Lucene search
+L

2361 matches found

CVE
CVE
added 2006/02/02 8:0 p.m.94 views

CVE-2006-0292

CVE-2006-0292 affects Mozilla/Firefox before 1.5.1; the bug in jsinterp.c dereferences objects during garbage collection, enabling remote crash or code execution via unknown attack vectors. A fix is available in version 1.5.1; apply update to mitigate.

7.5CVSS7.3AI score0.04472EPSS
Exploits0References60Affected Software2
Cent OS
Cent OS
added 2006/02/02 6:17 p.m.72 views

mozilla security update

CentOS Errata and Security Advisory CESA-2006:0199 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2006-February/074774.html https://lists.centos.org/pipermail/centos-announce/2006-February/074775.html...

5.8AI score
Exploits0References9
RedHat Linux
RedHat Linux
added 2006/02/02 3:50 p.m.46 views

Critical: Red Hat Security Advisory: firefox security update

An updated firefox package that fixes several security bugs is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Igor Bukanov discovered a bug in the way Firefox's Javascript interpret...

7.5CVSS6.1AI score0.12589EPSS
Exploits0References4
securityvulns
securityvulns
added 2006/01/22 12:0 a.m.53 views

[KDE Security Advisory] kjs encodeuri/decodeuri heap overflow

KDE Security Advisory: kjs encodeuri/decodeuri heap overflow vulnerability Original Release Date: 2006-01-19 URL: http://www.kde.org/info/security/advisory-20060119-1.txt 0. References CVE-2006-0019 1. Systems affected: KDE 3.2.0 up to including KDE 3.5.0 2. Overview: Maksim Orlovich discovered a...

7.5CVSS0.5AI score0.0614EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/22 12:0 a.m.30 views

Mandrake Linux Security Advisory : kdelibs (MDKSA-2006:019)

A heap overflow vulnerability was discovered in kjs, the KDE JavaScript interpretter engine. An attacker could create a malicious web site that contained carefully crafted JavaScript code that could trigger the flaw and potentially lead to the arbitrary execution of code as the user visiting the...

7.5CVSS5.9AI score0.0614EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/01/21 12:0 a.m.27 views

Ubuntu 4.10 / 5.04 / 5.10 : perl vulnerability (USN-222-1)

Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the...

4.6CVSS8.3AI score0.01374EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2006/01/21 12:0 a.m.22 views

SUSE-SA:2006:003: kdelibs3

The remote host is missing the patch for the advisory SUSE-SA:2006:003 kdelibs3. Maksim Orlovich discovered a bug in the JavaScript interpreter used by Konqueror. UTF-8 encoded URLs could lead to a buffer overflow that causes the browser to crash or execute arbitrary code. Attackers could trick...

7.5CVSS6.2AI score0.0614EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/01/21 12:0 a.m.26 views

Fedora Core 4 : kdelibs-3.5.0-0.4.fc4 (2006-050)

A heap overflow flaw was discovered affecting kjs, the JavaScript interpreter engine used by Konqueror and other parts of KDE. An attacker could create a malicious website containing carefully crafted JavaScript code that would trigger this flaw and possibly lead to arbitrary code execution. The...

7.5CVSS5.7AI score0.0614EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2006/01/20 9:3 p.m.29 views

CVE-2006-0019

Heap-based buffer overflow in the encodeURI and decodeURI functions in the kjs JavaScript interpreter engine in KDE 3.2.0 through 3.5.0 allows remote attackers to execute arbitrary code via a crafted, UTF-8 encoded URI...

7.5CVSS6.5AI score0.0614EPSS
Exploits0References2
CVE
CVE
added 2006/01/20 9:0 p.m.98 views

CVE-2006-0019

CVE-2006-0019 affects KDE kdelibs/kjs (KDE 3.2.0–3.5.0). The vulnerability is a heap-based overflow in encodeURI/decodeURI when parsing UTF-8 URIs, allowing remote code execution. CVSS v2 base 7.5 (NETWORK, LOW complexity, no auth). OpenVAS and vendor advisories (Debian DSA-948-1; Gentoo GLSA 200...

7.5CVSS7.6AI score0.0614EPSS
Exploits0References26Affected Software1
Debian
Debian
added 2006/01/20 2:35 p.m.38 views

[SECURITY] [DSA 948-1] New kdelibs packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 948-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20th, 2005 http://www.debian.org/security/faq -...

7.5CVSS0.3AI score0.0614EPSS
Exploits0
securityvulns
securityvulns
added 2006/01/20 12:0 a.m.53 views

[Full-disclosure] [USN-245-1] KDE library vulnerability

=========================================================== Ubuntu Security Notice USN-245-1 January 20, 2006 kdelibs vulnerability CVE-2006-0019 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 Hoary Hedgehoga Ubuntu...

7.5CVSS0.1AI score0.0614EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2006/01/19 5:50 p.m.31 views

Critical: Red Hat Security Advisory: kdelibs security update

Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. kdelibs contains libraries for the K Desktop Environment KDE. A heap overflow flaw was discovered affecting kjs, the...

7.5CVSS5.9AI score0.0614EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.43 views

Ubuntu 4.10 : php4 vulnerability (USN-66-2)

Ubuntu Security Notice USN-66-1 described a circumvention of the 'openbasedir' restriction by using the cURL module. Adam Conrad discovered that the fix from USN-66-1 still allowed to bypass this restriction with certain variants of path specifications. In addition this update fixes the crash of...

5.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.41 views

Ubuntu 4.10 : php4 vulnerabilities (USN-99-2)

USN-99-1 fixed a safe mode bypass which allowed malicious PHP scripts to circumvent path restrictions by creating a specially crafted directory whose length exceeded the capacity of the realpath function CAN-2004-1064. However, this caused severe regressions, some applications like SquirrelMail a...

10CVSS5.5AI score0.03735EPSS
Exploits0References1
NVD
NVD
added 2005/12/31 5:0 a.m.15 views

CVE-2005-4814

Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory...

7.5CVSS7.5AI score0.01248EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2005/12/13 12:17 a.m.66 views

USN-222-2: Perl vulnerability

USN-222-1 fixed a vulnerability in the Perl interpreter. It was discovered that the version of USN-222-1 was not sufficient to handle all possible cases of malformed input that could lead to arbitrary code execution, so another update is necessary. Original advisory: Jack Louis of Dyad Security...

4.6CVSS8.6AI score0.01374EPSS
Exploits2
CERT
CERT
added 2005/12/06 12:0 a.m.34 views

Perl contains an integer sign error in format string processing

Overview The Perl interpreter contains a flaw that may increase the impact of format string vulnerabilities in programs written in Perl. Description Perl is a programming language used in many applications and commonly used for web applications. The Perl interpreter, which interprets and executes...

4.6CVSS8.4AI score0.01374EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2005/12/02 10:23 p.m.44 views

USN-222-1: Perl vulnerability

Jack Louis of Dyad Security discovered that Perl did not sufficiently check the explicit length argument in format strings. Specially crafted format strings with overly large length arguments led to a crash of the Perl interpreter or even to execution of arbitrary attacker-defined code with the...

4.6CVSS8.4AI score0.01374EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2005/11/02 12:0 a.m.30 views

Mandrake Linux Security Advisory : ruby (MDKSA-2005:191)

Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed. The updated packages have been patched to address this issue. %NASLMINLEVEL 70300 C...

7.5CVSS5.2AI score0.03256EPSS
Exploits0References1
Rows per page
Query Builder