Lucene search
K

105 matches found

OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.28 views

SLES9: Security update for clamav

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: clamav For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5016282 within the SuSE...

6.4CVSS0.3AI score0.03758EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.11 views

Gentoo Security Advisory GLSA 200603-15 (crypt-cbc)

The remote host is missing updates announced in advisory GLSA 200603-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.6CVSS6.7AI score0.01397EPSS
Exploits0References3
CVE
CVE
added 2008/02/22 9:0 p.m.48 views

CVE-2008-0898

The vulnerability (CVE-2008-0898) affects BEA WebLogic Server 9.0–10.0 JMS distributed queues. In certain configurations, the JMS distributed queue feature mishandles a situation where a client cannot Send a message to a distributed-queue member, allowing remote authenticated users to bypass acce...

5.8CVSS6.3AI score0.01141EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.29 views

Debian Security Advisory DSA 1263-1 (clamav)

The remote host is missing an update to clamav announced via advisory DSA 1263-1. Several remote vulnerabilities have been discovered in in the Clam anti-virus toolkit, which may lead to denial of service. The Common Vulnerabilities and Exposures project identifies the following problems:...

6.4CVSS7.9AI score0.03758EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.32 views

SuSE 10 Security Update : clamav (ZYPP Patch Number 2631)

This update to ClamAV version 0.90 fixes various bugs : - A filedescriptor leak in the handling of CAB files can lead to a denial of service attack against the clamd scanner daemon caused by remote attackers. CVE-2007-0897 - A directory traversal in handling of MIME E-Mail headers could be used b...

7.5CVSS8AI score0.03758EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.35 views

openSUSE 10 Security Update : clamav (clamav-2632)

This update to ClamAV version 0.90 fixes various bugs : CVE-2007-0897: A filedescriptor leak in the handling of CAB files can lead to a denial of service attack against the clamd scanner daemon caused by remote attackers. CVE-2007-0898: A directory traversal in handling of MIME E-Mail headers cou...

7.5CVSS8AI score0.03758EPSS
Exploits0References2
NVD
NVD
added 2007/02/16 7:28 p.m.19 views

CVE-2007-0898

Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. dot dot in the id MIME header parameter in a multi-part message...

6.4CVSS7.4AI score0.03758EPSS
Exploits0References20
CVE
CVE
added 2007/02/16 7:0 p.m.67 views

CVE-2007-0898

CVE-2007-0898: A directory traversal in clamd of ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. in the id MIME header parameter of a multipart message. The vulnerability affects ClamAV’s clamd component; successful exploitation could enable file overwrite with th...

6.4CVSS7.4AI score0.03758EPSS
Exploits0References20Affected Software1
securityvulns
securityvulns
added 2007/02/15 12:0 a.m.69 views

iDefense Security Advisory 02.15.07: Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability

Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability iDefense Security Advisory 02.15.07 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 15, 2007 I. BACKGROUND Clam AntiVirus is a multi-platform GPL anti-virus toolkit. ClamAV is often integrated into mail gateways, and...

6.4CVSS0.2AI score0.03758EPSS
Exploits0
Debian
Debian
added 2006/03/13 11:13 a.m.34 views

[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness

-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...

2.6CVSS0.1AI score0.01397EPSS
Exploits0
NVD
NVD
added 2006/02/25 11:2 a.m.13 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

2.6CVSS6.3AI score0.01397EPSS
Exploits0References14
OSV
OSV
added 2006/02/25 11:2 a.m.7 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

6.4AI score
Exploits0References14
CVE
CVE
added 2006/02/25 11:0 a.m.69 views

CVE-2006-0898

CVE-2006-0898 affects the Perl module Crypt::CBC (versions up to 2.16) when running in RandomIV mode, where an 8-byte IV is used. This leads to weaker encryption for ciphers with block sizes larger than 8 bytes (e.g., Rijndael). Multiple connected advisories note a fixed/enhancement path via upda...

2.6CVSS9AI score0.01397EPSS
Exploits0References14Affected Software1
Cvelist
Cvelist
added 2006/02/25 11:0 a.m.21 views

CVE-2006-0898

Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...

9AI score0.01397EPSS
Exploits0References14
CVE
CVE
added 2005/03/29 5:0 a.m.49 views

CVE-2005-0898

CVE-2005-0898 describes a cross-site scripting (XSS) vulnerability in the PHP file downloadform.php of the E-Store Kit-2 PayPal Edition. The flaw allows remote attackers to inject arbitrary web script or HTML by supplying a crafted txn_id parameter, potentially impacting users who view the affect...

4.3CVSS6AI score0.01037EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2003/11/17 5:0 a.m.19 views

CVE-2003-0898

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on 1 db2job and 2 db2job2...

4.6CVSS6.4AI score0.00566EPSS
Exploits0References2
CVE
CVE
added 2003/10/28 5:0 a.m.48 views

CVE-2003-0898

Affected software: IBM DB2 7.2 prior to FixPak 10a, and older versions including 7.1. Vulnerability: local users can overwrite arbitrary files and escalate privileges via a symlink attack on the db2job and db2job2 utilities. Root cause: insufficient access control around symbolic links leading to...

4.6CVSS6.8AI score0.00566EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2003/04/02 5:0 a.m.40 views

CVE-2002-0898

The CVE-2002-0898 entry affects Opera 6.0.1 and 6.0.2. The flaw arises in the handling of an HTML input element of type=file, where a newline in the value can enable a remote attacker to upload arbitrary files from the client system without user prompting. This represents a client-side security r...

5CVSS7.1AI score0.05957EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2002/02/02 5:0 a.m.50 views

CVE-2001-0898

Opera 6.0 and earlier are affected by a remote information disclosure vulnerability where JavaScript using setTimeout can access data across domains (1) after opening a new window to a different domain, and (2) via about:cache, exposing cookies and cross-domain links. Root cause: cross-origin dat...

5CVSS6.8AI score0.03092EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.21 views

CVE-2001-0898

Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to 1 access data after a new window to the domain has been opened or 2 access data via about:cache...

6.4AI score0.03092EPSS
Exploits0References4
Rows per page
Query Builder