PHP-Remote Code Execution

Similar Messages

• Threat Feed say my ipad2 got threats, memory corruption vulnerability exist, which could lead to remote code execution. How to solve this problem?

  Threat Feed (McAfee) say my ipad2 got threats, memory corruption vulnerability exist,
  which could lead to remote code execution. How to solve this problem?

  You can't solve this problem yourself. You would need to wait for apple to release a "fix" or for McAfee to revise their judgement.
  If you're worried about the threats, don't do things that would expose yourself to the vulnerability that they describe.
  Since I can't see what you're looking at, I can't give you any other advice.

• Adobe Acrobat Reader Crafted PDF Document Remote Code Execution

  Hi all,
  I was wondering if Adobe can clarify when "CVE-2012-4363 Adobe Acrobat Reader Crafted PDF Document Remote Code Execution" will be fixed?
  It's been a pretty long time since this issue was reported.
  With kind regards,
  Erik Verhoef
  The Netherlands

  i was also given the Knowledge Base number 405461 from adobe, and they said that this would definitely fix the problem...AND IT DIDN'T :-(
  see kb405461
  http://kb.adobe.com/selfservice/view...nalId=kb405461
  and just to let everyone know, i have already completely uninstalled adobe reader and reinstalled it several times thinking that fresh install would cure the problem, and it hasn't made a bit of difference. the version of reader doesn't matter either, as i've tried versions 7, 8 and 9... all with the same exact issue...which makes me think that it might be an issue with MS IE6.

• False positive for GNU Bash Remote Code Execution Vulnerabil​ity

  Dear Team, 
  in my customer, one of banking in brunei want to access several finance website such as www.iifm.net etc. Tipping point IPS blokec to access the website with report as a 16800: TCP: GNU Bash Remote Code Execution Vulnerability ( Low Severity). The site is normal and legal website. Our question is the several website is needed to access by our employee due to the dailiy working. Please advice 
  Best Regards
  Yudi

  Hello Yuibagan,
  This is the Consumer products forum.
  You need to be in the HP Enterprise Business Community for IT related issues for servers, etc.
  I think you will want to post this question in the Security section. Dont post the same question more than once as you did here.
  HP Networking
  You will also want to take a look at the Articles and updates explaining GNU Bash here:
  GNU Bash vulnerability "Shellshock" (CVE-2014-6271... - HP Enterprise Business Community
  HP Security Research: GNU Bash vulnerability "Shel... - HP Enterprise Business Community
  HP AppDefender and HP WebInspect updates: GNU Bash... - HP Enterprise Business Community
  HPSR Software Security Content 2014 Update 3 - HP Enterprise Business Community
  Good luck

• False positive for 16800: TCP: GNU Bash Remote Code Execution Vulnerability

  Dear Team, 
  in my customer, one of banking in brunei want to access several finance website such as www.iifm.net etc. Tipping point IPS blokec to access the website with report as a 16800: TCP: GNU Bash Remote Code Execution Vulnerability ( Low Severity). The site is normal and legal website. Our question is the several website is needed to access by our employee due to the dailiy working. Please advice 
  Best Regards
  Yudi

  @yuibagan 
  ‎Thank you for using HP Support Forum. I have brought your issue to the appropriate team within HP. They will likely request information from you in order to look up your case details or product serial number. Please look for a private message from an identified HP contact. Additionally, keep in mind not to publicly post ( serial numbers and case details).
  If you are unfamiliar with the Forum's private messaging please click here to learn more.
  Thank you,
  Omar
  I Work for HP

• Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)

  Can some one help me to download below Security patches which i am not able to download from MS Web site?
  Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)
  Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3016711)

  Microsoft Releases KB3024777 Update to Fix Botched KB3004394 Patch
  http://news.softpedia.com/news/Microsoft-Releases-KB3024777-Update-to-Fix-Botched-KB3004394-Patch-46...
  Windows 7 Pro SP1 (64-bit), avast! V7 Free, MBAM Pro, Windows Firewall, EMET, OpenDNS Family Shield, IE9 & Firefox (both using WOT & KeyScrambler), MVPS HOSTS file, SpywareBlaster, WinPatrol PLUS, SAS (on-demand scanner), Secunia PSI.
  [I am experimenting with Sandboxie, and believe computer-users who sandbox are acting prudently.]

