Search Results

Search found 3867 results on 155 pages for 'cross forest'.

Page 48/155 | < Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >

  • Multiple vulnerabilities in Oracle Java Web Console

    - by RitwikGhoshal
    CVE DescriptionCVSSv2 Base ScoreComponentProduct and Resolution CVE-2007-5333 Information Exposure vulnerability 5.0 Apache Tomcat Solaris 10 SPARC: 147673-04 X86: 147674-04 CVE-2007-5342 Permissions, Privileges, and Access Controls vulnerability 6.4 CVE-2007-6286 Request handling vulnerability 4.3 CVE-2008-0002 Information disclosure vulnerability 5.8 CVE-2008-1232 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-1947 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2008-2370 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2008-2938 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2008-5515 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.0 CVE-2009-0033 Improper Input Validation vulnerability 5.0 CVE-2009-0580 Information Exposure vulnerability 4.3 CVE-2009-0781 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2009-0783 Information Exposure vulnerability 4.6 CVE-2009-2693 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 5.8 CVE-2009-2901 Permissions, Privileges, and Access Controls vulnerability 4.3 CVE-2009-2902 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability 4.3 CVE-2009-3548 Credentials Management vulnerability 7.5 CVE-2010-1157 Information Exposure vulnerability 2.6 CVE-2010-2227 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability 6.4 CVE-2010-3718 Directory traversal vulnerability 1.2 CVE-2010-4172 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2010-4312 Configuration vulnerability 6.4 CVE-2011-0013 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability 4.3 CVE-2011-0534 Resource Management Errors vulnerability 5.0 CVE-2011-1184 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-2204 Information Exposure vulnerability 1.9 CVE-2011-2526 Improper Input Validation vulnerability 4.4 CVE-2011-3190 Permissions, Privileges, and Access Controls vulnerability 7.5 CVE-2011-4858 Resource Management Errors vulnerability 5.0 CVE-2011-5062 Permissions, Privileges, and Access Controls vulnerability 5.0 CVE-2011-5063 Improper Authentication vulnerability 4.3 CVE-2011-5064 Cryptographic Issues vulnerability 4.3 CVE-2012-0022 Numeric Errors vulnerability 5.0 This notification describes vulnerabilities fixed in third-party components that are included in Oracle's product distributions.Information about vulnerabilities affecting Oracle products can be found on Oracle Critical Patch Updates and Security Alerts page.

    Read the article

  • i want to have some cross browser consistency on my fieldsets, do you know how can i do it?

    - by Omar
    i have this problem with fieldsets... have a look at http://i.imgur.com/IRrXB.png is it possible to achieve what i want with css??? believe me, i tried! as you can see on the img, i just want the look of the legend to be consistent across browsers, i want it to use the width of the fieldset no more (like chrome and ie) no less (like firefox), dont worry about the rounded corners and other issues, thats taken care of. heres the the core i'm using. CSS <style type="text/css"> fieldset {margin: 0 0 10px 0;padding: 0; border:1px solid silver; background-color: #f9f9f9; -moz-border-radius:5px; -webkit-border-radius:5px; border-radius:5px} fieldset p{clear:both;margin:.3em 0;overflow:hidden;} fieldset label{float:left;width:140px;display:block;text-align:right;padding-right:8px;margin-right: 2px;color: #4a4a4a;} fieldset input, fieldset textarea {margin:0;border:1px solid #ddd;padding:3px 5px 3px 5px;} fieldset legend { background: #C6D1E8; position:relative; left: -1px; margin: 0; width: 100%; padding: 0px 5px; font-size: 1.11em; font-weight: bold; text-align:left; border: 1px solid silver; -webkit-border-top-left-radius: 5px; -webkit-border-top-right-radius: 5px; -moz-border-radius-topleft: 5px; -moz-border-radius-topright: 3px; border-top-left-radius: 5px; border-top-right-radius: 5px; } #md {width: 400px;} </style> HTML <div id="md"> <fieldset> <legend>some title</legend> <p> <label>Login</label> <input type="text" /> </p> <p> <label>Password</label> <input type="text" /> </p> <p><label>&nbsp;</label> <input type="submit"> </p> </fieldset> </div>

    Read the article

  • Can Windows handle inheritance cross the 32-bit/64-bit boundary?

