77 matches found
Bypass Policy
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Foxit Reader < 9.3 Multiple Vulnerabilities
The version of Foxit Reader installed on the remote Windows host is prior to 9.3. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid118093; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate",...
CVE-2018-3992
CVE-2018-3992 is a use-after-free vulnerability in Foxit PDF Reader’s JavaScript engine (version 9.2.0.9297). A specially crafted PDF can reuse a freed memory object, leading to arbitrary code execution. Exploitation requires user action to open the malicious file; if the browser plugin extension...
Foxit Reader and PhantomPDF Multiple Use After Free Vulnerabilities (CVE-2018-3940; CVE-2018-3941; CVE-2018-3942; CVE-2018-3943; CVE-2018-3944; CVE-2018-3945; CVE-2018-3946)
A remote code execution vulnerability exists in Foxit Reader and PhantomPDF. The vulnerability is due to a use-after-free error while handling a specially crafted PDF file. Successful exploitation could lead to arbitrary code execution. Additional CVEs: CVE-2018-3957, CVE-2018-3958, CVE-2018-3959...
CVE-2017-3992
CVE-2017-3992 entry is rejected/not used; does not represent an active vulnerability entry.
CVE-2017-3992
...
CVE-2009-3992
CVE-2009-3992 is rejected/not used and does not represent an active vulnerability entry.
CVE-2009-3992
...
CVE-2016-3992
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a 1 cronic.out.$$, 2 cronic.err.$$, or 3 cronic.trace.$$ file in /tmp...
CVE-2016-3992
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a 1 cronic.out.$$, 2 cronic.err.$$, or 3 cronic.trace.$$ file in /tmp...
CVE-2016-3992
CVE-2016-3992 affects cronic prior to version 3, enabling local users to write arbitrary files via a symlink attack against cronic.out.$$, cronic.err.$$, or cronic.trace.$$ in /tmp. Root cause: symlink manipulation in temporary files. Practical impact: local privilege or data tampering risk with ...
CVE-2016-3992
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a 1 cronic.out.$$, 2 cronic.err.$$, or 3 cronic.trace.$$ file in /tmp...
openSUSE Security Update : cronic (openSUSE-2016-832)
cronic was updated to fix one security issue. This security issue was fixed : - CVE-2016-3992: Predictable temporary files bsc974845. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
CVE-2014-3992
CVE-2014-3992 corresponds to multiple SQL injection vulnerabilities in Dolibarr ERP/CRM 3.5.3, exploitable by remote authenticated users via the entity parameter in user/fiche.php or the sortorder parameter in user/group/index.php. The issue allows arbitrary SQL execution within the application's...
CVE-2014-3992
creationtimestamp| type| source ---|---|--- 2014-07-08 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34007...
CVE-2013-3992
CVE-2013-3992 is an CSRF vulnerability in IBM InfoSphere BigInsights 2.0–2.1. The IBM advisory lists affected platforms as BigInsights v1.1–2.1 (Linux shown) and provides remediation via the 2.1 Fix Pack (2.1.0.1). Other fixes include contacting support for older versions (1.1–2.0). The vulnerabi...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:1345-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MozillaFirefox: update to Firefox 16.0.1 (important)
The Mozilla suite received following security updates bnc783533: Mozilla Firefox was updated to 16.0.1. Mozilla Seamonkey was updated to 2.13.1. Mozilla Thunderbird was updated to 16.0.1. Mozilla XULRunner was updated to 16.0.1. MFSA 2012-88/CVE-2012-4191 bmo798045 Miscellaneous memory safety...
Mozilla Thunderbird Multiple Vulnerabilities-01 (Windows)
The host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvuln01oct12win.nasl 6086 2017-05-09 09:03:30Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyrigh...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (Windows)
The host is installed with Mozilla firefox ESR and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxesrmultvuln01oct12win.nasl 6115 2017-05-12 09:03:25Z teissa $ Mozilla Firefox ESR Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyright...