Fedora Core 9 FEDORA-2009-4997 (drupal)
The remote host is missing an update to drupal announced via advisory...
0.3AI Score
0.002EPSS
Fedora Core 10 FEDORA-2009-5002 (drupal)
The remote host is missing an update to drupal announced via advisory...
0.1AI Score
Fedora Core 10 FEDORA-2009-5002 (drupal)
The remote host is missing an update to drupal announced via advisory...
7.4AI Score
Fedora Core 9 FEDORA-2009-4997 (drupal)
The remote host is missing an update to drupal announced via advisory...
6.4AI Score
0.002EPSS
FreeBSD : drupal -- XSS (a6605f4b-4067-11de-b444-001372fd0af2)
The Drupal Security Team reports : When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...
AI Score
Fedora 10 : drupal-6.12-1.fc10 (2009-5002)
Fixes SA-CORE-2009-006 ( http://drupal.org/node/461886 ). Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. When outputting user-supplied data Drupal strips potentially...
-0.1AI Score
Fedora 9 : drupal-6.12-1.fc9 (2009-4997)
Fixes SA-CORE-2009-006 ( http://drupal.org/node/461886 ). Remember to log in to your site as the admin user before upgrading this package. After upgrading the package, browse to http://host/drupal/update.php to run the upgrade script. When outputting user-supplied data Drupal strips potentially...
-0.1AI Score
About the security content of Security Update 2009-002 / Mac OS X v10.5.7
About the security content of Security Update 2009-002 / Mac OS X v10.5.7 * Last Modified: May 12, 2009 * Article: HT3549 Summary This document describes the security content of Security Update 2009-002 / Mac OS X v10.5.7, which can be downloaded and installed via Software Update preferences, or...
0.5AI Score
0.944EPSS
SA-CORE-2009-006 - Drupal core - Cross site scripting
When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte sequences that are valid in the UTF-8....
6.2AI Score
drupal -- cross-site scripting
The Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user...
1.2AI Score
3.8AI Score
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA...
7.1AI Score
0.019EPSS
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA...
6.8AI Score
0.019EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-12.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.932EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-11.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.264EPSS
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack...
6.3AI Score
0.002EPSS
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack...
6.9AI Score
0.002EPSS
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE...
6.8AI Score
0.003EPSS
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5...
6.7AI Score
0.003EPSS
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE...
6.2AI Score
0.003EPSS
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5...
6.1AI Score
0.003EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...
6.6AI Score
0.014EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...
6.5AI Score
0.014EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...
5.1AI Score
0.014EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...
7.2AI Score
0.014EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography...
6.5AI Score
0.014EPSS
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file. Bugs http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920 https://bugzilla.redhat.com/show_bug.cgi?id=492136 Notes Author| Note...
4.5AI Score
0.014EPSS
Software [In]security: Nine Things Everybody Does: Software Security Activities from the BSIMM
This article originally appeared on InformIT.com as part of Gary McGraw’s Software [In]Security series. Using the Software Security Framework (SSF) introduced in October, we interviewed nine executives running top software security programs in order to gather real data from real programs.Our goal.....
0.1AI Score
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party...
7.4AI Score
0.939EPSS
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party...
7.9AI Score
0.939EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-10.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.96EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-10.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.96EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-9.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.941EPSS
-0.6AI Score
0.0004EPSS
0.1AI Score
0.281EPSS
0.1AI Score
0.024EPSS
0.2AI Score
0.068EPSS
0.2AI Score
0.068EPSS
0.1AI Score
0.012EPSS
0.1AI Score
0.012EPSS
Microsoft Security Bulletin MS09-003 - Critical Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) Published: February 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft...
0.3AI Score
0.813EPSS
[SECURITY] Fedora 9 Update: chmsee-1.0.1-8.fc9
A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized....
AI Score
0.483EPSS
PR08-22: Persistent XSS on Novell GroupWise WebAccess
PR08-22: Persistent XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: High Credits: Jan Fry of ProCheckUp Ltd (www.procheckup.com). ProCheckUp thanks Novell for working with us in such.....
-0.9AI Score
0.002EPSS
PR08-23: XSS on Novell GroupWise WebAccess
PR08-23: XSS on Novell GroupWise WebAccess Vulnerability found: 2nd October 2008 Vendor contacted: 3rd October 2008 Advisory publicly released: 30th January 2009 Severity: Medium Credits: Richard Brain of ProCheckUp Ltd (www.procheckup.com). ProCheckUp thanks Novell for working with us in such a...
-0.5AI Score
0.002EPSS
RedHat Security Advisory RHSA-2009:0057
The remote host is missing updates announced in advisory RHSA-2009:0057. SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for...
-0.1AI Score
0.005EPSS
RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:0057)
An updated squirrelmail package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is an easy-to-configure, standards-based, webmail package written....
-0.4AI Score
0.006EPSS
RedHat Security Advisory RHSA-2009:0057
The remote host is missing updates announced in advisory RHSA-2009:0057. SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for...
7.5AI Score
0.005EPSS
CentOS 3 / 4 / 5 : squirrelmail (CESA-2009:0057)
An updated squirrelmail package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is an easy-to-configure, standards-based, webmail package written....
7.4AI Score
0.006EPSS
CentOS Errata and Security Advisory CESA-2009:0057 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for maximum...
6.3AI Score
0.006EPSS
(RHSA-2009:0057) Important: squirrelmail security update
SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering (with no JavaScript required) for maximum browser-compatibility, strong MIME support, address books, and folder.....
0.2AI Score
0.006EPSS