Mozilla Firefox Code Execution Vulnerabilities - November12 (Windows)

This host is installed with Mozilla Firefox and is prone to multiple code execution vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxcodeexecvulnnov12win.nasl 5999 2017-04-21 09:02:32Z teissa $ Mozilla Firefox Code Execution Vulnerabilities - November12 Windows Authors: Rachana...

Fedora 16 : insight-7.4.50-4.20120403cvs.fc16 (2012-18300)

Thu Nov 15 2012 Patrick Monnerat 7.4.50-4.20120403cvs - Path 'objalloc' to fix libiberty security bug CVE-2012-3509. https://bugzilla.redhat.com/showbug.cgi?id=877014 - Enable Python to support STL extensions. https://bugzilla.redhat.com/showbug.cgi?id=865554 Note that Tenable Network Security...

Fedora Update for insight FEDORA-2012-18311

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for insight FEDORA-2012-18300

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 17 Update: insight-7.4.50-4.20120403cvs.fc17

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for GDB version 6.x...

[SECURITY] Fedora 16 Update: insight-7.4.50-4.20120403cvs.fc16

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for GDB version 6.x...

[SECURITY] Fedora 18 Update: insight-7.4.50-4.20120403cvs.fc18

Insight is a tight graphical user interface to GDB written in Tcl/Tk. It provides a comprehensive interface that enables users to harness most of GDB's power. It's also probably the only up-to-date UI for GDB version 6.x...

Google Chrome Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability - Linux

Google Chrome is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-4950

Cross-site scripting XSS vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters that are not properly handled during construction of error messages...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...

Session fixation

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

CVE-2012-4936

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

CVE-2012-4937

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

CVE-2012-4938

Cross-site scripting XSS vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message...

Code injection

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

CVE-2012-4935

Cross-site request forgery CSRF vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users...

CVE-2012-4936

The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element...

CVE-2012-4937

Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsessionid cookie...

CVE-2012-4937

CVE-2012-4937 affects Pattern Insight 2.3. The web interface suffers a session-management weakness (session fixation) where a jsession_id cookie can be used to hijack an authenticated session. Impact, as described, includes potential privilege escalation or authentication bypass for an attacker w...

CVE-2012-4936

CVE-2012-4936 concerns Pattern Insight 2.3, whose web interface is vulnerable to clickjacking via a FRAME element. The CVE description from NVD states that remote attackers can conduct clickjacking against the Pattern Insight web interface, with the effect of framing the application and potential...