RHEL 4 : firefox (RHSA-2006:0733)

Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox...

devhelp, seamonkey security update

CentOS Errata and Security Advisory CESA-2006:0734 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open sour...

seamonkey security update

CentOS Errata and Security Advisory CESA-2006:0734-01 Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. SeaMonkey is an open...

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were foun...

Multiple Mozilla Firefox / Thunderbird / Seamonkey security vulnerabilities

Memory corruption, javascript code spoofing, code execution. May be used for hidden malware installation...

Apple Mac OS X多个安全漏洞

Apple Mac OS X是苹果家族机器所使用的操作系统。 最新的Mac OS X更新修复了多个漏洞，具体如下： CVE-2006-1472 AFP Server中的漏洞允许在搜索结果中包含执行搜索用户无权访问的文件和文件夹。如果文件名本身就是敏感信息的话，就可能导致信息泄露；如果权限允许的话，攻击者还可以访问文件内容。 CVE-2006-1473 已认证用户可以触发AFP Server中的整数溢出漏洞，导致拒绝服务或以系统权限执行任意代码。AFP Server在Mac OS X中不是默认启用的。 CVE-2006-3495 在Mac OS X Server上，AFP...

JavaScript code can cause the browser attack-vulnerability warning-the black bar safety net

Security researchers have found a Use JavaScript to scan the family and the enterprise network, and attacks on the network server, and the router and printer and other equipment of the method. Researchers say the malicious JavaScript code can be embedded in a Web page, use the browser to browse t...

security flaw

Double free vulnerability in the getRawDER function for nsIX509Cert in Firefox allows remote attackers to cause a denial of service hang and possibly execute arbitrary code via certain Javascript code...

[Kil13r-SA-20060622-1] NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060622-1 NetSoft SmartNet 2.0 Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/21 - Discovery 2006/06/21 - Vendor notification 2006/06/22 - Release Affected version: NetSoft SmartNet 2.0 Not affected version:...

[Kil13r-SA-20060609-1] Daum Search Cross-Site Scripting Vulnerability

Title: Kil13r-SA-20060609-1 Daum Search Cross-Site Scripting Vulnerability Author: Kil13r - http://www.kil13r.info/ Local / Remote: Remote Timeline: 2006/06/09 - Discovery 2006/06/09 - Vendor notification 2006/06/09 - Release Affected version: Not affected version: Description: Daum is internet...

[SA20376] Firefox Multiple Vulnerabilities

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

ByteHoard <= 2.1 multiple vulnerabilities

ByteHoard = 2.1 multiple vulnerabilities Discovered by: Nomenumbra Date: 23/5/2006 impact:high file manipulation,privilege escalation,possible defacement ByteHoard versions up to 2.1 are prone to multiple vulnerabilities, including directory traversal. 0x00 Directory traversal: Users are able to...

EV0104.txt

New eVuln Advisory: Skull-Splitter's PHP Guestbook XSS Vulnerability http://evuln.com/vulns/104/summary.html --------------------Summary---------------- eVuln ID: EV0104 CVE: CVE-2006-1256 Software: Skull-Splitter's PHP Guestbook Sowtware's Web Site: http://www.boysen.be/ Versions: 2.6 2.7 Critic...

Jupiter CMS <= 1.1.5 multiple XSS attack vectors.

Jupiter CMS = 1.1.5 multiple XSS attack vectors. Discovered by: Nomenumbra/0x4F4C Date: 3/11/2006 impact:high privilege escalation,site defacement Jupiter CMS http://www.highstrike.net/ is a dynamic CMS system like mambo or limbo, allowing users to subscribe and posts events. Because no filtering...

Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS , to redirect the user to a page of your choice, to avoid suspicion and disclosure of your cookiestealer's location. This injections would allow an attacker to redirect users to a page of his choice, effectively defacing the page:...

ipb.2.1-english.txt

Fast translation of benji's advisory Author : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Product : Invision power board Version : 2.1 Tisk : Low. XSS I- XSS non critical: -------------------- 1. Input passed ...

Invision Power Board 2.1 : Multiple XSS Vulnerabilities

Fast translation of benji's advisory Author : benjilenoob WebSite : http://benji.redkod.org/ and http://www.redkod.org/ Audit in pdf : http://benji.redkod.org/audits/ipb.2.1.pdf Product : Invision power board Version : 2.1 Tisk : Low. XSS I- XSS non critical: -------------------- 1. Input passed ...

IlohaMail < 0.8.13 Email Header HTML Injection Vulnerability

IlohaMail does not properly sanitize message headers, leaving users vulnerable to cross-site scripting XSS attacks. For example, a remote attacker could inject Javascript code that steals the user SPDX-FileCopyrightText: 2004 George A. Theall Some text descriptions might be excerpted from a...

Horde 3.0 XSS Vulnerability

Horde is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2005 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2005-2688

Multiple cross-site scripting XSS vulnerabilities in SaveWebPortal 3.4 allow remote attackers to inject arbitrary web script or HTML via a large number of parameters to 1 footer.php, 2 header.php, 3 menudx.php, or 4 menusx.php, or Javascript code in the 5 HTTPREFERER referer or 6 HTTPUSERAGENT us...