Смотрите также связанные темы
04.11.2018 CVE-2008-4930
MyBB (aka MyBulletinBoard) 1.4.2 does not properly handle an uploaded file with a nonstandard file type that contains HTML sequences, which allows remote attackers to cause that file to be processed as HTML by Internet Explorer's content inspection, aka "Incomplete protection against MIME-sniffing." NOTE: this could be leveraged for XSS and other attacks.
18.12.2018 "Лаборатория Касперского" выпустила бету новой линейки корпоративных продуктов
В линейке Kaspersky Open Space Security представлены Антивирус Касперского для Windows Workstations 8.0, Kaspersky Administration Kit 8.0, Антивирус Касперского для Windows Server 8.0 и Антивирус Касперского Second Opinion Solution 8.0. Далее
18.05.2018 CVE-2009-1676
The WebDAV implementation in Microsoft Internet Information Services (IIS) 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected folder.
10.06.2018 CVE-2009-1535
The WebDAV extension in Microsoft Internet Information Services (IIS) 5.1 and 6.0 allows remote attackers to bypass URI-based protection mechanisms, and list folders or read, create, or modify files, via a %c0%af (Unicode / character) at an arbitrary position in the URI, as demonstrated by inserting %c0%af into a "/protected/" initial pathname component to bypass the password protection on the protected folder, aka "IIS 5.1 and 6.0 WebDAV Authentication Bypass Vulnerability."
11.11.2018 CVE-2012-5827
Joomla! 2.5.x before 2.5.8 allows remote attackers to conduct clickjacking attacks via unspecified vectors involving "Inadequate protection."
26.01.2018 HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01971741 Version: 1 HPSBMA02485 SSRT090252 rev.1 - HP Power Manager, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-01-19 Last Updated: 2010-01-19 Potential Security Impact: Remote execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP Power Manager. The vulnerabi...
15.06.2018 "Лаборатория Касперского" представила сервис Kaspersky DDoS Prevention
"Лаборатория Касперского" объявляет о запуске в промышленную эксплуатацию на территории Российской Федерации нового сервиса, предназначенного для защиты Интернет-ресурсов предприятий от распределенных хакерских атак, направленных на отказ в обслуживании - Kaspersky DDoS Prevention (KDP). Далее
16.07.2018 Касперский принял "Би-би-си" за фишеров
Kaspersky Internet Security 2011 заблокировал обновленный новостной сайт британской вещательной корпорации, по ошибке считая его вредоносным. Далее
15.06.2018 "Лаборатория Касперского" представляет новый сервис Kaspersky DDoS Prevention
"Лаборатория Касперского" объявила о запуске в промышленную эксплуатацию на территории Российской Федерации нового сервиса, предназначенного для защиты Интернет-ресурсов предприятий от распределенных хакерских атак, направленных на отказ в обслуживании.
24.09.2018 CVE-2010-3081
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
|
