SuSE 11 Security Update : MozillaFirefox, MozillaFirefox-branding-upstream, etc (SAT Patch Number 2254)

Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed...

Mosets Tree 2.1.6 Cross Site Request Forgery

'; / page - any one of: pageaddCategory pageaddListing pageadvSearchRedirect pageadvSearchResults pageadvSearch pageclaim pageconfirmDelete pagecontactOwner pageerrorListing pageerror pagegallery pageimage pageindex pagelistAlpha pagelisting pagelistListings pageownerListing pageprint pagerecomme...

Mosets Tree 2.1.6 (Joomla) Template Overwrite CSRF

Exploit for php platform in category web applications ================================================== Mosets Tree 2.1.6 Joomla Template Overwrite CSRF ================================================== '; / page - any one of: pageaddCategory pageaddListing pageadvSearchRedirect...

Fedora Update for monotone FEDORA-2010-16902

Check for the Version of monotone OpenVAS Vulnerability Test Fedora Update for monotone FEDORA-2010-16902 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Authentication flaw

The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not require authentication, which allows remote attackers to modify the server configuration via a request to palette.do...

CVE-2010-3896

CVE-2010-3896 affects IBM OmniFind Enterprise Edition 8.x/9.x. The vulnerability is lack of authentication in the ESSearchApplication area, enabling a remote attacker to modify server configuration via palette.do. The connected advisory set lists related issues (XSS, XSRF, session issues, etc.) a...

XAMPP 1.7.3 Cross Site Scripting / File Disclosure

/ / / / / // | / // \ | / / / / / /// / / / / / / / // / / / |/ / // / ,'; if $REQUEST'showcode' != 1 echo ''.$TEXT'global-showcode'.''; else $file = filegetcontentsbasename$SERVER'PHPSELF'; echo "".$TEXT'global-sourcecode'.""; echo ""; echo htmlspecialchars$file; echo ""; ? showcode.php relies...

openSUSE Security Update : MozillaThunderbird (MozillaThunderbird-3154)

Mozilla Thunderbird 3.0 was updated to version 3.0.7, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6979)

Mozilla Firefox was updated to version 3.5.9 fixing lots of bugs and security issues. The following security issues were fixed : - Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed...

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 6563)

This update brings the Mozilla Firefox 3.5 webbrowser to version 3.5.3, the Mozilla XULRunner 1.9.0 engine to the 1.9.0.14 stable release, and the Mozilla XULRunner 1.9.1 engine to the 1.9.1.3 stable release. It also fixes various security issues : - Mozilla developers and community members...

CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...

Design/Logic Flaw

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...

CVE-2010-1824

Removed by vendor...

CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...

CVE-2010-1824

CVE-2010-1824 is a use-after-free vulnerability in WebKit used by Apple iTunes (Windows), Safari, and Chrome up to version 6.0.472.59. The flaw is triggered via SVG styles, the DOM tree, and error messages, allowing remote attackers to execute arbitrary code or cause a denial of service. The prov...

CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...

UBUNTU-CVE-2010-1824

Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, the DOM tree, and error messages...

openSUSE Security Update : seamonkey (openSUSE-SU-2010:0632-2)

Mozilla SeaMonkey 2.0 was updated to version 2.0.8, fixing various bugs and security issues. Following security issues were fixed: MFSA 2010-49 / CVE-2010-3169: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based product...

Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability

Exploit for php platform in category web applications ============================================================= Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability ============================================================= Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell...

Joomla Mosets Tree 2.1.5 Shell Upload

Exploit Title: Joomla Component Mosets Tree 2.1.5 Shell Upload Vulnerability Date: 6 September 2010 Author: jdc Software Link: http://www.mosets.com/tree/ Version: 2.1.5 Patched: 2.1.6 Tested on: PHP5, MySQL5 Mosets Tree suffers from a shell upload vulnerabilty caused by improperly checking the...