102 matches found
Fedora Update for squirrelmail FEDORA-2011-9309
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 14 : squirrelmail-1.4.22-2.fc14 (2011-9309)
fixes : - CVE-2011-2023 : Messages containing style tags with malicious script attributes were being displayed without being sanitized - CVE-2010-4555 : An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user...
Fedora 15 : squirrelmail-1.4.22-2.fc15 (2011-9311)
fixes : - CVE-2011-2023 : Messages containing style tags with malicious script attributes were being displayed without being sanitized - CVE-2010-4555 : An attacker could use one of several small bugs in SquirrelMail to inject malicious script into various pages or alter the contents of user...
CVE-2010-4555
SquirrelMail (PHP webmail) versions up to 1.4.21 and earlier are affected by multiple XSS vulnerabilities (CVE-2010-4555, among others) via vectors including dropdown lists, the SquirrelSpell > character, and errors on the Index Order page. Open-source advisories and Nessus/OpenVAS feeds indic...
CVE-2009-4555
Multiple cross-site request forgery CSRF vulnerabilities in AgoraCart 5.2.005 and 5.2.006 and AgoraCart GOLD 5.5.005 allow remote attackers to hijack the authentication of administrators for requests that 1 modify a .htaccess file via an unspecified request to protected/manager.cgi or 2 change th...
Mandriva Security Advisory MDVSA-2009:254-1 (graphviz)
The remote host is missing an update to graphviz announced via advisory MDVSA-2009:254-1. OpenVAS Vulnerability Test $Id: mdksa20092541.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:254-1 graphviz Authors: Thomas Reinke Copyright: Copyright c 2009...
Mandriva Linux Security Advisory : graphviz (MDVSA-2009:254-1)
A vulnerability was discovered and corrected in graphviz : Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitra...
Gentoo Security Advisory GLSA 200811-04 (graphviz)
The remote host is missing updates announced in advisory GLSA 200811-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200811-04 (graphviz)
The remote host is missing updates announced in advisory GLSA 200811-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
SuSE 10 Security Update : graphviz (ZYPP Patch Number 5688)
This update of graphviz fixes a buffer overflow that occurs while parsing a DOT file. CVE-2008-4555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid34506;...
openSUSE 10 Security Update : graphviz (graphviz-5690)
This update of graphviz fixes a buffer overflow that occurs while parsing a DOT file. CVE-2008-4555 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update graphviz-5690. The text description of this...
CVE-2008-4555
CVE-2008-4555 is a real vulnerability in Graphviz 2.20.2 (and possibly earlier) involving a stack-based buffer overflow in the push_subg function (parser.y, lib/graph/parser.c). A DOT file with a large number of Agraph_t elements can allow user‑assisted remote attackers to cause memory corruption...
CVE-2008-4555
Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...
CVE-2008-4555
Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...
CVE-2007-4555
CVE-2007-4555 describes a cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP's administration interface. The issue occurs when arguments to a valid command are not properly sanitized and are displayed by the view log option, enabling an attacker to inject arbitrary web script or HTML. Th...
CVE-2006-4555
Summary (CVE-2006-4555) A buffer overflow in the Retro64 / Miniclip CR64Loader ActiveX control can allow a remote attacker to execute arbitrary code by enticing a user to view a crafted HTML document that references the control’s CLSID. The vulnerability affects the CR64Loader ActiveX control use...
Retro64 / Miniclip CR64Loader ActiveX control buffer overflow
Overview The Retro64 / Miniclip CR64Loader ActiveX control contains a buffer overflow vulnerability. This may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The CR64Loader Object is an ActiveX control developed by Retro64. The web sites...
CVE-2005-4555
CVE-2005-4555 is a cross-site scripting (XSS) vulnerability affecting DEV web management system versions 1.5 and earlier. The issue resides in add.php where an attacker can inject arbitrary script via four language array parameters: ENTER_ARTICLE_TITLE, SPECIFY_ZONE, ENTER_ARTICLE_HEADER, and ENT...
CVE-2018-4555
CVE-2018-4555 is rejected/not used; this entry has no active vulnerability details.
MS:9C911043-7F70-4555-B0D5-724AD163877B
...