814 matches found
Symantec Norton AntiVirus Stack Exhaustion
Norton AntiVirus is a virus protection solution produced by Symantec corporation. When installed on a system, it installs a number of dynamic libraries and registers several ActiveX controls. A vulnerability has been reported in several Symantec products. One of the dynamic link libraries install...
[SECURITY] [DSA-1988-1] New qt4-x11 packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1988-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano February 02, 2010 http://www.debian.org/security/faq -...
Mandriva Update for kdelibs4 MDVSA-2010:027 (kdelibs4)
Check for the Version of kdelibs4 OpenVAS Vulnerability Test Mandriva Update for kdelibs4 MDVSA-2010:027 kdelibs4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Security Advisory MDVSA-2009:330 (kdelibs)
The remote host is missing an update to kdelibs announced via advisory MDVSA-2009:330. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...
Update Protection against Oracle Document Capture EasyMail IMAP4 LicenseKey Buffer Overflow
A buffer overflow vulnerability exists in Oracle Document Capture which is integrated with Oracle Imaging and Process Management and Oracle Universal Content Management products. The vulnerability is due to a boundary error while parsing the LicenseKey property within the EasyMail IMAP4 ActiveX...
Design/Logic Flaw
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
The HTMLMediaElement::loadResource function in html/HTMLMediaElement.cpp in WebCore in WebKit before r49480, as used in Apple Safari before 4.0.4 on Mac OS X, does not perform the expected callbacks for HTML 5 media elements that have external URLs for media resources, which allows remote attacke...
CVE-2009-2841
Removed by vendor...
CVE-2009-2529
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."...
Design/Logic Flaw
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."...
CVE-2009-2529
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not properly handle argument validation for unspecified variables, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Component Handling Vulnerability."...
FlexCell Grid FlexCell.Grid ActiveX Control Multiple Method Arbitrary File Overwrite
The remote host contains the FlexCell.Grid ActiveX control, a component of the FlexCell grid control software. The version of the control installed on the remote host reportedly fails to validate input to the 'File' argument of the 'SaveFile' and 'ExportToXML' methods before writing to the...
Altiris Altiris.AeXNSPkgDL.1 ActiveX Control DownloadAndInstall() Method Arbitrary Code Execution
The Altiris.AeXNSPkgDL.1 ActiveX control, a component of Altiris Deployment Solution, Altiris Notification Server, and Symantec Management Platform, is installed on the remote Windows host. The installed version of this control provides an unsafe method, named 'DownloadAndInstall'. If an attacker...
Design/Logic Flaw
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...
CVE-2009-3077
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...
Design/Logic Flaw
The RSS reader widget in IBM Lotus Notes 8.0 and 8.5 saves items from an RSS feed as local HTML documents, which allows remote attackers to execute arbitrary script in Internet Explorer's Local Machine Zone via a crafted feed, aka SPR RGAU7RDJ9K...
Fedora Core 11 FEDORA-2009-8800 (qt)
The remote host is missing an update to qt announced via advisory FEDORA-2009-8800. OpenVAS Vulnerability Test $Id: fcore20098800.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8800 qt Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
CVE-2009-3020
win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...
Design/Logic Flaw
win32k.sys in Microsoft Windows Server 2003 SP2 allows remote attackers to cause a denial of service system crash by referencing a crafted .eot file in the src descriptor of an @font-face Cascading Style Sheets CSS rule in an HTML document, possibly related to the Embedded OpenType EOT Font Engin...