SuSE Security Update: Security update for Mozilla Firefox (firefox35upgrade-6562)

This update brings the Mozilla Firefox 3.5 webbrowser to version 3.5.3, the Mozilla XULRunner 1.9.0 engine to the 1.9.0.14 stable release, and the Mozilla XULRunner 1.9.1 engine to the 1.9.1.3 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 /...

[ONSEC-09-018] Twilight CMS XSS

http://onsec.ru/vuln?id=10 ONSEC-09-018 Twilight CMS XSS Цель: Twilight CMS Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 01.10.2009 Дата оповещения разработчика: 01.10.2009 Дата выхода исправления: 10.01.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495)

This update brings the Mozilla Firefox browser to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-30 / CVE-2009-3075: Mozilla developers and community members identified and...

SuSE 11 Security Update : Mozilla (SAT Patch Number 1328)

This update brings the Mozilla XULRunner engine to the 1.9.0.14 stable release. It also fixes various security issues : - / CVE-2009-30 /. MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 - Mozilla developers and community members identified and fixed...

[ONSEC-09-011] UMI.CMS Multiple XSS

ONSEC-09-011 UMI.CMS Multiple XSS Цель: UMI CMS =2.7.3 Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 15.07.2009 Дата оповещения разработчика: 15.07.2009 Дата выхода исправления: 03.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимые поля...

[ONSEC-09-016] Blogolet XSS

ONSEC-09-016 Blogolet XSS Цель: Blogolet CMS Тип: Межсайтовый скриптинг Угроза: Средняя Дата обнаружения: 21.09.2009 Дата оповещения разработчика: 21.09.2009 Дата выхода исправления: 21.09.2009 Автор: Vladimir Vorontsov OnSec Russian Security Group onsec dot ru Описание: Уязвимости существуют из-...

Apple Safari 'WebKit.dll' Stack Consumption Vulnerability

Apple Safari is prone to a stack consumption vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

Apple Safari 'WebKit.dll' Stack Consumption Vulnerability

This host has Apple Safari installed and is prone to Stack Consumption vulnerability. OpenVAS Vulnerability Test $Id: secpodapplesafaristackconsumptionvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Apple Safari 'WebKit.dll' Stack Consumption Vulnerability Authors: Sharath S Copyright: Copyright c...

Juniper Junos 8.59.0 J-Web Interface - diagnose Multiple Cross-Site Scripting Vulnerabilities

Juniper Junos 8.59.0 J-Web Interface - diagnose Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize...

Juniper Junos 8.59.0 J - Web Interface (Multiple Script) m[] Cross-Site Scripting

Juniper Junos 8.59.0 J - Web Interface Multiple Script m Cross-Site Scripting source: https://www.securityfocus.com/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to...

Design/Logic Flaw

Stack consumption vulnerability in WebKit.dll in WebKit in Apple Safari 3.2.3, and possibly other versions before 4.1.2, allows remote attackers to cause a denial of service application crash via JavaScript code that calls eval on a long string composed of A/ sequences...

Ubuntu 8.04 LTS / 8.10 / 9.04 : firefox-3.0, xulrunner-1.9 vulnerabilities (USN-821-1)

Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-3070,...

Mozilla Firefox < 3.0.14 / 3.5.3 Multiple Vulnerabilities

Binary data 801311.prm...

Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09

This host has Internet Explorer installed and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbmsielielementdosvulnsep09.nasl 7293 2017-09-27 08:49:48Z cfischer $ Microsoft Internet Explorer 'li' Element DoS Vulnerability - Sep09 Authors: Sharath S Copyright: Copyrig...

Microsoft Internet Explorer 'li' Element DoS Vulnerability (Sep 2009)

Internet Explorer is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MKPortal 1.x - Multiple BBCode HTML Injection Vulnerabilities

source: https://www.securityfocus.com/bid/36218/info MKPortal is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacke...

Microsoft Internet Explorer 'location.hash' DOS Vulnerability

This host is installed with Internet Explorer and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodmsielocationhashdosvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer 'location.hash' DOS Vulnerability Authors: Sharath S Copyright:...

Google Chrome 'location.hash' Denial Of Service Vulnerability

Google Chrome is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service CPU consumption and application hang via JavaScript code with a long string value for the hash property aka location.hash, a related issue to CVE-2008-5715...

CVE-2009-2955

Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service CPU consumption and application hang via JavaScript code with a long string value for the hash property aka location.hash, a related issue to CVE-2008-5715...