Lucene search
K

4358 matches found

UbuntuCve
UbuntuCve
added 2009/09/10 12:0 a.m.41 views

CVE-2009-3077

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...

9.3CVSS7.6AI score0.04623EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2009/09/10 12:0 a.m.29 views

Firefox 3.5.x < 3.5.3 Multiple Vulnerabilities

The installed version of Firefox 3.5 is earlier than 3.5.3. Such versions are potentially affected by the following security issues : - Multiple memory corruption vulnerabilities could potentially allow arbitrary code execution. MFSA 2009-47 - The columns of a XUL tree element can manipulated in ...

10CVSS7.6AI score0.05269EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2009/09/10 12:0 a.m.48 views

Firefox < 3.0.14 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.14. Such versions are potentially affected by the following security issues : - Multiple memory corruption vulnerabilities could potentially allow arbitrary code execution. MFSA 2009-47 - An insufficient warning message is displayed when adding...

10CVSS7.7AI score0.06724EPSS
Exploits4References14
RedHat Linux
RedHat Linux
added 2009/09/09 11:49 p.m.4 views

Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...

9.3CVSS7.8AI score0.04623EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/09/09 11:48 p.m.6 views

Firefox 3.5.3 3.0.14 TreeColumns dangling pointer vulnerability

Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...

9.3CVSS7.8AI score0.04623EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/08/13 3:30 p.m.3 views

kernel: cifs: memory overwrite when saving nativeFileSystem field during mount

Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service crash via a long nativeFileSystem field in a Tree Connect response to an SMB mount request...

7.8CVSS6.2AI score0.04268EPSS
Exploits0References4
NVD
NVD
added 2009/07/22 6:30 p.m.19 views

CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

10CVSS7.8AI score0.1323EPSS
Exploits1References17
Prion
Prion
added 2009/07/22 6:30 p.m.16 views

Memory corruption

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

10CVSS8.2AI score0.1323EPSS
Exploits1References17Affected Software3
Cvelist
Cvelist
added 2009/07/22 6:0 p.m.28 views

CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

9.1AI score0.1323EPSS
Exploits1References17
RedHat Linux
RedHat Linux
added 2009/07/22 12:27 a.m.3 views

Mozilla crash with multiple RDFs in XUL tree

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

10CVSS6.2AI score0.1323EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2009/07/22 12:0 a.m.33 views

CVE-2009-2464

The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to loading multip...

10CVSS6.2AI score0.1323EPSS
Exploits1References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/07/01 8:53 a.m.2 views

Tree BBS from Let's PHP! vulnerable to cross-site scripting

Overview Tree BBS from Let's PHP! contains a cross-site scripting vulnerability. Tree BBS from Let's PHP! is a tree-structured bulletin board software. Tree BBS contains a cross-site scripting vulnerability. Yoshinori Ohta of Business Architects Inc. reported this vulnerability to IPA. JPCERT/CC...

4.3CVSS6AI score0.01033EPSS
Exploits0References6
NVD
NVD
added 2009/06/26 3:30 p.m.18 views

CVE-2009-2226

Cross-site scripting XSS vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.7AI score0.01033EPSS
Exploits0References4
Prion
Prion
added 2009/06/26 3:30 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01033EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2009/06/26 3:0 p.m.41 views

CVE-2009-2226

CVE-2009-2226 concerns Tree BBS from Let’s PHP! (prototype 2004/11/23 and earlier). The vulnerability is a cross-site scripting (XSS) flaw that could allow remote attackers to execute arbitrary script/HTML in a user’s browser via unspecified vectors. Affected software is Tree BBS from Let’s PHP!,...

4.3CVSS5.8AI score0.01033EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2009/06/26 3:0 p.m.24 views

CVE-2009-2226

Cross-site scripting XSS vulnerability in Let's PHP! Tree BBS 2004/11/23 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.7AI score0.01033EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/06/25 3:7 p.m.5 views

Firefox 2 and 3 Layout engine crash

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...

5CVSS5.9AI score0.01761EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/06/25 2:54 p.m.5 views

Firefox 2 and 3 Layout engine crash

The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service application crash and possibly trigger memory corruption via vectors related to nsSVGElement::BindToTree...

5CVSS5.9AI score0.01761EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/06/25 12:0 a.m.42 views

JVN#93827000 Tree BBS from Let's PHP! vulnerable to cross-site scripting

Tree BBS from Let's PHP! is a tree-structured bulletin board software. Tree BBS contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by t...

4.3CVSS5.9AI score0.01033EPSS
Exploits0
Cvelist
Cvelist
added 2009/06/16 7:0 p.m.18 views

CVE-2009-2078

Multiple cross-site scripting XSS vulnerabilities in Booktree 5.x before 5.x-7.3 and 6.x before 6.x-1.1, a module for Drupal, allow remote attackers to inject arbitrary web script or HTML via the 1 node title and 2 node body in a tree root page...

5.8AI score0.01065EPSS
Exploits0References5
Rows per page
Query Builder