Search Results

Search found 16113 results on 645 pages for 'cross domain'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 179/645 | < Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186  | Next Page >

  • Multiple vulnerabilities in Oracle Java Web Console

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2007-5333 Information Exposure vulnerability 5.0 Apache Tomcat Solaris 10 SPARC: 147673-04 X86: 147674-04 CVE-2007-5342 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2007-6286 Request handling vulnerability 4.3 CVE-2008-0002 Information disclosure vulnerability 5.8 CVE-2008-1232 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-1947 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-2370 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2008-2938 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2008-5515 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2009-0033 Improper Input Validation vulnerability 5.0 CVE-2009-0580 Information Exposure vulnerability 4.3 CVE-2009-0781 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2009-0783 Information Exposure vulnerability 4.6 CVE-2009-2693 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.8 CVE-2009-2901 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2009-2902 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2009-3548 Credentials Management vulnerability 7.5 CVE-2010-1157 Information Exposure vulnerability 2.6 CVE-2010-2227 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 6.4 CVE-2010-3718 Directory traversal vulnerability 1.2 CVE-2010-4172 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2010-4312 Configuration vulnerability 6.4 CVE-2011-0013 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2011-0534 Resource Management Errors vulnerability 5.0 CVE-2011-1184 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-2204 Information Exposure vulnerability 1.9 CVE-2011-2526 Improper Input Validation vulnerability 4.4 CVE-2011-3190 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2011-4858 Resource Management Errors vulnerability 5.0 CVE-2011-5062 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-5063 Improper Authentication vulnerability 4.3 CVE-2011-5064 Cryptographic Issues vulnerability 4.3 CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • i want to have some cross browser consistency on my fieldsets, do you know how can i do it?

    - by Omar
    i have this problem with fieldsets... have a look at http://i.imgur.com/IRrXB.png is it possible to achieve what i want with css??? believe me, i tried! as you can see on the img, i just want the look of the legend to be consistent across browsers, i want it to use the width of the fieldset no more (like chrome and ie) no less (like firefox), dont worry about the rounded corners and other issues, thats taken care of. heres the the core i'm using. CSS <style type="text/css"> fieldset {margin: 0 0 10px 0;padding: 0; border:1px solid silver; background-color: #f9f9f9; -moz-border-radius:5px; -webkit-border-radius:5px; border-radius:5px} fieldset p{clear:both;margin:.3em 0;overflow:hidden;} fieldset label{float:left;width:140px;display:block;text-align:right;padding-right:8px;margin-right: 2px;color: #4a4a4a;} fieldset input, fieldset textarea {margin:0;border:1px solid #ddd;padding:3px 5px 3px 5px;} fieldset legend { background: #C6D1E8; position:relative; left: -1px; margin: 0; width: 100%; padding: 0px 5px; font-size: 1.11em; font-weight: bold; text-align:left; border: 1px solid silver; -webkit-border-top-left-radius: 5px; -webkit-border-top-right-radius: 5px; -moz-border-radius-topleft: 5px; -moz-border-radius-topright: 3px; border-top-left-radius: 5px; border-top-right-radius: 5px; } #md {width: 400px;} </style> HTML <div id="md"> <fieldset> <legend>some title</legend> <p> <label>Login</label> <input type="text" /> </p> <p> <label>Password</label> <input type="text" /> </p> <p><label>&nbsp;</label> <input type="submit"> </p> </fieldset> </div>

    Read the article

  • Can Windows handle inheritance cross the 32-bit/64-bit boundary?

    - by TheBeardyMan
    Is it possible for a child process to inherit a handle from its parent process if one process is 32-bit and the other is 64-bit? HANDLE is a 64 bit type on Win64 and a 32 bit type on Win32, which suggests that even it were supposed to be possible in all cases, there would be some cases where it would fail: a 64-bit parent process, a 32-bit child process, and a handle that can't be represented in 32 bits. Or is naming the object the only way for a 32-bit process and a 64-bit process to get a handle for the same object?

    Read the article

  • How has RIA Technology and what technology stack currently rules this domain ?

    - by Rachel
    I am new to RIA and have not been actively with this technology with all my projects as all of them we using server side Java Technology but I want to gain some experience with RIA and so my question is How has RIA Technology evolved and what technology stack currently rules this domain ? What are the recommended resources for learning RIA and in general what is the suggested approach to get started on RIA Journey ? Thanks.

