Search DaniWeb - vulnerability

vulnerability 13 Years Ago by hackit guys i just read a vulnerability in the calculator of windows. vulnerability is like this: *) open calculator *) type 4 and then take its square *) then minus two from the result shocked.... answer should be 0 but it shows a different answer.. please help me on this. Vulnerability report reveals Microsoft isn't the bad guy after all 10 Years Ago by happygeek …'s that time of year again, and the latest [Secunia Vulnerability Review](http://secunia.com/vr2015/) has been published. This analysed… over a five year stretch, then the non-Microsoft applications vulnerability share is pretty static around the 78% mark as far… Re: Vulnerability in PHP CGI 12 Years Ago by LastMitch **@cereal** >Vulnerability in PHP CGI I actually never try this Mod before: RewriteCond %{QUERY_STRING} ^(%2d|-)[^=]+$ [NC] RewriteRule ^(.*) $1? [L] Does it work? Does solve the Vulnerability in **PHP CGI**? Vulnerability in PHP CGI 13 Years Ago by cereal > There is a vulnerability in certain CGI-based setups (Apache+mod_php and nginx+php-fpm are not affected) that has gone unnoticed for at least 8 years... read more: http://www.php.net/archive/2012.php#id2012-05-03-1 Re: vulnerability 13 Years Ago by jingda I suppose you are taking course in computer security? Correct me if I am wrong. So what do you want us to help you with? Re: vulnerability 13 Years Ago by Reverend Jim First of all when you take the square of 4 you get 16. I presume you meant square root. I would imagine that the algorithm used to find the square root results in 2 plus a very very small fraction which is not shown because it is so much smaller than 2. When you subtract 2 from that you are just left with the fractional part which is, at least on … Is Java 7 still insecure? Oracle patch doesn't fix underlying vulnerability 12 Years Ago by happygeek …and preferably uninstall Java altogether. The CVE-2012-4681 vulnerability, comprising two flaws, along with a couple of other…the Security Explorations CEO, has claimed that the new vulnerability enables a 'complete JVM sandbox bypass' within the… is that it blocked the route to the vulnerability in order to prevent exploitation rather than actually … The truth about software low-hanging-fruit vulnerability 17 Years Ago by happygeek …as the top ten software vendors contributing to vulnerability disclosure statistics are concerned, the trend is … their applications less likely to be ripe for vulnerability picking. Conversely, smaller companies with myriad new products…easy pickings, and this has diluted the overall vulnerability pool. I questioned Ollman about the figures, … How will your https site address the SSL renegotiation vulnerability? 15 Years Ago by AnonymousHoward …cgi-bin/cvename.cgi?name=CVE-2009-3555"]vulnerability in SSL and TLS[/URL] was announced. …exploited to obtain Twitter account passwords[/URL]. The vulnerability affects most existing implementations of SSL 3.x and…LIST] [*]do nothing and continue to live with the vulnerability, or [*]disable renegotiation until the IETF standardizes a new… WARNING: Adobe Acrobat, Flash and Reader Zero Day Vulnerability 15 Years Ago by happygeek … of what it describes as a "critical vulnerability" which exists within the current versions of … Windows, Macintosh and Linux operating systems, The same vulnerability can be found within the authplay.dll component that …[/URL] that there are "reports that this vulnerability is being actively exploited in the wild via limited,… Firefox 3.6 Critical Vulnerability Already Fixed 15 Years Ago by happygeek … that Firefox 3.6 has an unpatched critical vulnerability. The fact that Pwn2Own competitors will not be… clients as suggested by the German government. The vulnerability has already been patched by Mozilla developers, according …switch-browsers-away-from-firefox-due-to-remote-code-vulnerability/article/166216/?"]SC Magazine[/URL] the German… Why did Apple take so long to fix Darwin Nuke vulnerability? 10 Years Ago by happygeek …Khudyakov, Maxim Zhuravlev and Andrey Rubin discovered a vulnerability in the Darwin kernel back in December 2014.