    - by TheBeardyMan
    Is it possible for a child process to inherit a handle from its parent process if one process is 32-bit and the other is 64-bit? HANDLE is a 64 bit type on Win64 and a 32 bit type on Win32, which suggests that even it were supposed to be possible in all cases, there would be some cases where it would fail: a 64-bit parent process, a 32-bit child process, and a handle that can't be represented in 32 bits. Or is naming the object the only way for a 32-bit process and a 64-bit process to get a handle for the same object?

    Read the article

  • How do I process the configure file when cross-compiling with mingw?

    - by vy32
    I have a small open source program that builds with an autoconf configure script. I ran configure I tried to compile with: make CC="/opt/local/bin/i386-mingw32-g++" That didn't work because the configure script found include files that were not available to the mingw system. So then I tried: ./configure CC="/opt/local/bin/i386-mingw32-g++" But that didn't work; the configure script gives me this error: ./configure: line 5209: syntax error near unexpected token `newline' ./configure: line 5209: ` *_cv_*' Because of this code: # The following way of writing the cache mishandles newlines in values, # but we know of no workaround that is simple, portable, and efficient. # So, we kill variables containing newlines. # Ultrix sh set writes to stderr and can't be redirected directly, # and sets the high bit in the cache file unless we assign to the vars. ( for ac_var in `(set) 2>&1 | sed -n 's/^\(a-zA-Z_a-zA-Z0-9_*\)=.*/\1/p'`; do eval ac_val=\$$ac_var case $ac_val in #( *${as_nl}*) case $ac_var in #( *_cv_* fi Which is generated then the AC_OUTPUT is called. Any thoughts? Is there a correct way to do this?

    Read the article

  • How to setup Lighttpd as a proxy for cross-site requests?

    - by NilColor
    I want to setup my lighttpd server to proxy some requests (for ex. RSS requests) to other domains so i can fetch data using javascript. For example i'd like to fetch Atmo feed from internal Redmine (say http://code.internal.acme) to developer dashboard (say http://dashboard.internal.acme). I'd like to fetch it using JavaScript but i cant use something like JSONP and i don't want to use Flash for that. Currently i have this in my lighttpd.conf proxy.server = ( "/http-bind/" => ( ( "host" => "10.0.100.52", "port" => 5280 ) ) ) This way i can connect to our internal jabber server via Javascript. But i want more generic way... Something like proxy.server = ( "/proxy/{1}" => ( ( "url" => {1} ) ) )

    Read the article

  • What technology should I concentrate on for mobile development? [closed]

    - by Rob2211
    Firstly, I have many years experience with C# & .NET and some with Java. But, rather than committing to Java and developing native applications for Andriod I have been researching cross-platform deployment technologies. Currently, the most powerful cross-platform technology seems to be Flash, using Adobe AIR to package software as native applications. But given Adobe's announcement that it will discontinue support for the Flash Player on mobile devices it seems foolish (at this late stage) to invest in Flash and ActionScript as a developer. There has been speculation that Microsoft are also planning their exit strategy for Silverlight in favour of HTML5. So, my questions are; What is the most appropriate technology to invest in and learn in order to build cross-platform mobile applications / games while future proofing my skills as a developer? Is HTML5 mature enough to fill the 'Flash void' and be used to start building cross-platform, rich, interactive, networked mobile applications / games now? N.B. For HTML5 read (HTML5/CSS3/JavaScript)

    Read the article

  • What languages allow cross-platform native executables to be created?

    - by JT
    I'm frustrated to discover that Java lacks an acceptable solution for creating programs that will run via double-click. Other than .NET for Windows, what modern and high-level programming languages can I write code in that can be compiled for various platforms and run as a native/binary in each (Windows, Linux, OSX (optional)) Assuming I wanted to write code in python, for instance, is there a cohesive way that I could distribute my software which wouldn't require users to do anything special to get it to run? I want to write and distribute software for computer-illiterate and Java has turned out to be a real pain in this respect.

    Read the article

  • Migrating from CVS to Mercurial - how to handle cross-repo symbolic links?

