October, 2014 | 007 Software

SAP BusinessObjects Explorer version 14.0.5 is vulnerable to XML External Entity (XXE) attacks. This vulnerability could be triggered by an unauthenticated user, as the login request uses vulnerable XML processing as well.

007 Software

Monthly Archives: October 2014

Judge Rejects Defense That FBI Illegally Hacked Silk Road

NSA May Have Undercover Operatives In Foreign Companies

HP To Remove Digital Signature That Code-Signed Malware

Researcher Makes The Case For DDoS Attacks

Vuln: Linux Kernel CVE-2014-3631 Local Denial of Service Vulnerability

Vuln: Cisco Intrusion Prevention System CVE-2014-3402 Denial of Service Vulnerability

Vuln: Yokogawa CENTUM CS3000 'BKCLogSvr.exe' Heap Based Buffer Overflow Vulnerability

Vuln: Cisco IOS XE Software CVE-2014-3403 Certificate Validation Security Bypass Vulnerability

SAP BusinessObjects Explorer 14.0.5 XXE Injection

neuroML 1.8.1 XSS / LFI / XXE Injection / Disclosure

Software and Security Information