• [security] php 5.2.0 update (remote code execution)

  Hi!
  I just throw together an updated PHP package for those of you who want to patch your web servers against the advisory released yesterday.
  The package is available here:
  http://adiza.nexticom.net/files/package … pkg.tar.gz
  The advisory is available here:
  http://www.frsirt.com/english/advisories/2006/4317
  Note that it is without IMAP and ODBC support since i did not have these packages installed.
  Greets.

  cactus wrote:mhakali. I applaud your attention to security.
  However, it is generally not well received to post the same thing in multiple categories..
  Yes. Please do not cross-post: http://bbs.archlinux.org/viewtopic.php?p=205922
  Use the above  thread for discussion.
  Locking.

• CSCus68798 - ISE is vulnerable to CVE-2015-0235 Linux Ghost remote code execution

  First time trying to follow a specific CVE in Real-Time...
  I see this CVE-2015-0235 GHOST hack is applicable to ISE and Prime Infrastructure... but I haven't seen any patch status update since yesterday.
  CSA says "Obtaining Fixed Software
  Cisco has released free software updates that address the vulnerability described in this advisory."
  Yet, when I check the (2) products' download pages, the newest software I see is from Jan 23 and Jan 6, respectively. The exploit was published on Jan 27. So, where are the patches?

  The team that found the exploit, Qualys Security Advisory, documented that "the most stable and long-term-support distributions were left exposed (and still are): Debian 7 (wheezy), Red Hat Enterprise Linux 6 & 7, CentOS 6 & 7, Ubuntu 12.04, for example."  See the link below for the full report:
  https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
  I'm assuming this is affecting all versions of UC appliances running these OS's (and possibly more that aren't used in the example?).  Anyone know how to determine what products are vulnerable to this?

• MS14-066: Vulnerability in SChannel could allow remote code execution: November 11, 2014

  I have a server 2008 R2, with NO Service Pack 1 installed.
  Will this https://support.microsoft.com/kb/2992611 patch still be applicable for me to install? It says not.
  But is the system vulnarable? And Do I have to install Service Pack 1 to NOT be vulnarable anymore?

  I have a server 2008 R2, with NO Service Pack 1 installed.
  Well, that's your VERY FIRST problem. You MUST have Service Pack 1 installed to receive ANY update published since early 2013.
  Will this https://support.microsoft.com/kb/2992611 patch still be applicable for me to install?
  No.
  But is the system vulnarable?
  Absolutely!!! Not to mention vulnerable to several dozen other security vulnerabilities patched in the past year and a half.
  Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
  SolarWinds Head Geek
  Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
  My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
  http://www.solarwinds.com/gotmicrosoft
  The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

• What is happening about: The GNU Bourne Again Shell (Bash) is a command line utility widely used in many Unix-based operating systems including Linux and OS X.  Researchers have discovered a critical flaw in Bash which could allow remote code executi

  Authoritative advice today:
  The GNU Bourne Again Shell (Bash) is a command line utility widely used in many Unix-based operating systems including Linux and OS X.
  Researchers have discovered a critical flaw in Bash which could allow remote code execution by an unauthenticated user
  APPLE response?

  Also see:
  http://www.macrumors.com/2014/09/26/apple-os-x-users-safe-bash-flaw-update-soon/
  If you are not running a web server
  If you have not enabled CUPS web interface
  If you do not allow anonymous users to ssh into your Mac.
  If all are no, they you are not at risk.
  This IS a very serious bug for web servers, but the typical consumer Mac user is not at risk.

• Trouble executing "some" auto generated php remote services...?

