.2.4Django 1.2.2Django 1, 1.2 Vulnerability description: Django is an open-source Web application framework written in Python.Django has multiple security vulnerabilities that allow attackers to obtain sensitive information, operate on data, and perform Cache Poison attacks or DoS attacks.

Release date:Updated on: Affected Systems:IBM Tivoli Directory Server 6.xDescription:--------------------------------------------------------------------------------Cve id: CVE-2010-4476 IBM Tivoli Directory Server is an enterprise identity management software. IBM Tivoli Directory Server has multiple implementation vulnerabilities that can be exploited by malicious users to expose sensitive information and cause denial of service (DoS) control to