openSUSE Security Update : MozillaFirefox (MozillaFirefox-509)

The Mozilla Firefox browser is updated to version 3.0.6 fixing various security and stability issues. MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...

openSUSE Security Update : MozillaFirefox (MozillaFirefox-509)

The Mozilla Firefox browser is updated to version 3.0.6 fixing various security and stability issues. MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...

openSUSE Security Update : seamonkey (seamonkey-1014)

The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 bmo460090,485217 Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with...

openSUSE 10 Security Update : seamonkey (seamonkey-6310)

The Mozilla SeaMonkey browser suite was updated to version 1.1.16, fixing various bugs and security issues : - Security update to 1.1.16 - MFSA 2009-12/CVE-2009-1169 bmo460090,485217 Crash and remote code execution in XSL transformation - MFSA 2009-14/CVE-2009-1303/CVE-2009-1305 Crashes with...

Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Linux)

The host is installed with Mozilla Seamonkey browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnfeb09lin.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Feb-09 Linux Authors: Sharath S Copyright: Copyright c...

Mozilla Seamonkey Multiple Vulnerabilities (Feb 2009) - Windows

Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Seamonkey Multiple Vulnerabilities Feb-09 (Windows)

The host is installed with Mozilla Seamonkey browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodseamonkeymultvulnfeb09win.nasl 5122 2017-01-27 12:16:00Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities Feb-09 Windows Authors: Sharath S Copyright: Copyright ...

Mozilla Seamonkey Multiple Vulnerabilities (Feb 2009) - Linux

Mozilla Seamonkey browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Multiple Vulnerabilities Feb-09 (Linux)

The host is installed with Mozilla Firefox browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnfeb09lin.nasl 5055 2017-01-20 14:08:39Z teissa $ Mozilla Firefox Multiple Vulnerabilities Feb-09 Linux Authors: Sharath S Copyright: Copyright c 2009...

Microsoft XML Core Services XMLHttpRequest SetCookie2头信息泄露漏洞

BUGTRAQ ID: 33803 CVECAN ID: CVE-2009-0419 Microsoft XML Core Services（MSXML）允许使用JScript、VBScript和Visual Studio 6.0的用户开发基于XML的应用，以与其他遵循XML 1.0标准的应用程序交互操作。 Microsoft XML Core Services没有正确地限制网页对Set-Cookie2 HTTP响应头的访问，远程攻击者可以通过XMLHttpRequest调用绕过HTTPOnly保护机制读取敏感信息。 Microsoft XML Core Services 6.0...

Microsoft XML Core Service Information Disclosure Vulnerability

This host is installed with Microsoft XML Core Service and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodmsxmlcoresvcinfodiscvuln.nasl 16112 2009-02-18 12:40:24Z feb$ Microsoft XML Core Service Information Disclosure Vulnerability Update by Antu sanadi on...

RedHat Security Advisory RHSA-2009:0256

The remote host is missing updates announced in advisory RHSA-2009:0256. Mozilla Firefox is an open source Web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code...

seamonkey security update

CentOS Errata and Security Advisory CESA-2009:0257-01 Updated seamonkey packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source...

Design/Logic Flaw

xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the 1 Set-Cookie and 2 Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly...

CVE-2008-6059

xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the 1 Set-Cookie and 2 Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly...

CVE-2008-6059

xml/XMLHttpRequest.cpp in WebCore in WebKit before r38566 does not properly restrict access from web pages to the 1 Set-Cookie and 2 Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XMLHttpRequest calls, related to the HTTPOnly...

Mozilla Foundation Security Advisory 2009-05

Mozilla Foundation Security Advisory 2009-05 Title: XMLHttpRequest allows reading HTTPOnly cookies Impact: Low Announced: February 3, 2009 Reporter: Wladimir Palant Products: Firefox, SeaMonkey Fixed in: Firefox 3.0.6 SeaMonkey 1.1.15 Description Developer and Mozilla community member Wladimir...

CentOS 3 / 4 : seamonkey (CESA-2009:0257)

Updated SeaMonkey packages that fix security issues are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open source Web browser, email and newsgroup client, IRC chat...

Design/Logic Flaw

Microsoft XML Core Services, as used in Microsoft Expression Web, Office, Internet Explorer 6 and 7, and other products, does not properly restrict access from web pages to Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via...

CVE-2009-0419

CVE-2009-0419 concerns information disclosure in Microsoft XML Core Services via Set-Cookie2 headers accessible from XMLHttpRequest. Connected documentation shows Microsoft MS08-069 (KB955218) addressing XML Core Services vulnerabilities, resolving an information-disclosure risk and guiding updat...