163 matches found
Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability (Windows)
The host is installed with Mozilla firefox/thunderbird and is prone to privilege escalation vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtswrapperprivescvulnwin.nasl 7019 2017-08-29 11:51:27Z teissa $ Mozilla Products 'NoWaiverWrapper' Privilege Escalation Vulnerability Windows...
CVE-2011-3655
CVE-2011-3655 affects Mozilla Firefox 4.x–7.0 and Thunderbird 5.0–7.0, where access control is bypassed due to lack of checking for NoWaiverWrapper, enabling privilege escalation from a crafted web site. The Solaris/OSSVA/Nessus entries corroborate this issue as part of a broader Firefox/Thunderb...
Adobe Shockwave Player Lnam Chunk Processing Buffer Overflow (APSB10-25; CVE-2010-3655)
A code execution vulnerability has been identified in Adobe Shockwave Player. The vulnerability is due to an error in Adobe Shockwave Player while parsing stringArray structures inside Lman chunks in crafted Director files. A remote attacker can exploit this issue by enticing a user to open a...
CVE-2010-3655
CVE-2010-3655 affects Adobe Shockwave Player prior to 11.5.9.615, due to a stack-based buffer overflow in the DIRAPI.DLL when parsing Lnam chunk data, enabling arbitrary code execution. Affected software is Adobe Shockwave Player (plug-in), with vulnerable component in dirapi.dll. The issue is tr...
Shockwave Player < 11.5.9.615
The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.9.615. Such versions are potentially affected by the following issues : - A memory corruption issue exists that could lead to code execution. Note that there are reports this issue is being exploited ...
SLES9: Security update for IBM Java2 JRE and SDK
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: IBMJava2-JRE IBMJava2-SDK For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...
SLES9: Security update for ruby
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: ruby For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5053737 within the SuSE...
SLES9: Security update for ruby
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: ruby For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5053737 within the SuSE...
SLES9: Security update for IBM Java2 JRE and SDK
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: IBMJava2-JRE IBMJava2-SDK For more information, please visit the referenced security advisories. More details may also be found by searching for keyword...
CVE-2009-3655
Rhino Software Serv-U versions 7.0.0.1 through 8.2.0.3 are documented to allow remote denial-of-service (server crash) through the FTP command sequence involving SITE SET TRANSFERPROGRESS ON. This is described in multiple sources (e.g., NVD and OpenVAS plugins) as a DoS vulnerability affecting Se...
openSUSE 10 Security Update : ruby (ruby-6339)
This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...
SuSE 11 Security Update : ruby (SAT Patch Number 1073)
This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...
RHEL 4 / 5 : java-1.5.0-ibm (RHSA-2007:0829)
Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.5.0 Java release includes the IBM Java 2...
openSUSE Security Update : ruby (ruby-1070)
This ruby update improves return value checks for openssl function OCSPbasicverify CVE-2009-0642 which allowed an attacker to use revoked certificates. The entropy of DNS identifiers was increased CVE-2008-3905 to avaid spoofing attacks. The code for parsing XML data was vulnerable to a denial of...
RedHat Update for ruby RHSA-2008:0897-01
Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0897-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
RedHat Update for ruby RHSA-2008:0897-01
Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0897-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
CentOS Update for irb CESA-2008:0896 centos3 i386
Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0896 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for irb CESA-2008:0897 centos4 x86_64
Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0897 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
CentOS Update for ruby CESA-2008:0895-02 centos2 i386
Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2008:0895-02 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CentOS Update for irb CESA-2008:0896 centos3 x86_64
Check for the Version of irb OpenVAS Vulnerability Test CentOS Update for irb CESA-2008:0896 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...