    Read the article

  • Silverlight 4 - Download an html page from a different domain IN BROWSER?

    - by SilverDark
    I am trying to download a page using Silverlight 4 (http://google.com/) from a different domain than where the app is hosted. I'm simply curious if this is possible in the browser. I know I can do it out of the browser, as I tried it already, but trying it in the browser gives a security exception (understandable). I'd like to know if this can even be done, and if so, how? Thanks in advance.

    Read the article

  • How do I process the configure file when cross-compiling with mingw?

    - by vy32
    I have a small open source program that builds with an autoconf configure script. I ran configure I tried to compile with: make CC="/opt/local/bin/i386-mingw32-g++" That didn't work because the configure script found include files that were not available to the mingw system. So then I tried: ./configure CC="/opt/local/bin/i386-mingw32-g++" But that didn't work; the configure script gives me this error: ./configure: line 5209: syntax error near unexpected token `newline' ./configure: line 5209: ` *_cv_*' Because of this code: # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\(a-zA-Z_a-zA-Z0-9_*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_* fi Which is generated then the AC_OUTPUT is called. Any thoughts? Is there a correct way to do this?

    Read the article

  • Entity Framework - in model first, how do I get my EF classes to be based on the existing domain cla

    - by Greg
    Hi, If I already have domain classes, and I want to be able persist them using EF via a model first approach how do I do this? For example do I go to the EF designer (in VS2010) and create the model and generate the classes, then go to these EF classes and somehow manually modify them? But then would there be an issue if I needed to change the model and re-create database TSQL from the model for updates? What's the easiest approach?

    Read the article

  • Impersonation on Windows 2000 to Windows XP Leaves Connections Open

    - by Tallek
    I'm running on a Windows 2000 Pro SP4 box (off domain) and trying to impersonate a local user on a Windows XP box (on domain). I'm using code very similar to the WindowsImpersonationContextFacade in the question posted here: http://stackoverflow.com/questions/879704/how-can-i-temporarily-impersonate-a-user-to-open-a-file. I am using impersonation to remotely start and stop windows services as well as access network shares (for some automated integration tests). To get this working, i had to use LOGON32_PROVIDER_DEFAULT and LOGON32_LOGON_NEW_CREDENTIALS when calling LogonUser. Everything worked beautifully ( Windows XP on domain to Windows XP on domain, Windows XP on domain to Windows Server 2003 off domain, and even Windows XP on domain to Windows 2000 off domain). The one issue was running on Windows 2000 Pro SP4 off the domain and trying to impersonate a local user on a Windows XP box running on the domain. To get the Windows 2000 piece working, i had to use LOGON32_PROVIDER_WINNT50 and LOGON32_LOGON_NEW_CREDENTIALS when calling LogonUser. This seemed to get me 95% of the way there, i could now impersonate the local user on the XP box and start/stop services as well as access a network share using the impersonated credentials. I'm running in to one problem though, calling Undo impersonation and closing the token handle seems to leave the connection to the remote box open. After about 10 or so impersonation calls, further impersonation attempts will fail with an error saying something about too many connections are currently open. If i look at the Computer Management - System Tools - Shared Folders - Sessions on my remote Windows XP box, i can see about 10 sessions open to the Windows 2000 box. I can manually close these (i think they may eventually close themselves, but not very quickly) and then impersonation begins working again few more times. This open session issue doesn't seem to be a problem in any of my other test scenarios, just when running locally on a Windows 2000 box. Any ideas? Edit 1: After some more testing and trying out many different things, this seems to be an issue with open sessions not being reused. On Windows 2000 only, every call to LogonUser to get a token and then using that token to impersonate seems to result in a new session being created. I'm guessing Windows XP & Windows Server 2003 are reusing open sessions since i don't seem to be having any issues with them. If I call LogonUser once, then cache the token, I seem to be able to make as many calls to impersonate as I need using the cached token without running in to the "too many connections" issue. This seems like an ugly work around though since i can't call CloseHandle() on my token every time i perform impersonation. Anybody have any thoughts or ideas, or am i stuck with this ugly hack? Thanks

    Read the article

  • How has RIA technology evolved and what technology stack currently rules this domain?

