CVE-2010-1851

CVE-2010-1851 affects Google Chrome with the Invisible Hand extension enabled. The issue stems from cookies being used during background HTTP requests, which could enable remote servers to correlate requests and identify specific users and their product searches through HTTP request logging, desc...

Google Chrome Multiple Vulnerabilities (win)

This host is installed with Google Chrome Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnapr10.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities win Authors: Madhuri D Updated By: Madhuri D on 2010-05-10...

Google Chrome 4.1.249.1059 Multiple Vulnerabilities - Windows

Google Chrome Web Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wing FTP Server HTTP Directory Traversal Vulnerability

Christian Navarrete has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an input validation error when processing HTTP requests. This can be exploited to access files outside the web ro...

Code injection

Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the service access control list SACL for weblogs during weblog creation, which allows remote authenticated users to publish content via HTTP requests...

Serv-U < 9.4.0.0

According to its banner, the installed version of Serv-U is earlier than 9.4.0.0, and is, therefore, potentially affected by the following issues : - When importing users, restricted administrators could create user accounts outside their home directory. - When exporting users, restricted...

Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability

====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Cross-Site Request Forgery Vulnerability - ====================================================================== Table of Contents Affected...

osDate 2.1.9 - Remote File Inclusion

======================================================================================== o osDate Remote File Inclusion Vulnerabilities Software : osDate dating and matchmaking script version 2.1.9 mostly affected Vendor : http://www.tufat.com/ Download : http://www.tufat.com/sfreedatingsystem.ht...

Microsoft Excel DbOrParamQry memory corruption

Added: 03/11/2010 CVE: CVE-2010-0264 BID: 38555 OSVDB: 62823 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability in Microsoft Excel allows command execution when a user...

Zenoss Server Multiple Vulnerabilities

The host is running Zenoss Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbzenossservmultvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Zenoss Server Multiple Vulnerabilities Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod, http://www.secpod.com This...

MDaemon Raw Message Handler Buffer Overflow (CVE-2003-1200)

WorldClient is a program listening on TCP/3000 and executing the CGI program Form2Raw, which processes HTTP requests. The vulnerable products do not require any user credentials to access the program. The specially crafted content will be passed unchecked to the vulnerable server program, MDaemon...

Novell GroupWise Messenger HTTP POST Request Invalid Memory Access (CVE-2006-4511)

Novell GroupWise Messenger is a corporate instant messaging solution targeted towards medium to large enterprise organizations. It facilitates secure communications and policy-based management through Novell's eDirectory product suite. The product is based on a client-server model where messaging...

Trend Micro OfficeScan Console Authentication Buffer Overflow (CVE-2007-3454)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on the nodes of an enterprise network. The product is a central command centre...

WebCalendar Multiple CSS and CSRF Vulnerabilities

The host is running WebCalendar and is prone to multiple CSS and CSRF Vulnerabilities. OpenVAS Vulnerability Test $Id: gbwebcalendarmultcssncsrfvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ WebCalendar Multiple CSS and CSRF Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2010 Greenbone...

Update Protection against Sun Java System Web Server Digest Authorization Buffer Overflow

A buffer overflow vulnerability was reported in Sun Java System Web Server, a web server for medium to large business applications. The vulnerability is due to insufficient boundary checks when processing malformed HTTP requests. A remote unauthenticated attack can leverage this vulnerability by...

Sun Java System Web Server Digest Authorization Buffer Overflow

Sun Microsystems' Java System Web Server is a high performance web server for medium to large business applications. A buffer overflow vulnerability has been reported in Sun Java System Web Server. The vulnerability is due to insufficient boundary checks by the Sun Java Web Server when processing...

Magic_Blocks1_2 File Disclosure

links : http://mshaer.net/magicblocks12.zip !/usr/bin/perl Exploitation Remote File Disclosure Vulnerability By JIKO Author : Jiko Site : http://www.No-ExploiT.Com Contact : jalikomathotmaildotcom Thanks to allah Greetz All Moslum And My friends script http://mshaer.net/magicblocks12.zip...

CVE-2003-1578

Sun ONE aka iPlanet Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enabled for client IP addresses, allows remote attackers to hide HTTP requests from the log-preview functionality by accompanying the requests with crafted DNS responses specifying a domain name beginning...

HP OpenView Network Node Manager OVwSelection Buffer Overflow (CVE-2009-4181)

The HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes several optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...

HP Power Manager Remote Code Execution (CVE-2009-2685)

A remote code execution vulnerability exists within HP Power Manager. The vulnerability is due to insufficient bounds checking in the HP Power Manager while processing URL parameters in the login form of the web based management web server. Remote unauthenticated attackers can exploit this...