Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities

This host is running Andy's PHP Knowledgebase and is prone to multiple cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbaphpkbmultxssvuln.nasl 5840 2017-04-03 12:02:24Z cfi $ Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities Authors: Sooraj KS Copyright...

Trixbox Information Disclosure Vulnerability

The host is running Trixbox and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbtrixboxinfodiscvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ Trixbox Information Disclosure Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone Networks GmbH,...

MozillaThunderbird: Update to Thunderbird 3.1.11 (important)

Mozilla Thunderbird was updated to the 3.1.11 release. It has new features, fixes lots of bugs, and also fixes the following security issues: MFSA 2011-19/CVE-2011-2374 CVE-2011-2376 CVE-2011-2364 CVE-2011-2365 Miscellaneous memory safety hazards MFSA 2011-20/CVE-2011-2373 bmo617247 Use-after-fre...

CVE-2011-2377

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...

Memory corruption

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...

CVE-2011-2377

Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a multipart/x-mixed-replace image...

USN-1157-3: Firefox regression

USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem. We apologize for the inconvenienc...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Memory corruption due to multipart/x-mixed-replace images — Mozilla

Security researcher Jordi Chancel reported a crash on multipart/x-mixed-replace images due to memory corruption...

kernel: ebtables stack infoleak

The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...

Joomla Component com_aist SQL Injection Vulnerability

This host is running Joomla! and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomaistsqlinjvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla Component 'comaist' SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...

kernel: ebtables stack infoleak

The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...

EasyPHP Web Server 5.3.5.0 DLL Hijacking Exploit (php5nsapi.dll)

Exploit for windows platform in category local exploits 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

WordPress Plugin Enable Media Replace - Multiple Vulnerabilities

WordPress Plugin Enable Media Replace - Multiple Vulnerabilities PRODUCT NAME: Enable Media Replace WordPress Plugin PRODUCT URL 1: http://wordpress.org/extend/plugins/enable-media-replace/ PRODUCT URL 2: http://mansjonasson.se/wordpress-plugins/enable-media-replace/ PRODUCT AUTHOR: Mans Jonasson...

WordPress Enable Media Replace SQL Injection / Shell Upload

PRODUCT NAME: Enable Media Replace WordPress Plugin PRODUCT URL 1: http://wordpress.org/extend/plugins/enable-media-replace/ PRODUCT URL 2: http://mansjonasson.se/wordpress-plugins/enable-media-replace/ PRODUCT AUTHOR: Mans Jonasson for .SE Stiftelsen for Internetinfrastruktur -- http://www.iis.s...

WordPress Enable Media Replace Plugin - Multiple Vulnerabilities

In general, impact of this plugin is information retrieval and manipulation, arbitrary code execution. More details: there exist multiple vulnerabilities in Enable Media Replace plugin for WordPress: 1. Users can perform SQL injection attacks against the plugin. 2. Users can upload arbitrary file...

WordPress Plugin Enable Media Replace - Multiple Vulnerabilities

PRODUCT NAME: Enable Media Replace WordPress Plugin PRODUCT URL 1: http://wordpress.org/extend/plugins/enable-media-replace/ PRODUCT URL 2: http://mansjonasson.se/wordpress-plugins/enable-media-replace/ PRODUCT AUTHOR: Mans Jonasson for .SE Stiftelsen for Internetinfrastruktur -- http://www.iis.s...

Maxthon Browser 3.0.20.1000 Denial Of Service

Exploit Title: Maxthon Browser v3.0.20.1000 .ref .replace DOS Date: January 30 2011 Author: Carlos Mario Penagos Hollmann Software Link: http://dl.maxthon.com/mx3/mx3.0.20.3000.exe Version: v3.0.20.1000 Tested on: Windows xp sp3 ,windows 7 ,linux running on VMware Fusion 3.1 and VirtualBox 3.2.8...

kernel: prevent heap corruption in snd_ctl_new()

Multiple integer overflows in the sndctlnew function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a crafted 1 SNDRVCTLIOCTLELEMADD or 2...