    - by Rachel
    I am new to RIA and have not been actively involved with this technology in my projects as we using server-side Java, but I want to gain some experience with RIA. My questions are: How has RIA technology evolved and in your opinion? What technology stack currently rules this domain? What are the recommended resources for learning RIA? In general what is the suggested approach for getting started on the RIA journey?

    Read the article

  • How to setup Lighttpd as a proxy for cross-site requests?

    - by NilColor
    I want to setup my lighttpd server to proxy some requests (for ex. RSS requests) to other domains so i can fetch data using javascript. For example i'd like to fetch Atmo feed from internal Redmine (say http://code.internal.acme) to developer dashboard (say http://dashboard.internal.acme). I'd like to fetch it using JavaScript but i cant use something like JSONP and i don't want to use Flash for that. Currently i have this in my lighttpd.conf proxy.server = ( "/http-bind/" => ( ( "host" => "10.0.100.52", "port" => 5280 ) ) ) This way i can connect to our internal jabber server via Javascript. But i want more generic way... Something like proxy.server = ( "/proxy/{1}" => ( ( "url" => {1} ) ) )

    Read the article

  • Django: Setting up database code tables (aka reference tables, domain tables)?

    - by User
    Often times applications will need some database code tables (aka reference tables or domain tables or lookup tables). Suppose I have a model class called Status with a field called name that could hold values like: Canceled Pending InProgress Complete Where and at what point would I setup these values in Django? Its like a one time operation to setup these values in the database. Infrequently, these values could be added to.

    Read the article

  • What technology should I concentrate on for mobile development? [closed]

    - by Rob2211
    Firstly, I have many years experience with C# & .NET and some with Java. But, rather than committing to Java and developing native applications for Andriod I have been researching cross-platform deployment technologies. Currently, the most powerful cross-platform technology seems to be Flash, using Adobe AIR to package software as native applications. But given Adobe's announcement that it will discontinue support for the Flash Player on mobile devices it seems foolish (at this late stage) to invest in Flash and ActionScript as a developer. There has been speculation that Microsoft are also planning their exit strategy for Silverlight in favour of HTML5. So, my questions are; What is the most appropriate technology to invest in and learn in order to build cross-platform mobile applications / games while future proofing my skills as a developer? Is HTML5 mature enough to fill the 'Flash void' and be used to start building cross-platform, rich, interactive, networked mobile applications / games now? N.B. For HTML5 read (HTML5/CSS3/JavaScript)

    Read the article

  • What's the best method in ASP.NET to obtain the current domain?

    - by Graphain
    Hi, I am wondering what the best way to obtain the current domain is in ASP.NET? For instance: http://www.domainname.com/subdir/ should yield http://www.domainname.com http://www.sub.domainname.com/subdir/ should yield http://sub.domainname.com As a guide, I should be able to add a url like "/Folder/Content/filename.html" (say as generated by Url.RouteUrl() in ASP.NET MVC) straight onto the URL and it should work.

    Read the article

  • What is the best way to implement multilingual domain objects using NHibernate?

    - by Amitabh
    I have found few links but could not decide which one is the best way. http://fabiomaulo.blogspot.com/2009/06/localized-property-with-nhibernate.html (This stores all localised language data in one field. Can be a problem if we query from Sql) http://ayende.com/Blog/archive/2006/12/26/LocalizingNHibernateContextualParameters.aspx (This one has a warning at the beginning that it is a hack and no longer supported) http://www.webdevbros.net/2009/06/24/create-a-multi-languaged-domain-model-with-nhibernate-and-c/ (This does not describe how multilingual data will be structured in the database.)