    - by NVRAM
    I have a project that is stored in CVS as numerous modules/repositories. In several of the modules the CVS tree has symbolic links to the files in another tree. For example, the internal support tools have links to binary files (DLL, EXE) that are created and stored in the C# module. In all cases, the files are modified only in in the module where the files exist and are treated as read-only in the tree where the symbolic link exists. More often than not, the files are pulled to machines running MSWindows so the use of symbolic links on the developer machine is not an option. My question is this: Is there a mechanism in Mercurial that can provide the same capabilities?

    Read the article

  • Cross-site request forgery protections: Where do I put all these lines?

    - by brilliant
    Hello, I was looking for a python code that would be able to log in from "Google App Engine" to some of my accounts on some websites (like yahoo or eBay) and was given this code: import urllib, urllib2, cookielib url = "https://login.yahoo.com/config/login?" form_data = {'login' : 'my-login-here', 'passwd' : 'my-password-here'} jar = cookielib.CookieJar() opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(jar)) form_data = urllib.urlencode(form_data) # data returned from this pages contains redirection resp = opener.open(url, form_data) # yahoo redirects to http://my.yahoo.com, so lets go there instead resp = opener.open('http://mail.yahoo.com') print resp.read() Unfortunately, this code didn't work, so I asked another question here and one supporter among other things said this: "You send MD5 hash and not plain password. Also you'd have to play along with all kinds of CSRF protections etc. that they're implementing. Look: <input type="hidden" name=".tries" value="1"> <input type="hidden" name=".src" value="ym"> <input type="hidden" name=".md5" value=""> <input type="hidden" name=".hash" value=""> <input type="hidden" name=".js" value=""> <input type="hidden" name=".last" value=""> <input type="hidden" name="promo" value=""> <input type="hidden" name=".intl" value="us"> <input type="hidden" name=".bypass" value=""> <input type="hidden" name=".partner" value=""> <input type="hidden" name=".u" value="bd5tdpd5rf2pg"> <input type="hidden" name=".v" value="0"> <input type="hidden" name=".challenge" value="5qUiIPGVFzRZ2BHhvtdGXoehfiOj"> <input type="hidden" name=".yplus" value=""> <input type="hidden" name=".emailCode" value=""> <input type="hidden" name="pkg" value=""> <input type="hidden" name="stepid" value=""> <input type="hidden" name=".ev" value=""> <input type="hidden" name="hasMsgr" value="0"> <input type="hidden" name=".chkP" value="Y"> <input type="hidden" name=".done" value="http://mail.yahoo.com"> <input type="hidden" name=".pd" value="ym_ver=0&c=&ivt=&sg="> I am not quite sure where he got all these lines from and where in my code I am supposed to add them. Do You have any idea? I know I was supposed to ask him this question first, and I did, but he never returned, so I decided to ask a separate question here.

    Read the article

  • Is there server-side code which is not cross browser compatible?

    - by Ygam
    Was there a case in any server-side language where a code did not work in a browser while it did work in the rest? I am asking this because I can't imagine such a scenario because server-side code runs in the server, not in the browser but I have seen discussions where, as said, there were "server-side browser compatibility issues". I can't seem to recall where I have read it. Thanks in advance :)

    Read the article

  • What is the best free cross-platform OpenGL GUI library for a video game?

    - by Jim Buck
    It must come with source. I've looked at these which look semi-promising: glgooey, guichan, and cegui. I've come across others that look more Windows-y than game-y, but that's not the direction I am looking to go in. I would like some simple functionality of typical controls (lists, dropdown box, etc.) but with support for graphical widgets that you would normally find in game frontends. Mouse clicking, dragging, dropping, etc. and sound effect hooks would be nice. (These libs often leave hooks for the external system to tell it when/where mouse events are occurring.) It would get rendered on top of what my own 3D engine is rendering for the game, so it must be able to play nicely with rendering code outside of the lib. The best criteria is whether or not a reasonable 2D game could be implemented just with the GUI library and minimal glue code. (By glue code, I mean init code, hooking up the mouse, and game logic.) I am creating a 3D game, but this criteria gives a pretty solid idea of what level of interactivity I would like in the GUI.

    Read the article

  • Cross-browser method for hiding page elements until all content is loaded to prevent layout from appearing broken during load?

