«
Expand/Collapse
36 items tagged "researcher"
Related tags:
mandriva linux [+],
integer overflow vulnerability [+],
arabic x [+],
mandriva [+],
without [+],
warns [+],
vulnerability [+],
site [+],
peril [+],
orlando [+],
mozilla developers [+],
make [+],
georgi guninski [+],
document [+],
claims [+],
calls [+],
application octet stream [+],
windows [+],
were [+],
vulnerable [+],
txt [+],
tool [+],
token system [+],
threaten [+],
text encryption [+],
target [+],
stuxnet [+],
strike [+],
sql injection [+],
sql [+],
sms based [+],
smartphone [+],
show [+],
security flaws [+],
security encryption [+],
security bug [+],
secureid [+],
secure [+],
scored [+],
scams [+],
reveal [+],
reporting security [+],
releases [+],
read [+],
quick [+],
pwns [+],
publishes [+],
photos [+],
phones [+],
oracle [+],
new [+],
needles [+],
nasa researcher [+],
nasa [+],
microsoft [+],
makes [+],
legal [+],
launch [+],
joomlakunena [+],
java security [+],
israel [+],
iphone [+],
ios [+],
internet explorer problems [+],
internet [+],
infosec world [+],
indestructible [+],
hp printers [+],
how [+],
heavies [+],
hacks [+],
gps [+],
goons [+],
gadget [+],
free [+],
finds [+],
financial company [+],
exploit [+],
encryption chip [+],
egypt [+],
drops [+],
developer program [+],
demos [+],
cybersecurity [+],
company [+],
chrome [+],
chip found [+],
charlie miller [+],
certificate authorities [+],
carrier [+],
browser [+],
botnet [+],
behind [+],
attack of the clones [+],
attack [+],
assailants [+],
apple bans [+],
apple [+],
apologizes [+],
and [+],
alien lifeform [+],
adobe [+],
Bugs [+],
security [+]
-
-
17:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-251 - Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other security issues were addressed in Firefox.
-
17:01
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2010-251 - Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other security issues were addressed in Firefox.
-
-
19:22
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-251 - Security issues were identified and fixed in firefox. Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other issues were also addressed.
-
19:22
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-251 - Security issues were identified and fixed in firefox. Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other issues were also addressed.
-
19:22
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2010-251 - Security issues were identified and fixed in firefox. Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other issues were also addressed.
-
-
12:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-042 - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. An anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla. Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type=image/svg+xml, the Content-Type is ignored and the SVG document is processed normally.
-
12:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-042 - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. An anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla. Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type=image/svg+xml, the Content-Type is ignored and the SVG document is processed normally.
-
-
13:00
»
Packet Storm Security Exploits
The Joomla Kunena component suffers from a remote blind SQL injection vulnerability. The researcher believes that this affects 1.5.9 but the author of the software has claimed that this only affects versions 1.5.4 and below.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution