3775 matches found
security flaw
Multiple buffer overflows in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, and SDK and JRE 1.3.118 and earlier allow attackers to develop Java applets that read, write, or execute...
DEBIAN-CVE-2006-6943
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to a scripts/checklang.php and b themes/darkblueorange/layout.inc.php; and via the 1 lang, 2 target, 3 db, 4 goto, 5 table, and 6 tblgroup array arguments to c index.php, and the 7 back argument t...
Fedora Core 5 : httpd-2.2.2-1.2 (2006-863)
This update fixes a security issue in the modrewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the modrewrite module. Where RewriteEngine was enabled, and for certain RewriteRules, this could lead to a pointer being written out o...
CVE-2007-0095
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblueorange/layout.inc.php, which reveals the path in an error message...
DEBIAN-CVE-2006-6497
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via...
Mozilla Layout Engine vulnerability
Overview A vulnerability exists in the Mozilla Layout Engine that may allow a remote attacker to compromise a vulnerable system. Description The Mozilla Layout Engine contains an unspecified vulnerability that may result in memory corruption. The impact of this memory corruption is unclear...
security flaw
Multiple unspecified vulnerabilities in the layout engine for Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, Thunderbird before 1.5.0.9, and SeaMonkey before 1.0.7 allow remote attackers to cause a denial of service memory corruption and crash and possibly execute arbitrary code via...
[SECURITY] [DSA 1227-1] New Mozilla Thunderbird packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1227-1 [email protected] http://www.debian.org/security/ Martin Schulze December 4th, 2006 http://www.debian.org/security/faq -...
Debian DSA-1227-1 : mozilla-thunderbird - several vulnerabilities
Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-4310 Tomas Kempinsky discovered that malformed FTP server responses could lead...
DSA-1227-1 mozilla-thunderbird
Bulletin has no description...
phpPC 1.04 - Multiple Remote File Inclusions
phpPC 1.04 - Multiple Remote File Inclusions phpPC 1.04 Multiples Remote File Inclusion Script : PHP Poll Creator Version : 1.04 Vendor URL : http://www.phppc.de Impact : Remote File Inclusion Discovered by : iss4m Contact : [email protected] Vulnerable code in poll.php...
phpPC <= 1.04 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. phpPC 1.04 Multiples Remote File Inclusion Script : PHP Poll Creator Version : 1.04 Vendor URL : http://www.phppc.de Impact : Remote File Inclusion Discovered by : iss4m Contact : [email protected] Vulnerable code in poll.php -------------------------------- ?ph...
phpPC <= 1.04 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ phpPC = 1.04 Multiple Remote File Inclusion Vulnerabilities ============================================================ phpPC 1.04 Multiples Remote File Inclusion Script : PHP...
Mozilla Firefox/SeaMonkey/Thunderbird多个远程安全漏洞
Mozilla Firefox/SeaMonkey/Thunderbird都是Mozilla发布的WEB浏览器和邮件新闻组客户端产品。 上述产品中存在多个安全漏洞,具体如下: 1 Mozilla产品中所捆绑的网络安全服务(NSS)库如果以指数3使用RSA密钥的话,就无法正确的处理签名中的额外数据,允许攻击者伪造SSL/TLS和邮件证书。这个漏洞是MFSA 2006-60中所报告RSA签名漏洞的变种。 2 攻击者可以在执行期间修改Script对象,导致执行任意JavaScript bytecode。 3...
DEBIAN-CVE-2006-5464
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash via unspecified vectors...
CVE-2006-5464
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash via unspecified vectors...
CVE-2006-5464
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash via unspecified vectors...
security flaw
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash via unspecified vectors...
security flaw
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.8, Thunderbird before 1.5.0.8, and SeaMonkey before 1.0.6 allow remote attackers to cause a denial of service crash via unspecified vectors...
Mozilla products contain several unspecified errors in the layout engine
Overview The Mozilla layout engine contains several unspecified vulnerabilities that may allow an attacker to execute arbitrary code or crash the vulnerable application. Description The Mozilla layout engine, also known as Gecko, is responsible for parsing HTML, XML, CSS, layout, and rendering...