    - by Ryan
    I have an issue where due to some elements loading faster than others, the page looks broken for a few seconds at the start. An example is the CSS Pie behavior that allows me to do curved corners in IE, it appears before it becomes curved which looks bad. What would be ideal would be it somehow knowing when everything is loaded and then appear all at once, possibly including some kind of elegant visual way of not making the user feel impatient... any ideas or common tricks for doing this?

    Read the article

  • Ideas on implementing threads and cross process communication. - C

    - by Jamie Keeling
    Hello all! I have an application consisting of two windows, one communicates to the other and sends it a struct constaining two integers (In this case two rolls of a dice). I will be using events for the following circumstances: Process a sends data to process b, process b displays data Process a closes, in turn closing process b Process b closes a, in turn closing process a I have noticed that if the second process is constantly waiting for the first process to send data then the program will be just sat waiting, which is where the idea of implementing threads on each process occured. I have already implemented a thread on the first process which currently creates the data to send to the second process and makes it available to the second process. The problem i'm having is that I don't exactly have a lot of experience with threads and events so I'm not sure of the best way to actually implement what I want to do. Following is a small snippet of what I have so far in the producer application; Rolling the dice and sending the data: case IDM_FILE_ROLLDICE: { hDiceRoll = CreateThread( NULL, // lpThreadAttributes (default) 0, // dwStackSize (default) ThreadFunc(hMainWindow), // lpStartAddress NULL, // lpParameter 0, // dwCreationFlags &hDiceID // lpThreadId (returned by function) ); } break; The data being sent to the other process: DWORD WINAPI ThreadFunc(LPVOID passedHandle) { HANDLE hMainHandle = *((HANDLE*)passedHandle); WCHAR buffer[256]; LPCTSTR pBuf; LPVOID lpMsgBuf; LPVOID lpDisplayBuf; struct diceData storage; HANDLE hMapFile; DWORD dw; //Roll dice and store results in variable storage = RollDice(); hMapFile = CreateFileMapping( (HANDLE)0xFFFFFFFF, // use paging file NULL, // default security PAGE_READWRITE, // read/write access 0, // maximum object size (high-order DWORD) BUF_SIZE, // maximum object size (low-order DWORD) szName); // name of mapping object if (hMapFile == NULL) { dw = GetLastError(); MessageBox(hMainHandle,L"Could not create file mapping object",L"Error",MB_OK); return 1; } pBuf = (LPTSTR) MapViewOfFile(hMapFile, // handle to map object FILE_MAP_ALL_ACCESS, // read/write permission 0, 0, BUF_SIZE); if (pBuf == NULL) { MessageBox(hMainHandle,L"Could not map view of file",L"Error",MB_OK); CloseHandle(hMapFile); return 1; } CopyMemory((PVOID)pBuf, &storage, (_tcslen(szMsg) * sizeof(TCHAR))); //_getch(); MessageBox(hMainHandle,L"Completed!",L"Success",MB_OK); UnmapViewOfFile(pBuf); return 0; } I'd like to think I am at least on the right lines, although for some reason when the application finishes creating the thread it hits the return DefWindowProc(hMainWindow, message, wParam, lParam); it crashes saying there's no more source code for the current location. I know there are certain ways to implement things but as I've mentioned I'm not sure if i'm doing this the right way, has anybody else tried to do the same thing? Thanks!

    Read the article

  • Is there an open source cross-platform push server?

    - by Ian
    I'm currently in need of a (preferably open-source) free push server, that supports both linux and windows. I need something similar to the Ajax Push Engine, but that project unfortunatelly does not work on windows (I could use a virtual machine, but that's not what I'm looking for). I need to be able to push information to/from a python daemon, from a php script, to/from javascript and to a Blackberry application (built with java). Is there any tool that could help me with that? I've also looked into the Orbited project but frankly it lacks a lot of documentation and it's been very complicated to understand it. I'm not sure if it could work for me since it isn't actually a push server, but rather a proxy for it's built in MorbidQ server (or am I wrong?). Would a technology like Advanced Message Queing Protocol work for a project like this? Something like RabbitMQ or ActiveMQ? Thank you very much for the help.

    Read the article

  • Cross-Origin Resource Sharing (CORS) - am I missing something here?