  Hi,
  I was using the flash builder 4 premium trial with the 4.0 sdk, recently I bought the CS5 web premium suite. It includes flash builder 4.0.1 standard with 4.1 sdk.
  1. create a new flex project (as in the welcome tutorial)
  2. create a sample PHP service using my db infos (let it install Zend_AMF for me)
  3. place a datagrid in the desing mode,
  4. drop the the "getAll()" method on it
  5. tweek some columns,
  6. it works, I see the service call and answer with service capture (an external AMF service monitor).
  the 2 problems that appear now (which were not existing in the 4.0 trial version I had)
  1) add a new item
  protected var newItem:dbItem;
  protected function addBtn_clickHandler(event:MouseEvent):void
  newItem = new dbItem();
  newItem.attribute = 'someValue';
  this.addDbItem(newItem:dbItem);
  protected function addDbItem(item:dbItem:void
  createDbItemResult.token = dbItemService.createDbItem(item);
  <s:Button label="new item" id="addBtn" click="addBtn_clickHandler(event)"/>
  When I click the button, absolutely NOTHING happens, no error, no service call, nothing at all.
  2) refresh the datagrid's dataprovider
  I followed the tutorial on how to bind an ArrayCollection to the dataGrid instead of binding it to "service.lastresult"
  populate the ArrayCollection with the service result handler with event.result as ArrayCollection... everything works like before. whe the datagrid is created, it calls the "dataGrid_creationCompleteHandler".
  protected function dataGrid_creationCompleteHandler(event:FlexEvent):void
  this.getAllDbItem();
  protected function refreshBtn_clickHandler(event:MouseEvent):void
  this.getAllDbItem();
  protected function getAllDbItemResult_resultHandler(event:ResultEvent):void
  DbItems = event.result as ArrayCollection;
  <s:Button label="refresh" id="refreshBtn" click="refreshBtn_clickHandler(event)"/>
  this works!, the refresh button also works, BUT... it only refreshes item which have not bee edited within the app... if I change some item value with a form, (still using skills from the tutorial) :
  - the data in the datagrid ARE UPDATED.
  - the service.update(item) method DOES NOT EXECUTE (like the create above)
  - if I update the DB manualy, ONLY the NON UPDATED rows refresh...
  Any idea?
  Thank you! I'm stuck here for hours and hours now :-(
  the full MXML code
  <?xml version="1.0" encoding="utf-8"?>
  <s:Application xmlns:fx="http://ns.adobe.com/mxml/2009"
     xmlns:s="library://ns.adobe.com/flex/spark"
     xmlns:mx="library://ns.adobe.com/flex/mx" minWidth="955" minHeight="600" xmlns:moniteurservice="services.moniteurservice.*" xmlns:valueObjects="valueObjects.*">
  <fx:Script>
  <![CDATA[
  import mx.collections.ArrayCollection;
  import mx.controls.Alert;
  import mx.events.FlexEvent;
  import mx.rpc.events.ResultEvent;
  [Bindable]
  protected var moniteurs:ArrayCollection = new ArrayCollection();
  protected function dataGrid_creationCompleteHandler(event:FlexEvent):void
  getAllMoniteurResult.token = moniteurService.getAllMoniteur();
  protected function button_clickHandler(event:MouseEvent):void
  moniteur.statut = statutTextInput.text;
  moniteur.nom = nomTextInput.text;
  moniteur.prenom = prenomTextInput.text;
  moniteur.tel = telTextInput.text;
  moniteur.mobile = mobileTextInput.text;
  moniteur.email = emailTextInput.text;
  moniteur.adresse = adresseTextInput.text;
  moniteur.npa = npaTextInput.text;
  moniteur.lieu = lieuTextInput.text;
  moniteur.pays = paysTextInput.text;
  this.updateMoniteur(moniteur);
  protected function updateMoniteur(item:Moniteur):void
  updateMoniteurResult.token = moniteurService.updateMoniteur(item);
  protected function button1_clickHandler(event:MouseEvent):void
  getAllMoniteurResult.token = moniteurService.getAllMoniteur();
  protected function getAllMoniteurResult_resultHandler(event:ResultEvent):void
  moniteurs = event.result as ArrayCollection;
  ]]>
  </fx:Script>
  <fx:Declarations>
  <s:CallResponder id="getAllMoniteurResult" result="getAllMoniteurResult_resultHandler(event)"/>
  <moniteurservice:MoniteurService id="moniteurService" fault="Alert.show(event.fault.faultString + '\n' + event.fault.faultDetail)" showBusyCursor="true"/>
  <valueObjects:Moniteur id="moniteur"/>
  <s:CallResponder id="updateMoniteurResult"/>
  <!-- Place non-visual elements (e.g., services, value objects) here -->
  </fx:Declarations>
  <fx:Binding source="dataGrid.selectedItem as Moniteur" destination="moniteur"/>
  <mx:DataGrid x="25" y="24" id="dataGrid" creationComplete="dataGrid_creationCompleteHandler(event)"
  dataProvider="{moniteurs}">
  <mx:columns>
  <mx:DataGridColumn headerText="id" dataField="id"/>
  <mx:DataGridColumn headerText="statut" dataField="statut"/>
  <mx:DataGridColumn headerText="nom" dataField="nom"/>
  <mx:DataGridColumn headerText="prenom" dataField="prenom"/>
  <mx:DataGridColumn headerText="tel" dataField="tel"/>
  <mx:DataGridColumn headerText="mobile" dataField="mobile"/>
  <mx:DataGridColumn headerText="email" dataField="email"/>
  <mx:DataGridColumn headerText="adresse" dataField="adresse"/>
  <mx:DataGridColumn headerText="npa" dataField="npa"/>
  <mx:DataGridColumn headerText="lieu" dataField="lieu"/>
  <mx:DataGridColumn headerText="pays" dataField="pays"/>
  </mx:columns>
  </mx:DataGrid>
  <mx:Form defaultButton="{button}" x="25" y="174">
  <mx:FormItem label="Statut">
  <s:TextInput id="statutTextInput" text="{moniteur.statut}"/>
  </mx:FormItem>
  <mx:FormItem label="Nom">
  <s:TextInput id="nomTextInput" text="{moniteur.nom}"/>
  </mx:FormItem>
  <mx:FormItem label="Prenom">
  <s:TextInput id="prenomTextInput" text="{moniteur.prenom}"/>
  </mx:FormItem>
  <mx:FormItem label="Tel">
  <s:TextInput id="telTextInput" text="{moniteur.tel}"/>
  </mx:FormItem>
  <mx:FormItem label="Mobile">
  <s:TextInput id="mobileTextInput" text="{moniteur.mobile}"/>
  </mx:FormItem>
  <mx:FormItem label="Email">
  <s:TextInput id="emailTextInput" text="{moniteur.email}"/>
  </mx:FormItem>
  <mx:FormItem label="Adresse">
  <s:TextInput id="adresseTextInput" text="{moniteur.adresse}"/>
  </mx:FormItem>
  <mx:FormItem label="Npa">
  <s:TextInput id="npaTextInput" text="{moniteur.npa}"/>
  </mx:FormItem>
  <mx:FormItem label="Lieu">
  <s:TextInput id="lieuTextInput" text="{moniteur.lieu}"/>
  </mx:FormItem>
  <mx:FormItem label="Pays">
  <s:TextInput id="paysTextInput" text="{moniteur.pays}"/>
  </mx:FormItem>
  <s:Button id="button" label="Submit" click="button_clickHandler(event)"/>
  </mx:Form>
  <s:Button x="322" y="200" label="Button" click="button1_clickHandler(event)"/>
  </s:Application>
  the full PHP service code:
  <?php
  *  README for sample service
  *  This generated sample service contains functions that illustrate typical service operations.
  *  Use these functions as a starting point for creating your own service implementation. Modify the
  *  function signatures, references to the database, and implementation according to your needs.
  *  Delete the functions that you do not use.
  *  Save your changes and return to Flash Builder. In Flash Builder Data/Services View, refresh
  *  the service. Then drag service operations onto user interface components in Design View. For
  *  example, drag the getAllItems() operation onto a DataGrid.
  *  This code is for prototyping only.
  *  Authenticate the user prior to allowing them to call these methods. You can find more
  *  information at http://www.adobe.com/go/flex_security
  class MoniteurService {
  var $username = "root";
  var $password = "mikedev";
  var $server = "localhost";
  var $port = "8889";
  var $databasename = "test_db";
  var $tablename = "moniteur";
  var $connection;
  * The constructor initializes the connection to database. Everytime a request is
  * received by Zend AMF, an instance of the service class is created and then the
  * requested method is invoked.
  public function __construct() {
     $this->connection = mysqli_connect(
     $this->server, 
     $this->username, 
     $this->password,
     $this->databasename,
     $this->port
  $this->throwExceptionOnError($this->connection);
  * Returns all the rows from the table.
  * Add authroization or any logical checks for secure access to your data
  * @return array
  public function getAllMoniteur() {
  $stmt = mysqli_prepare($this->connection, "SELECT * FROM $this->tablename");
  $this->throwExceptionOnError();
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  $rows = array();
  mysqli_stmt_bind_result($stmt, $row->id, $row->statut, $row->nom, $row->prenom, $row->tel, $row->mobile, $row->email, $row->adresse, $row->npa, $row->lieu, $row->pays);
      while (mysqli_stmt_fetch($stmt)) {
        $rows[] = $row;
        $row = new stdClass();
        mysqli_stmt_bind_result($stmt, $row->id, $row->statut, $row->nom, $row->prenom, $row->tel, $row->mobile, $row->email, $row->adresse, $row->npa, $row->lieu, $row->pays);
  mysqli_stmt_free_result($stmt);
      mysqli_close($this->connection);
      return $rows;
  * Returns the item corresponding to the value specified for the primary key.
  * Add authorization or any logical checks for secure access to your data
  * @return stdClass
  public function getMoniteurByID($itemID) {
  $stmt = mysqli_prepare($this->connection, "SELECT * FROM $this->tablename where id=?");
  $this->throwExceptionOnError();
  mysqli_stmt_bind_param($stmt, 'i', $itemID);
  $this->throwExceptionOnError();
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  mysqli_stmt_bind_result($stmt, $row->id, $row->statut, $row->nom, $row->prenom, $row->tel, $row->mobile, $row->email, $row->adresse, $row->npa, $row->lieu, $row->pays);
  if(mysqli_stmt_fetch($stmt)) {
        return $row;
  } else {
        return null;
  * Returns the item corresponding to the value specified for the primary key.
  * Add authorization or any logical checks for secure access to your data
  * @return stdClass
  public function createMoniteur($item) {
  $stmt = mysqli_prepare($this->connection, "INSERT INTO $this->tablename (id, statut, nom, prenom, tel, mobile, email, adresse, npa, lieu, pays) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
  $this->throwExceptionOnError();
  mysqli_stmt_bind_param($stmt, 'issssssssss', $item->id, $item->statut, $item->nom, $item->prenom, $item->tel, $item->mobile, $item->email, $item->adresse, $item->npa, $item->lieu, $item->pays);
