Computer Associates SiteMinder Web Agent Smpwservices.FCC Cross Site Scripting
Posted on: 2009-06-27 by Giuseppe Gottardi, SD-Team
|
-
Computer Associates SiteMinder Web Agent is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker could use this vulnerability to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Read
Intel Centrino wireless drivers fail to properly process malformed frames
Posted on: 2009-05-23 by Giuseppe Gottardi, SD-Team
|
|
-
"Security vulnerabilities exist in the Microsoft Windows drivers for the Intel® 2200BG and 2915ABG PRO/Wireless Network Connection Hardware because of the way that they currently handle certain frames. An attacker could potentially exploit these vulnerabilities which could potentially lead to remote code execution and system control."
Read
WebLogic Connector JSESSIONID Stack Based Buffer Overflow
Posted on: 2009-03-02 by Guido Landi, SD-Team
|
|
-
"Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."
Read