    - by David Semeria
    I was reading about CORS (https://developer.mozilla.org/en/HTTP_access_control) and I think the implementation is both simple and effective. However, unless I'm missing something, I think there's a big part missing from the spec. As I understand, it's the foreign site that decides, based on the origin of the request (and optionally including credentials), whether to allow access to its resources. This is fine. But what if malicious code on the page wants to POST a user's sensitive information to a foreign site? The foreign site is obviously going to authenticate the request. Hence, again if I'm not missing something, CORS actually makes it easier to steal sensitive information. I think it would have made much more sense if the original site could also supply an immutable list of servers its page is allowed to access. So the expanded sequence would be: 1) Supply a page with list of acceptable CORS servers (abc.com, xyz.com, etc) 2) Page wants to make an XHR request to abc.com - the browser allows this because it's in the allowed list and authentication proceeds as normal 3) Page wants to make an XHR request to malicious.com - request rejected locally (ie by the browser) because the server is not in the list. I know that malicious code could still use JSONP to do its dirty work, but I would have thought that a complete implementation of CORS would imply the closing of the script tag multi-site loophole. I also checked out the official CORS spec (http://www.w3.org/TR/cors) and could not find any mention of this issue.

    Read the article

  • Cross platform millisecond timer lasting more than 49 days?

    - by Cetra
    Hey guys, I'm going to be developing a small dedicated server in C/C++ that will require uptime of forever. I've been looking into some time functions as millisecond timing is required for calculations. I have 2 problems that I'm facing: Using a 32bit integer to store the number of milliseconds since the operation began will wrap around at about the 49 days mark resetting to zero. There doesn't seem to be any standard system calls for getting elapsed milliseconds that are platform independant What should I do to resolve both these issues?

    Read the article

  • How to handle dependency files in a cross-platform manner?

    - by Brian Knoblauch
    I'm working on updating an old app. It has some dependency files that live in the same directory as the app. Obviously this broke when Windows Vista came out (since it violates the API and Vista/7 now enforce that (XP didn't)). Ideally, I'd like to avoid hardcoding anything into the app for just Windows. I can live with that if I have to though. I've already been down that path with pulling the APPDATA and LOCALAPPDATA environment variables, but that doesn't help any since they just give you the current user area... I need these to live somewhere accessible for all users, and I'd like to obey the Windows API expectations that they go into the all user appdata area. Suggestions?

    Read the article

  • What rules govern cross-version compatibility for .NET applications and the C# language?

    - by John Feminella
    For some reason I've always had trouble remembering the backwards/forwards compatibility guarantees made by the framework, so I'd like to put that to bed forever. Suppose I have two assemblies, A and B. A is older and references .NET 2.0 assemblies; B references .NET 3.5 assemblies. I have the source for A and B, Ax and Bx, respectively; they are written in C# at the 2.0 and 3.0 language levels. (That is, Ax uses no features that were introduced later than C# 2.0; likewise Bx uses no features that were introduced later than 3.0.) I have two environments, C and D. C has the .NET 2.0 framework installed; D has the .NET 3.5 framework installed. Now, which of the following can/can't I do? Running: run A on C? run A on D? run B on C? run C on D? Compiling: compile Ax on C? compile Ax on D? compile Bx on C? compile Bx on D? Rewriting: rewrite Ax to use features from the C# 3 language level, and compile it on D, while having it still work on C? rewrite Bx to use features from the C# 4 language level on another environment E that has .NET 4, while having it still work on D?' Referencing from another assembly: reference B from A and have a client app on C use it? reference B from A and have a client app on D use it? reference A from B and have a client app on C use it? reference A from B and have a client app on D use it? More importantly, what rules govern the truth or falsity of these hypothetical scenarios?

    Read the article

  • What work has been done on cross-platform mobile development?

    - by Nicholas
    Have any well-documented or open source projects targeted iPhone, Blackberry, and Android? Are there other platforms which are better-suited to such an endeavor? Note that I am particularly asking about client-side software, not web apps, though any information about the difficulties of using web apps across multiple mobile platforms is also interesting.

    Read the article

< Previous Page | 44 45 46 47 48 49 50 51 52 53 54 55  | Next Page >