United States-English
» Home - Tab
Blogs - Tab - Selected
» Forums - Tab

HP Security Labs Advisories

Thursday, September 27, 2007 07:56 AM

» iPhone Call Manipulation



Summary The Apple iPhone version 1.0.0 web browser has a special feature that allows the user to dial any phone number displayed on the currently viewed web page simply by tapping the number. This feature can be exploited by attackers in several serious
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,

Saturday, October 08, 2005 07:49 AM

» Oracle 10g - emagent.exe Stack-Based Overflow



Severity: Critical System Affected: For a complete list of products and components affected, please visit http://www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html Description: A vulnerability has been discovered in Oracle Application Server
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,

Friday, July 15, 2005 07:52 AM

» Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2



Severity: Medium System Affected: 5.2 Windows Linux Solaris HP-UX PA RISC 5.1 Windows Solaris IBM AIX 5.0 Windows Linux Solaris IBM AIX HP-UX PA RISC HP-UX Itanium 4.2.5 Windows Solaris A complete list of products using vulnerable version of the EAServer
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,

Monday, July 11, 2005 07:51 AM

» ASP.NET RPC/Encoded Web service DOS



Severity: High System Affected: IIS Servers exposing ASP.NET Web services that consume arrays in RPC/Encoded mode Applications using System.Xml.Serialization to consume untrusted data in RPC/Encoded mode Description: We have found that by sending a custom
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,

Friday, May 27, 2005 07:53 AM

» Multiple Vulnerabilities in Sun-One Application Server



System Affected: Sun-ONE Application Server 7.0 for Windows 2000/XP Description: During a brief audit of a SunONE Application Server installation on Windows 2000, SPI Labs discovered a number of vulnerabilities. Each of the vulnerabilities is described
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,

Wednesday, April 13, 2005 07:50 AM

» IBM WebSphere Widespread configuration JSP disclosure



Severity: High System Affected: IBM WebSphere Application 6 and prior. Description: The practice of sharing the document root of the app server within the document root of the web server creates a security exposure that can result in the jsp source being
Posted By erik.peterson | No Comments | Trackbacks | Permalink
, ,

Tuesday, March 18, 2003 07:55 AM

» Remote Administration of BEA WebLogic Server



Severity: High Systems Affected: • WebLogic Server and Express 6.0 • WebLogic Server and Express 6.1 • WebLogic Server and Express 7.0 Description: SPI Labs and S21sec have identified a serious vulnerability that could allow an attacker
Posted By erik.peterson | No Comments | Trackbacks | Permalink
,
Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable.  Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.