  $this->throwExceptionOnError();
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  $autoid = $item->id;
  mysqli_stmt_free_result($stmt);
  mysqli_close($this->connection);
  return $autoid;
  * Updates the passed item in the table.
  * Add authorization or any logical checks for secure access to your data
  * @param stdClass $item
  * @return void
  public function updateMoniteur($item) {
  $stmt = mysqli_prepare($this->connection, "UPDATE $this->tablename SET statut=?, nom=?, prenom=?, tel=?, mobile=?, email=?, adresse=?, npa=?, lieu=?, pays=? WHERE id=?");
  $this->throwExceptionOnError();
  mysqli_stmt_bind_param($stmt, 'ssssssssssi', $item->statut, $item->nom, $item->prenom, $item->tel, $item->mobile, $item->email, $item->adresse, $item->npa, $item->lieu, $item->pays, $item->id);
  $this->throwExceptionOnError();
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  mysqli_stmt_free_result($stmt);
  mysqli_close($this->connection);
  * Deletes the item corresponding to the passed primary key value from
  * the table.
  * Add authorization or any logical checks for secure access to your data
  * @return void
  public function deleteMoniteur($itemID) {
  $stmt = mysqli_prepare($this->connection, "DELETE FROM $this->tablename WHERE id = ?");
  $this->throwExceptionOnError();
  mysqli_stmt_bind_param($stmt, 'i', $itemID);
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  mysqli_stmt_free_result($stmt);
  mysqli_close($this->connection);
  * Returns the number of rows in the table.
  * Add authorization or any logical checks for secure access to your data
  public function count() {
  $stmt = mysqli_prepare($this->connection, "SELECT COUNT(*) AS COUNT FROM $this->tablename");
  $this->throwExceptionOnError();
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  mysqli_stmt_bind_result($stmt, $rec_count);
  $this->throwExceptionOnError();
  mysqli_stmt_fetch($stmt);
  $this->throwExceptionOnError();
  mysqli_stmt_free_result($stmt);
  mysqli_close($this->connection);
  return $rec_count;
  * Returns $numItems rows starting from the $startIndex row from the
  * table.
  * Add authorization or any logical checks for secure access to your data
  * @return array
  public function getMoniteur_paged($startIndex, $numItems) {
  $stmt = mysqli_prepare($this->connection, "SELECT * FROM $this->tablename LIMIT ?, ?");
  $this->throwExceptionOnError();
  mysqli_stmt_bind_param($stmt, 'ii', $startIndex, $numItems);
  mysqli_stmt_execute($stmt);
  $this->throwExceptionOnError();
  $rows = array();
  mysqli_stmt_bind_result($stmt, $row->id, $row->statut, $row->nom, $row->prenom, $row->tel, $row->mobile, $row->email, $row->adresse, $row->npa, $row->lieu, $row->pays);
      while (mysqli_stmt_fetch($stmt)) {
        $rows[] = $row;
        $row = new stdClass();
        mysqli_stmt_bind_result($stmt, $row->id, $row->statut, $row->nom, $row->prenom, $row->tel, $row->mobile, $row->email, $row->adresse, $row->npa, $row->lieu, $row->pays);
  mysqli_stmt_free_result($stmt);
  mysqli_close($this->connection);
  return $rows;
  * Utility function to throw an exception if an error occurs
  * while running a mysql command.
  private function throwExceptionOnError($link = null) {
  if($link == null) {
  $link = $this->connection;
  if(mysqli_error($link)) {
  $msg = mysqli_errno($link) . ": " . mysqli_error($link);
  throw new Exception('MySQL Error - '. $msg);
  ?>

