14 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-4208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows...
SUSE CVE-2010-3866
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-2010-4209. Reason: This candidate originally combined three issues that affected different versions. Notes: All CVE users should reference CVE-2010-4207, CVE-2010-4208, or CVE-2010-4209 instead of this candidate. All...
Cross site scripting
Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208...
CVE-2012-5882
Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208...
CVE-2012-5882
The CVE-2012-5882 entry covers an XSS vulnerability in the YUI Flash uploader infrastructure. Affected are YUI versions 2.5.0 through 2.9.0; the issue stems from the uploader.swf component, enabling remote attackers to inject arbitrary web script/HTML and execute in a victim’s browser, potentiall...
Fedora Update for moodle FEDORA-2010-16764
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for moodle FEDORA-2010-16764
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2010-16764 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for moodle FEDORA-2010-16845
Check for the Version of moodle OpenVAS Vulnerability Test Fedora Update for moodle FEDORA-2010-16845 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Fedora Update for moodle FEDORA-2010-16782
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 13 : moodle-1.9.10-1.fc13 (2010-16782)
Fixes security vulnerability in YUI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...
Fedora 12 : moodle-1.9.10-1.fc12 (2010-16845)
Fixes security vulnerability in YUI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...
CVE-2010-4208
Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-2010-4209. Reason: This candidate originally combined three issues that affected different versions. Notes: All CVE users should reference CVE-2010-4207, CVE-2010-4208, or CVE-2010-4209 instead of thi...
CVE-2010-4208
CVE-2010-4208 is an XSS vulnerability in the Flash component infrastructure of YUI, specifically in the uploader.swf used by YUI 2.5.0 through 2.8.1 (and related references indicate continued concern up to 2.9.0). The root cause is improper validation in the Flash uploader assets, allowing remote...