Cross site scripting

Cross-site scripting XSS vulnerability in Attachmate Reflection for the Web 2008 R2 builds 10.1.569 and earlier, 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4146

Cross-site scripting XSS vulnerability in Attachmate Reflection for the Web 2008 R2 builds 10.1.569 and earlier, 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-4146

CVE-2010-4146 describes a cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds ≤10.1.569) and in Reflection for the Web 2008 R1 and 9.6 and earlier. The issue permits remote attackers to inject arbitrary web script or HTML via unspecified vectors. The Conn...

Attachmate Reflection for the Web cross site scripting vulnerability

Overview Attachmate Reflection for the Web contains a non-persistent cross site scripting vulnerability. Description The following versions of Attachmate's Reflection for the Web products are vulnerable to a non-persistent cross site scripting vulnerability. Reflection for the Web 2008 R2 builds...

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

Design/Logic Flaw

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

CVE-2010-3553

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

CVE-2010-3553

Technical details for CVE-2010-3553 are not publicly available in the provided connected documents. Please monitor for updated advisories that disclose affected products, vulnerabilities, remediation, or exploitation information.

CVE-2010-3553

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

CentOS 5 : java-1.6.0-openjdk (CESA-2010:0768)

Updated java-1.6.0-openjdk packages that fix several security issues and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

OpenJDK corba reflection vulnerabilities (6891766,6925672)

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

RHEL 5 : java-1.6.0-openjdk (RHSA-2010:0768)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0768 advisory. These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. defaultReadObject of the...

OpenJDK corba reflection vulnerabilities (6891766,6925672)

Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

OpenJDK Swing unsafe reflection usage (6622002)

Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the Octobe...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6735)

The Mozilla Firefox was updated to version 3.5.6, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption rv:1.9.1.6. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3980 / CVE-2009-3982 - bmo504843,bmo523816 Memory safety fixes in...

SuSE 10 Security Update : XULRunner (ZYPP Patch Number 6734)

The Mozilla XULRunner engine was updated to version 1.9.0.16, fixing lots of bugs and various security issues. The following issues were fixed : - Crashes with evidence of memory corruption 1.9.0.16. MFSA 2009-65 / CVE-2009-3979 / CVE-2009-3981 - bmo487872 NTLM reflection vulnerability. MFSA...

ecshop modify any user password vulnerability XSS exploit-vulnerability warning-the black bar safety net

Currently ecshop presence of the reflection typeXSS, you can use, if the secondary development existXSSor other CSRF problem, then use more. Once encountered this problem, slightly affected by its damage） ByXSSstructure post submission of personal information is modified, the modification is...

Reflection X r2axctrl.ocx ActiveX控件ControlID参数缓冲区溢出漏洞

BUGTRAQ ID: 40243 Reflection X用于将Windows用户连接到UNIX、Linux、OpenVMS和Unixys系统上基于图形和字符应用程序。 Reflection X产品所安装的r2axctrl.ocx ActiveX控件没有正确地验证用户所提交的ControlID参数，用户受骗访问了恶意网页并传送了超长的字符串参数就可以触发缓冲区溢出，导致拒绝服务或执行任意代码。 Attachmate Reflection X 14.0 Attachmate Reflection X 13.0 Attachmate Reflection Standard Suite 20...

SuSE9 Security Update : epiphany (YOU Patch Number 12616)

This update brings Mozilla SeaMonkey to 1.1.19 fixing various bugs and security issues. The following security issues are fixed : - Mozilla developers took fixes from previously fixed memory safety bugs in newer Mozilla-based products and ported them to the Mozilla 1.8.1 branch so they can be...