SUSE CVE-2010-3866

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-2010-4209. Reason: This candidate originally combined three issues that affected different versions. Notes: All CVE users should reference CVE-2010-4207, CVE-2010-4208, or CVE-2010-4209 instead of this candidate. All...

Cross-site scripting in yui 2.4.0

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207...

Cross site scripting

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207...

CVE-2012-5881

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.swf, a similar issue to CVE-2010-4207...

CVE-2012-5881

CVE-2012-5881 concerns a cross-site scripting (XSS) vulnerability in the YUI library’s Flash component infrastructure (charts.swf) affecting YUI versions 2.4.0–2.9.0. An attacker could inject arbitrary script/HTML via vectors related to charts.swf, allowing execution of code in a victim’s browser...

Fedora Update for moodle FEDORA-2010-16764

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for moodle FEDORA-2010-16764

Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2010-16764 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for moodle FEDORA-2010-16845

Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2010-16845 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Fedora Update for moodle FEDORA-2010-16782

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 12 : moodle-1.9.10-1.fc12 (2010-16845)

Fixes security vulnerability in YUI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

Fedora 13 : moodle-1.9.10-1.fc13 (2010-16782)

Fixes security vulnerability in YUI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

CVE-2010-4207

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-2010-4209. Reason: This candidate originally combined three issues that affected different versions. Notes: All CVE users should reference CVE-2010-4207, CVE-2010-4208, or CVE-2010-4209 instead of thi...

CVE-2010-4207

The CVE-2010-4207 entry concerns a Cross-site Scripting (XSS) flaw in the YUI Flash-based Chart infrastructure. Affected are YUI library versions 2.4.0 through 2.8.1 (and related charts.swf usage in Bugzilla, Moodle, etc.). Root cause stated in sources is improper validation in the Flash componen...