  >
  >  the service.update(item) method DOES NOT EXECUTE (like the create above)
  >
  I think you are not using the "commit" on the service. By default the Data services are "managed".
  Data management features allow you to synchronize adding, updating, and deleting of records in a database. Changes you make in the client application are not written to the server until a "commit" method is called. You can call a revert method to roll back changes made in the client application.
  So wherever you update or create add "commit" to the service after adding/updating. for eg.
  protected function addDbItem(item:dbItem:void
       createDbItemResult.token = dbItemService.createDbItem(item);
       dbItemService.commit();
  I think the following article might be of interest to you:
  http://help.adobe.com/en_US/Flex/4.0/FlexTutorials/WSbde04e3d3e6474c4292a0331216558354b-80 00.html#WSbde04e3d3e6474c4-10020e8112165e18e29-8000

• TV Remote Codes

  Of all of the TV manufacturers listed, TCL is not among them.  Does this mean I cannot program my remote?  There's no remote code for TCL...

  gallaghedj311 wrote:
  Of all of the TV manufacturers listed, TCL is not among them.  Does this mean I cannot program my remote?  There's no remote code for TCL...
  If your remote is a P265, try:  0321

• Code Execution in Cover Flow View and .mov Files

  There is a code inside QuickTime movies that gets executed in Cover Flow view in Leopard!!!!!!!!.
  I was helping a friend installing Leopard on his machine, and after restarting, I was showing him the new options in the Finder, when a found a bunch of videos (searched on his computer with Spotlight) and switched to 'Cover Flow View', and then Safari started opening web pages from the internet (Mostly adult sites).
  After doing some tests I've noticed that the pages load the moment the Finder 'refines' the view of the videos. You know when the Finder first generates a blocky image of the video (some times called proxy image) and then generates a higher or cleaner resolution of that same video.
  Not only that, if I resize the window or the preview pane, the code executed again and Safari opened the pages again!!!!
  The Finder also executed the code in icon view with the 'Show Icon Preview' option selected in 'View Options' (Command-J).
  Opening the videos in QuickTime Player did not trigger the code. But I've noticed that the videos start playing the moment they open. The Inspector (Command-I) didn't show anything unusual. But the Properties window (Command-J in QuickTime Pro) show a "Sprite Track" of Format 'Sprite' but again the different tabs (Annotations, Resources, Visual Settings or Other Settings) didn't show anything unusual.
  *CORRECTION: The code also gets executed at the middle of the video when played in QuickTime. So this problem is related to QuickTime.!!!!!!*
  The only solution to stop the code execution is to delete the 'Sprite Track'!!!!.
  I also opened the movies in TextEdit and found the following text almost at the end of all the weird symbols:
  (I'm sorry but the code disappears when I publish this post).
  That's one of the pages that Safari was opening.
  I don't know where my friend downloaded those videos, but the potential security risk is imminent.
  I had the same results even after updating to QuickTime 7.3
  I can upload the videos somewhere (at least the 'clean' ones) so you can make you own tests.
  Any thoughts or comments?????
  Is this a known issue in QuickTime?????
  P.S. Once again please excuse my English (my main language is Spanish).

  If I'm understanding correctly the "Sprite" is a part of how QuickTime works. In older versions you USED to be able to attach JavaScript to a sprite and do all kinds of useful and fun things. However, some websites used JavaScript to alter themselves, so a well crafted QuickTime movie could be used to deploy code that would alter websites. As a result, a LOT of this functionality was curtailed in later versions and many cool QuickTime functions no longer work.
  The few that DO still work are when they are basic hyperlinks that take you to another web page, (Like at the end of this movie, BUT you have to click the link to go
  http://www.makentosh.com/tipsfromtheiceberg/Blog/Entries/2006/3/7Somebody_ToldMe....html
  ) and others no longer work within the browser (they only work when using the QuickTime player). Give this a try. Use Safari to "Open File..." and open the .mov file. After it's open, see if it generates any other windows from there. If it doesn't, then I'd THINK it's operating as intended BUT it wouldn't hurt to send your feedback here for Apple to look into and/or fix it if necessary.
  http://www.apple.com/quicktime/feedback/
  Message was edited by: Kyn Drake

• Why won't SKY come up with remote codes for Seiki tv's especially when charging a fortune for SKY

  I wish someone could tell me why no remote codes are not available for Seiki tv's instead of coming up with excuses.

  Like all new kit, it takes time for the codes to be shared and then programmed into remotes.The Sky Remote has a database of known television codes.Each TV has a group of codes to control the different functions of the TV.Sky develops  sets of codes for each TV manufactured and then applies its own code to the control set.The Sky code is what you need to program the Sky remote so that it uses the control set for the selected TV. Each Sky remote is programmed with updated code databases when it is manufactured and to keep track of what remote does what, it is given a Rev number found inside the battery bay of the remote. In the case of Seiki, the code set was not incorporated by Sky until Rev 10.Anything earlier will not work unless by sheer chance it matches the code set of another TV.

• Remote command execution via ssh on ips sensor...

  I am attempting to execute a command remotely via ssh so that I can collect the information on another host.
  ex: ssh -t username@sensor show tech-support
  Instead of the output I expect, I receive an error message: Error: Received invalid command line argument.
  Is this type of remote command execution supported by the sensor?
  Kevin Riggins

  Not true, i already created scritp to automaticly backup the IPS