CVE-2009-1713

The XSLT functionality in WebKit in Apple Safari before 4.0 does not properly implement the document function, which allows remote attackers to read 1 arbitrary local files and 2 files from different security zones via unspecified vectors...

AVG AntiVirus Engine Malware Detection Bypass Vulnerability (Windows)

This host is installed with AVG AntiVirus Product Suite for Windows and is prone to Malware Detection Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodavgdetectionbypassvulnwin.nasl 5055 2017-01-20 14:08:39Z teissa $ AVG AntiVirus Engine Malware Detection Bypass Vulnerability Windows...

Unfixed XSS vulnerability at www.nhl.nl

Security researcher Jurpie, has submitted on 23/05/2009 a cross-site-scripting XSS vulnerability affecting www.nhl.nl, which at the time of submission ranked 184188 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 23/05/2009. It is currently...

CVE-2009-1735

Cross-site scripting XSS vulnerability in search.php in VidSharePro allows remote attackers to inject arbitrary web script or HTML via the searchtxt parameter. NOTE: some of these details are obtained from third party information...

CSRF attack message thrown when JSESSIONID is changed

Symptoms: Anything that is using DWR will fail. Meaning: page editor is fully or partially unusable and it may display the text "Draft saving timed out" on top of the text area. At the same time, the following error messages are printed in the Confluence log: noformat 2009-05-15 08:06:36,011 ERRO...

Debian DSA-1801-1 : ntp - buffer overflows

Several remote vulnerabilities have been discovered in NTP, the Network Time Protocol reference implementation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0159 A buffer overflow in ntpq allow a remote NTP server to create a denial of service...

[SECURITY] Fedora 11 Update: ipsec-tools-0.7.2-1.fc11

This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon...

Fedora 10 : avahi-0.6.22-12.fc10 (2008-11351)

This version includes five patches backported from the recently released 0.6.24 : - A trivial security fix for CVE-2008-5081, rhbz 475964. - A trivial fix for the threaded event loop, avahi bts 251 - A trivial fix unbreaking the --force-bind logic of avahi-autoipd, avahi bts 209 - A trivial fix t...

Mandriva Linux Security Advisory : kernel (MDVSA-2008:105)

The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. CVE-2007-3740 The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets,...

Mandriva Linux Security Advisory : kernel (MDVSA-2008:104)

A race condition in the directory notification subsystem dnotify in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service OOPS and possibly gain privileges via unspecified vectors. CVE-2008-1375 The Linux kernel before 2.6.25.2 does not...

Cross site scripting

Cross-site scripting XSS vulnerability in Website\admin\Sales\paypalipn.aspx in DotNetNuke DNN before 4.9.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "name/value pairs" and "paypal IPN functionality."...

Cross site scripting

Cross-site scripting XSS vulnerability in the Localization client module 5.x before 5.x-1.2 and 6.x before 6.x-1.7, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via input to the translation functionality...

Fedora Core 9 FEDORA-2009-3712 (udev)

The remote host is missing an update to udev announced via advisory FEDORA-2009-3712. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Authentication flaw

The Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via 1 the...

CVE-2008-6707

The Web management interface in Avaya SIP Enablement Services SES 3.x and 4.0, as used with Avaya Communication Manager 3.1.x, does not perform authentication for certain functionality, which allows remote attackers to obtain sensitive information and access restricted functionality via 1 the...

CVE-2008-6707

CVE-2008-6707 affects Avaya SIP Enablement Services (SES) 3.x and 4.0 when used with Avaya Communication Manager 3.1.x. The issue is that the web management interface does not perform authentication for several functions, allowing remote attackers to access restricted functionality and obtain sen...

Mandriva Update for jackit MDVA-2008:200 (jackit)

Check for the Version of jackit OpenVAS Vulnerability Test Mandriva Update for jackit MDVA-2008:200 jackit Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Mandriva Update for silc-toolkit MDVA-2008:051 (silc-toolkit)

Check for the Version of silc-toolkit OpenVAS Vulnerability Test Mandriva Update for silc-toolkit MDVA-2008:051 silc-toolkit Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Mandriva Update for clamav MDKSA-2007:098 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDKSA-2007:098 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for clamav MDKSA-2007:098 (clamav)

Check for the Version of clamav OpenVAS Vulnerability Test Mandriva Update for clamav MDKSA-2007:098 clamav Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...