…corners. The Kaspersky Lab researchers which analyzed the vulnerability reckon it affected devices with 64-bit processors …big deal. A Kaspersky spokesperson explains that the vulnerability is exploited while processing an IP packet of… Microsoft admits Word users are at risk from critical Jet vulnerability 17 Years Ago by newsguy … Microsoft has confirmed the presence of a critical vulnerability which impacts upon users of MS Word for …security vendor recently discovered in the wild exploits. The vulnerability exploits bugs in the Microsoft Jet Database Engine, …New-MS-Access-exploit.aspx"]blogged about the vulnerability[/URL] some three weeks back but accuse Microsoft… Safari DoS vulnerability could crash your Apple iPhone 17 Years Ago by happygeek …opens a JavaScript containing HTML page which triggers the vulnerability. An application Denial of Service attack can then…phone, and quite possibly the iPhone itself. The vulnerability actually lies with the Safari web browser that … own Security Update Service. Radware warn that the vulnerability, which obviously has to have a user visiting … WARNING: new Adobe zero-day vulnerability in the wild 15 Years Ago by happygeek … admitted that there is yet another possible zero-day vulnerability in Adobe Acrobat and Reader, oh deep joy. …quot;]confirms[/URL] "...Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier …-day-xmas-present"]Symantec[/URL] which discovered the vulnerability "the PDF files we discovered arrives as an… Firefox 3 Vulnerability... 16 Years Ago by The Dude … after Mozilla officially released Firefox 3.0, researchers found a vulnerability in the new browser. Tipping Point has verified the bug… about the problem. Tipping Point ranked the severity of the vulnerability as high, but said that users would have to click… Re: zero-day vulnerability 10 Years Ago by JorgeM It is called a "zero-day" because the vulnerability unknown to the vendor. This vulnerability is then exploited by hackers before the vendor is aware. Since the vendor is not aware, there is no fix for it at the time of the exploit. Depending on the exploit, I'd say there is a potential for a devastating result. Adobe Flash "Vulnerability" = My computer DEAD! HELP! 16 Years Ago by kerryums … many, saw the Blizzard notice about an Adobe Flash "vulnerability". Their notice explained this to be related to a… format string vulnerability exploitation 16 Years Ago by nb1 hello, I am attempting to exploit a format string vulnerability in a C program in order to 1)crash the … ASP.NET Forms Authentication Vulnerability 19 Years Ago by tgreer … cookie can authenticate back to the web application. The particular vulnerability in ASP.NET Forms Authentication, is that even if the… Firefox Vulnerability in 1.0.6 19 Years Ago by kc0arf Security researchers announced a new vulnerability for users of the Firefox 1.0.6 browsers on … CodeIgniter session cookie vulnerability 10 Years Ago by iamthwee Hi guys, I just came across an interesting article regarding codeigniter cookie sessions. http://www.dionach.com/blog/codeigniter-session-decoding-vulnerability It seems it is fixed in 3.0 but I know that version isn't stable. I wonder what Dani thinks about this? Re: CodeIgniter session cookie vulnerability 10 Years Ago by cereal … stable. EllisLab made this upgrade to fix the session cookie vulnerability discussed in your link. About 2.2.0: > CodeIgniter… zero-day vulnerability 10 Years Ago by alisandro13 Why can an exploit of a zero-day vulnerability be particularly devastating? XSS website vulnerability 8 Years Ago by RoDaGo Hi, I've had a report that my website has an XSS vulnerability (specific details have not yet been provided). Can anyone recommend any software that I can use to test my site for weaknesses please? Thank you FREE SQL Injection Vulnerability Scan 7 Years Ago by davy_yg Hello, Can anyone help me check if this SQL Injection Vulnerability Scan is FREE : https://suip.biz/?act=sqlmap And is … tar vulnerability 2 Years Ago by Yulen .tar vulnerability https://github.com/dalmat501/https-github.com-dotnet-runtime/pull/1/commits/2c9ef4796667b3a2443c11ea24a96d40199b3606 https://github.com/advisories/GHSA-gw9q-c7gh-j9vm Re: Vulnerability in PHP CGI 12 Years Ago by cereal Not completely, they posted an update few days later: http://www.php.net/archive/2012.php#id2012-05-06-1 The rewrite rule to test is this: RewriteCond %{QUERY_STRING} ^[^=]*$ RewriteCond %{QUERY_STRING} %2d|\- [NC] RewriteRule .? - [F,L] basically try something like this: * http://localhost/page.php?-s * http://localhost/page.… Re: Vulnerability in PHP CGI 12 Years Ago by LastMitch **@cereal** >Or search for CVE-2012-2311 on google. Anyway, remember this is related only to mod_cgi. OK, I get it now. Thanks for the link. I got a better understanding what the issue is. Re: SQL injection vulnerability scanner 12 Years Ago by ryantroop … expected result. If any failures occur, then you have a vulnerability. In truth, you may just want to look into what…