    Read the article

  • Zenoss Setup for Windows Servers

    - by Jay Fox
    Recently I was saddled with standing up Zenoss for our enterprise.  We're running about 1200 servers, so manually touching each box was not an option.  We use LANDesk for a lot of automated installs and patching - more about that later.The steps below may not necessarily have to be completed in this order - it's just the way I did it.STEP ONE:Setup a standard AD user.  We want to do this so there's minimal security exposure.  Call the account what ever you want "domain/zenoss" for our examples.***********************************************************STEP TWO:Make the following local groups accessible by your zenoss account.Distributed COM UsersPerformance Monitor UsersEvent Log Readers (which doesn't exist on pre-2008 machines)Here's the Powershell script I used to setup access to these local groups:# Created to add Active Directory account to local groups# Must be run from elevated prompt, with permissions on the remote machine(s).# Create txt file should contain the names of the machines that need the account added, one per line.# Script will process machines line by line.foreach($i in (gc c:\tmp\computers.txt)){# Add the user to the first group$objUser=[ADSI]("WinNT://domain/zenoss")$objGroup=[ADSI]("WinNT://$i/Distributed COM Users")$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)# Add the user to the second group$objUser=[ADSI]("WinNT://domain/zenoss")$objGroup=[ADSI]("WinNT://$i/Performance Monitor Users")$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)# Add the user to the third group - Group doesn't exist on < Server 2008#$objUser=[ADSI]("WinNT://domain/zenoss")#$objGroup=[ADSI]("WinNT://$i/Event Log Readers")#$objGroup.PSBase.Invoke("Add",$objUser.PSBase.Path)}**********************************************************STEP THREE:Setup security on the machines namespace so our domain/zenoss account can access itThe default namespace for zenoss is:  root/cimv2Here's the Powershell script:#Grant account defined below (line 11) access to WMI Namespace#Has to be run as account with permissions on remote machinefunction get-sid{Param ($DSIdentity)$ID = new-object System.Security.Principal.NTAccount($DSIdentity)return $ID.Translate( [System.Security.Principal.SecurityIdentifier] ).toString()}$sid = get-sid "domain\zenoss"$SDDL = "A;;CCWP;;;$sid" $DCOMSDDL = "A;;CCDCRP;;;$sid"$computers = Get-Content "c:\tmp\computers.txt"foreach ($strcomputer in $computers){    $Reg = [WMIClass]"\\$strcomputer\root\default:StdRegProv"    $DCOM = $Reg.GetBinaryValue(2147483650,"software\microsoft\ole","MachineLaunchRestriction").uValue    $security = Get-WmiObject -ComputerName $strcomputer -Namespace root/cimv2 -Class __SystemSecurity    $converter = new-object system.management.ManagementClass Win32_SecurityDescriptorHelper    $binarySD = @($null)    $result = $security.PsBase.InvokeMethod("GetSD",$binarySD)    $outsddl = $converter.BinarySDToSDDL($binarySD[0])    $outDCOMSDDL = $converter.BinarySDToSDDL($DCOM)    $newSDDL = $outsddl.SDDL += "(" + $SDDL + ")"    $newDCOMSDDL = $outDCOMSDDL.SDDL += "(" + $DCOMSDDL + ")"    $WMIbinarySD = $converter.SDDLToBinarySD($newSDDL)    $WMIconvertedPermissions = ,$WMIbinarySD.BinarySD    $DCOMbinarySD = $converter.SDDLToBinarySD($newDCOMSDDL)    $DCOMconvertedPermissions = ,$DCOMbinarySD.BinarySD    $result = $security.PsBase.InvokeMethod("SetSD",$WMIconvertedPermissions)     $result = $Reg.SetBinaryValue(2147483650,"software\microsoft\ole","MachineLaunchRestriction", $DCOMbinarySD.binarySD)}***********************************************************STEP FOUR:Get the SID for our zenoss account.Powershell#Provide AD User get SID$objUser = New-Object System.Security.Principal.NTAccount("domain", "zenoss") $strSID = $objUser.Translate([System.Security.Principal.SecurityIdentifier]) $strSID.Value******************************************************************STEP FIVE:Modify the Service Control Manager to allow access to the zenoss AD account.This command can be run from an elevated command line, or through Powershellsc sdset scmanager "D:(A;;CC;;;AU)(A;;CCLCRPRC;;;IU)(A;;CCLCRPRC;;;SU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)(A;;CCLCRPRC;;;PUT_YOUR_SID_HERE_FROM STEP_FOUR)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)"******************************************************************In step two the script plows through a txt file that processes each computer listed on each line.  For the other scripts I ran them on each machine using LANDesk.  You can probably edit those scripts to process a text file as well.That's what got me off the ground monitoring the machines using Zenoss.  Hopefully this is helpful for you.  Watch the line breaks when copy the scripts.

