9803 matches found
Debian Security Advisory DSA 2106-1 (xulrunner)
The remote host is missing an update to xulrunner announced via advisory DSA 2106-1. OpenVAS Vulnerability Test $Id: deb21061.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2106-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
[SECURITY] Fedora 12 Update: seamonkey-2.0.8-1.fc12
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 13 Update: seamonkey-2.0.8-1.fc13
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 14 Update: seamonkey-2.0.8-1.fc14
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
Google Chrome 'WebKit' Multiple Vulnerabilities (Linux) - Sep 10
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnlin01sep10.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome 'WebKit' Multiple Vulnerabilities Linux - Sep 10 Authors: Sooraj KS Copyright: Copyright c...
CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...
Design/Logic Flaw
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...
CVE-2010-1824
CVE-2010-1824 is a use-after-free vulnerability in WebKit used by Apple iTunes (Windows), Safari, and Chrome up to version 6.0.472.59. The flaw is triggered via SVG styles, the DOM tree, and error messages, allowing remote attackers to execute arbitrary code or cause a denial of service. The prov...
CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...
CVE-2010-1824
Removed by vendor...
CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...
UBUNTU-CVE-2010-1824
Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...
IB Promotion Advanced Business Web Suite Cross Site Scripting
Hello Bugtraq! I want to warn you about Cross-Site Scripting and Insufficient Anti-automation vulnerabilities in IB Promotion Advanced Business Web Suite. It's Ukrainian commercial CMS. XSS WASC-08: http://site/search/?qs=;alertdocument.cookie;// It's DOM Based XSS. Insufficient Anti-automation...
Samba: Stack-based buffer overflow by processing specially-crafted SID records
Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...
Mozilla Foundation Security Advisory 2010-57
Mozilla Foundation Security Advisory 2010-57 Title: Crash and remote code execution in normalizeDocument Impact: Critical Announced: September 7, 2010 Reporter: regenrecht Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird 3.0.7 SeaMonke...
Mozilla Foundation Security Advisory 2010-51
Mozilla Foundation Security Advisory 2010-51 Title: Dangling pointer vulnerability using DOM plugin array Impact: Critical Announced: September 7, 2010 Reporter: Sergey Glazunov Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.9 Firefox 3.5.12 Thunderbird 3.1.3 Thunderbird 3.0.7...
CVE-2010-2766
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...
Code injection
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...
CVE-2010-2767
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...
CVE-2010-2766
CVE-2010-2766 is a memory/DOM handling flaw in Mozilla’s browser engines where the normalization code could remove DOM nodes during traversal, leading to an access of a deleted object and potential code execution. Affected products and versions per the provided documents: Mozilla Firefox before 3...