|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : WLB-2008100023 | ||||||
 SecurityAlert : None
Credit : Jeremy Added by : SecurityReason SecurityRisk : Low  (About) Remote : No Local : No Status : Trick History : [2008-10-07] Started Affected software : Internet Explorer 7 Text : After I finished up zfz beta 2.0, I was tired. I had been working near non-stop on it for quite a while and I felt like I needed a break. So, I shut down all the lab boxes and tried to get some sleep. So after the attempt to replenish my bodies' health with rest, another idea popped into my head. Codebase for another fuzzer was born soon there after. Back to work I go. meta http-equiv="A x xxxxx" content="1" In case your not familiar with http-equiv, it is basically HTTP headers equivalent-ized in HTML. It can be very helpful and engages lots of development with web applications. Replacing "xxxxx" with ~16 million bytes will make IE hang for about an hour. Open task manager and you should see 100% CPU usage. This was tested on two different computers running Windows Vista and Internet Explorer 7, both nearly or fully patched. Firefox hits some bumps but nothing like IE. Google's Chrome, Opera, and Safari barely seemed affected by this. Quick byte, run for cover! If you want change this note, please use UCP
|
||||||
| Alert | ||
*BSD libc (strfmon) Multiple vulnerabilities
Maksymilian Arciemowicz discovered a Integer Overflow vulnerability in the libc library "strfmon()" function.A vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected *BSD systems. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP 5.2.5 and prior : |
||
- 2008-03-25| Copyright © SecurityReason. All Rights Reserved. |