    Read the article

  • What languages allow cross-platform native executables to be created?

    - by JT
    I'm frustrated to discover that Java lacks an acceptable solution for creating programs that will run via double-click. Other than .NET for Windows, what modern and high-level programming languages can I write code in that can be compiled for various platforms and run as a native/binary in each (Windows, Linux, OSX (optional)) Assuming I wanted to write code in python, for instance, is there a cohesive way that I could distribute my software which wouldn't require users to do anything special to get it to run? I want to write and distribute software for computer-illiterate and Java has turned out to be a real pain in this respect.

    Read the article

  • Mod Rewrite Rule not matching certain words

    - by Andy Gee
    I'm no expert in mod_rewrite at all and I'm trying to add a condition to the rule below to: match which is not equal to 'share' not match anything with a dot in it RewriteRule ^([^/]*)$ http://domain.com/directory/index.php?key=$1 [L] http://domain.com/directory/share will not be matched (share) http://domain.com/directory/foo.php will not be matched (contains a dot) http://domain.com/directory/abcde will be matched http://domain.com/directory/abcde-4 will be matched All ULRs will not have a trailing slash Any help will be much appreciated

    Read the article

  • Cross-site request forgery protections: Where do I put all these lines?

    - by brilliant
    Hello, I was looking for a python code that would be able to log in from "Google App Engine" to some of my accounts on some websites (like yahoo or eBay) and was given this code: import urllib, urllib2, cookielib url = "https://login.yahoo.com/config/login?" form_data = {'login' : 'my-login-here', 'passwd' : 'my-password-here'} jar = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar)) form_data = urllib.urlencode(form_data) # data returned from this pages contains redirection resp = opener.open(url, form_data) # yahoo redirects to http://my.yahoo.com, so lets go there instead resp = opener.open('http://mail.yahoo.com') print resp.read() Unfortunately, this code didn't work, so I asked another question here and one supporter among other things said this: "You send MD5 hash and not plain password. Also you'd have to play along with all kinds of CSRF protections etc. that they're implementing. Look: <input type="hidden" name=".tries" value="1"> <input type="hidden" name=".src" value="ym"> <input type="hidden" name=".md5" value=""> <input type="hidden" name=".hash" value=""> <input type="hidden" name=".js" value=""> <input type="hidden" name=".last" value=""> <input type="hidden" name="promo" value=""> <input type="hidden" name=".intl" value="us"> <input type="hidden" name=".bypass" value=""> <input type="hidden" name=".partner" value=""> <input type="hidden" name=".u" value="bd5tdpd5rf2pg"> <input type="hidden" name=".v" value="0"> <input type="hidden" name=".challenge" value="5qUiIPGVFzRZ2BHhvtdGXoehfiOj"> <input type="hidden" name=".yplus" value=""> <input type="hidden" name=".emailCode" value=""> <input type="hidden" name="pkg" value=""> <input type="hidden" name="stepid" value=""> <input type="hidden" name=".ev" value=""> <input type="hidden" name="hasMsgr" value="0"> <input type="hidden" name=".chkP" value="Y"> <input type="hidden" name=".done" value="http://mail.yahoo.com"> <input type="hidden" name=".pd" value="ym_ver=0&c=&ivt=&sg="> I am not quite sure where he got all these lines from and where in my code I am supposed to add them. Do You have any idea? I know I was supposed to ask him this question first, and I did, but he never returned, so I decided to ask a separate question here.

    Read the article

  • Migrating from CVS to Mercurial - how to handle cross-repo symbolic links?

    - by NVRAM
    I have a project that is stored in CVS as numerous modules/repositories. In several of the modules the CVS tree has symbolic links to the files in another tree. For example, the internal support tools have links to binary files (DLL, EXE) that are created and stored in the C# module. In all cases, the files are modified only in in the module where the files exist and are treated as read-only in the tree where the symbolic link exists. More often than not, the files are pulled to machines running MSWindows so the use of symbolic links on the developer machine is not an option. My question is this: Is there a mechanism in Mercurial that can provide the same capabilities?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 175 176 177 178 179 180 181 182 183 184 185 186  | Next Page >