Browse by Tags - HP Application Security Center Community
United States-English
Home - Tab - Selected
» Blogs - Tab
» Forums - Tab

Browse by Tags


HP Application Security Center Community » All Tags » advisory (RSS)

» iPhone Call Manipulation

Summary The Apple iPhone version 1.0.0 web browser has a special feature that allows the user to dial any phone number displayed on the currently viewed web page simply by tapping the number. This feature can be exploited by attackers in several serious ways, including: • Redirecting phone calls...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 09-27-2007

» Oracle 10g - emagent.exe Stack-Based Overflow

Severity: Critical System Affected: For a complete list of products and components affected, please visit http://www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html Description: A vulnerability has been discovered in Oracle Application Server 10g (10.1.2) on Windows 2000 Server and others ...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 10-08-2005

» Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2

Severity: Medium System Affected: 5.2 Windows Linux Solaris HP-UX PA RISC 5.1 Windows Solaris IBM AIX 5.0 Windows Linux Solaris IBM AIX HP-UX PA RISC HP-UX Itanium 4.2.5 Windows Solaris A complete list of products using vulnerable version of the EAServer is available from Sybase alert page http://www...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 07-15-2005

» ASP.NET RPC/Encoded Web service DOS

Severity: High System Affected: IIS Servers exposing ASP.NET Web services that consume arrays in RPC/Encoded mode Applications using System.Xml.Serialization to consume untrusted data in RPC/Encoded mode Description: We have found that by sending a custom SOAP message to an RPC/Encoded web method which...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 07-11-2005

» Multiple Vulnerabilities in Sun-One Application Server

System Affected: Sun-ONE Application Server 7.0 for Windows 2000/XP Description: During a brief audit of a SunONE Application Server installation on Windows 2000, SPI Labs discovered a number of vulnerabilities. Each of the vulnerabilities is described in detail below. Issue 1: JSP source code disclosure...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 05-27-2005

» IBM WebSphere Widespread configuration JSP disclosure

Severity: High System Affected: IBM WebSphere Application 6 and prior. Description: The practice of sharing the document root of the app server within the document root of the web server creates a security exposure that can result in the jsp source being served up as plain text by the web server. The...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 04-13-2005

» Remote Administration of BEA WebLogic Server

Severity: High Systems Affected: • WebLogic Server and Express 6.0 • WebLogic Server and Express 6.1 • WebLogic Server and Express 7.0 Description: SPI Labs and S21sec have identified a serious vulnerability that could allow an attacker to gain unauthorized access to the applications and...
Posted to HP Security Labs Advisories (Weblog) by erik.peterson on 03-18-2003
Page 1 of 1 (7 items)
Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable.  Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.