HNS MAIN FEED
Saturday, 05:12 EST
- Zero-day vulnerabilities in Firefox extensions discovered
- Three charged with Comcast.net hijacking
- Cloud computing security benefits, risks and recommendations
- Poisoned Google search results
- World’s first wireless USB external hard drive
- A look at Securitybyte & OWASP AppSec Asia Conference 2009
- Biggest threats to federal systems and critical infrastructure
- Are 64-bit Windows inherently safer?
- NSA on cyber attacks and Microsoft collaboration
- New books: ModSecurity, Snow Leopard, social Web applications
- Vulnerability in IBM SolidDB memory caching software
- Two arrested for Zbot Trojan
DWebPro "file" Parameter Remote Command Execution
03 November 2009
DWebPro is web server available for flash devices and CD/DVD. The application is exposed to an arbitrary command execution because it fails to adequately sanitize user-supplied input to the "file" parameter in the "dwebpro/start" script.
Ref: http://www.securityfocus.com/archive/1/507241
09.44.2 - CVE: Not Available
Platform: Third Party Windows Apps
Ref: http://www.securityfocus.com/archive/1/507241
09.44.2 - CVE: Not Available
Platform: Third Party Windows Apps