Scientific Linux Security Update : seamonkey on SL3.x, SL4.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. CVE-2010-1200 A flaw was found in the way browser plug-ins interac...

Scientific Linux Security Update : firefox on SL4.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2010-1121, CVE-2010-1200, CVE-2010-1202, CVE-2010-1203 A flaw was...

Scientific Linux Security Update : httpd on SL6.x i386/x86_64 (20120213)

The Apache HTTP Server is a popular web server. It was discovered that the fix for CVE-2011-3368 released in a previous update did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker b...

CentOS Update for httpd CESA-2011:1392 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Null HTTPd Server Content-Length HTTP Header Buffer Overflow Vulnerability

Null HTTPd Server is prone to heap based buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-4586

CRLF injection vulnerability (HTTP header injection/response splitting) in Moodle Calendar subsystem via calendar/set.php affects Moodle 1.9.x <1.9.15, 2.0.x <2.0.6, and 2.1.x

CVE-2012-3350

SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

Sql injection

SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

CVE-2012-3350

SQL injection vulnerability in index.php in Webmatic 3.1.1 allows remote attackers to execute arbitrary SQL commands via the Referer HTTP header...

RedHat Update for httpd RHSA-2012:0128-01

Check for the Version of httpd OpenVAS Vulnerability Test RedHat Update for httpd RHSA-2012:0128-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for httpd RHSA-2012:0128-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Blind SQL Injection in Webmatic

Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference: CVE-2012-3350 CVSSv2 Base Score: 7.5...

Webmatic 3.1.1 - Blind SQL Injection

Advisory ID: HTB23096 Product: Webmatic Vendor: valarsoft.com Vulnerable Versions: 3.1.1 and probably prior Tested Version: 3.1.1 Vendor Notification: 13 June 2012 Public Disclosure: 4 July 2012 Vulnerability Type: Blind SQL Injection CVE Reference: CVE-2012-3350 CVSSv2 Base Score: 7.5...

CVE-2012-3828

Cross-site scripting XSS vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header...

Cross site scripting

Cross-site scripting XSS vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header...

CVE-2012-3829

Affected product: Joomla! 2.5.3. Vulnerability: exposes the installation path to remote attackers via the Host HTTP header, enabling information disclosure. Root cause: improper handling of the Host header leading to path disclosure. Impact: partial confidentiality breach (installation path expos...

CVE-2012-3828

CVE-2012-3828 affects Joomla! 2.5.3 with a cross-site scripting (XSS) vulnerability exploitable via the Host HTTP Header, allowing remote script/HTML injection. Root cause described as insufficient validation of the Host header. Impact is client-side script execution potential; no explicit exploi...

CVE-2012-3829

Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header...

CVE-2012-3828

Cross-site scripting XSS vulnerability in Joomla! 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the Host HTTP Header...

CVE-2011-4940

The listdirectory function in Lib/SimpleHTTPServer.py in SimpleHTTPServer in Python before 2.5.6c1, 2.6.x before 2.6.7 rc2, and 2.7.x before 2.7.2 does not place a charset parameter in the Content-Type HTTP header, which makes it easier for remote attackers to conduct cross-site scripting XSS...