[SECURITY] Fedora 8 Update: libexif-0.6.15-5.fc8

Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags...

[SECURITY] Fedora 7 Update: thunar-volman-0.2.0-1.fc7

The Thunar Volume Manager is an extension for the Thunar file manager, which enables automatic management of removable drives and media. For example, if thunar-volman is installed and configured properly, and you plug in your digital camera, it will automatically launch your preferred photo...

[SECURITY] Fedora 7 Update: kdegraphics-3.5.8-7.fc7

Graphics applications for the K Desktop Environment, including kamera digital camera support kcoloredit palette editor and color chooser kdvi displays TeX .dvi files kghostview displays postscript files kiconedit icon editor kooka scanner application kpdf displays PDF files kruler screen ruler an...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via 1 parameters associated with saved settings, as demonstrated by the confSMTPMailServer1 parameter to ServerManager.srv...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by 1 an SMTP server change through the confSMTPMailServer1 parameter to ServerManager.srv and 2...

CVE-2007-5213

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by 1 an SMTP server change through the confSMTPMailServer1 parameter to ServerManager.srv and 2...

CVE-2007-5214

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to the default URI associated with a directory, as demonstrated by a the root directory and b the...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to the default URI associated with a directory, as demonstrated by a the root directory and b the...

CVE-2007-5212

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via 1 parameters associated with saved settings, as demonstrated by the confSMTPMailServer1 parameter to ServerManager.srv...

CVE-2007-5213

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by 1 an SMTP server change through the confSMTPMailServer1 parameter to ServerManager.srv and 2...

CVE-2007-5212

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware before 2.43 allow remote attackers to inject arbitrary web script or HTML via 1 parameters associated with saved settings, as demonstrated by the confSMTPMailServer1 parameter to ServerManager.srv...

CVE-2007-5214

The CVE describes multiple cross-site scripting (XSS) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier. The issues allow remote attackers to inject arbitrary web script or HTML via (1) PATH_INFO to the default URI (e.g., root or view/), (2) settings parameters s...

CVE-2007-5212

CVE-2007-5212: AXIS 2100 Network Camera 2.02 has multiple XSS vulnerabilities in firmware prior to 2.43. Attackers can inject arbitrary web script/HTML via (1) parameters tied to saved settings (e.g., conf_SMTP_MailServer1 in ServerManager.srv) and (2) the subpage parameter to wizard/first/wizard...

CVE-2007-5213

The CVE-2007-5213 entry describes CSRF vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier. The affected component is the web management interface, where cross-site requests can perform administrator actions. Demonstrated vectors include (1) changing the SMTP serve...

CVE-2007-5214

Multiple cross-site scripting XSS vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to the default URI associated with a directory, as demonstrated by a the root directory and b the...

Axis IP cameras crossite scripting

It's possible to spoof video content by using crossite scripting attacks...

CVE-2007-4929

Multiple cross-site scripting XSS vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/imageincl.shtml, and other unspecified vectors...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the AXIS 207W camera allow remote attackers to perform certain actions as administrators via 1 axis-cgi/admin/restart.cgi, 2 the user and sgrp parameters to axis-cgi/admin/pwdgrp.cgi in an add action, or 3 the server parameter to...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the AXIS 207W camera allow remote attackers to inject arbitrary web script or HTML via the camNo parameter to incl/imageincl.shtml, and other unspecified vectors...

CVE-2007-4926

The AXIS 207W camera uses a base64-encoded cleartext username and password for authentication, which allows remote attackers to obtain sensitive information by sniffing the wireless network or by leveraging unspecified other vectors...