94 matches found
CVE-2009-2955
Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service CPU consumption and application hang via JavaScript code with a long string value for the hash property aka location.hash, a related issue to CVE-2008-5715...
CVE-2009-2955
CVE-2009-2955: Affected: Google Chrome (1.0.154.48 and earlier). Issue: remote exploitation via JavaScript containing an excessively long value in location.hash (hash property), causing denial of service through CPU consumption and possible application hang. Context: related to CVE-2008-5715; mul...
openSUSE Security Update : finch (finch-188)
specially crafted MSN SLP messages could cause an integer overflow in pidgin. Attackers could potentially exploit that to execute arbitrary code CVE-2008-2927. - overly long file names in MSN file transfers could crash pidgin CVE-2008-2955. - SSL certifcates were not verfied. Therefore piding...
RedHat Update for pidgin RHSA-2008:1023-01
Check for the Version of pidgin OpenVAS Vulnerability Test RedHat Update for pidgin RHSA-2008:1023-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
CentOS Update for finch CESA-2008:1023 centos4 i386
Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2008:1023 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
CentOS Update for finch CESA-2008:1023 centos4 x86_64
Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2008:1023 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CVE-2008-2955
creationtimestamp| type| source ---|---|--- 2009-01-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/32749...
CVE-2008-2955
Pidgin 2.4.1 allows remote attackers to cause a denial of service crash via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msnslplinkprocessmsg function...
CVE-2008-2955
Pidgin 2.4.1 vulnerability CVE-2008-2955 allows remote denial of service by sending a MSN message with a long filename containing certain characters, triggering a crash in msn_slplink_process_msg. Connected advisories corroborate a crash condition in Pidgin’s MSN protocol handler and note related...
Symantec Products ActiveX Control NavComUI.dll Code Execution (CVE-2007-2955)
Symantec products include various software applications that deal with security and information management. A remote attacker could exploit this issue by convincing a user to visit a specially crafted HTML document or open a malicious web page. Successful exploitation could result in remote code...
CVE-2007-2955
CVE-2007-2955 affects Symantec Norton product NavComUI.dll’s ActiveX controls AxSysListView32 and AxSysListView32OAA. The vulnerability arises from input validation errors when handling the properties “AnomalyList” and “Anomaly,” enabling a remote attacker to execute arbitrary code via specially ...
CVE-2006-2955
KAPhotoservice 7.5 and earlier contains multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary web script or HTML via the following parameters: (1) New Category (newcategory) or (2) apage to edtalbum.asp, and (3) cat or (4) albumid to album.asp....
CVE-2005-3562
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-2955. Reason: This candidate is a reservation duplicate of CVE-2005-2955. Notes: All CVE users should reference CVE-2005-2955 instead of this candidate. All references and descriptions in this candidate have been removed to...
CVE-2005-2955
ATutor 1.5.1 (and possibly earlier) is affected by CVE-2005-2955 due to an incomplete blacklist in config.inc.php that fails to block dangerous file extensions during upload, allowing authenticated administrators/educators to execute arbitrary code by uploading files with extensions like .inc or ...