7422 matches found
[SA15477] iCab Dialog Origin Spoofing Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Microsoft Agent Trusted Content Spoofing Vulnerability
Description Microsoft Agent is prone to a vulnerability that could allow a malicious website to spoof trusted content. This could result in a user downloading and executing malicious files thinking they are safe. Technologies Affected Microsoft Windows 2000 Advanced Server Microsoft Windows 2000...
Microsoft Internet Explorer Unspecified DigWebX ActiveX Control Vulnerability
Description Microsoft Internet Explorer is prone to an unspecified vulnerability in the DigWebX ActiveX control. The vendor has not released any further information about this vulnerability other than to state the "kill bit" has been set on unsupported versions of the control. Technologies Affect...
MS05-029: Vulnerability in Exchange Server 5.5 Outlook Web Access XSS (895179)
The remote host is running a version of the Outlook Web Access that is affected by a cross-site scripting flaw. This vulnerability could allow an attacker to convince a user to run a malicious script. If this malicious script is run, it would execute in the security context of the user. Attempts ...
USN-138-1: gedit vulnerability
A format string vulnerability has been discovered in gedit. Calling the program with specially crafted file names caused a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the gedit user. This becomes security relevant if e. g. your web browser is configu...
Cerberus Helpdesk 0.97.32.6.1 - Multiple Cross-Site Scripting Vulnerabilities
Cerberus Helpdesk 0.97.32.6.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/13897/info Cerberus Helpdesk is affected by various cross-site scripting vulnerabilities. These issues could permit a remote attacker to create a malicious URI link that include...
Cerberus Helpdesk 0.97.3/2.6.1 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/13897/info Cerberus Helpdesk is affected by various cross-site scripting vulnerabilities. These issues could permit a remote attacker to create a malicious URI link that includes hostile HTML and script code. If this link were to be followed, the hostile...
devhelp, mozilla security update
CentOS Errata and Security Advisory CESA-2005:435 Updated mozilla packages that fix various security bugs are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 24 May 2005 This erratum now includes updated devhelp packages...
Important: Red Hat Security Advisory: mozilla security update
Updated mozilla packages that fix various security bugs are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 24 May 2005 This erratum now includes updated devhelp packages which are required to satisfy a dependancy on...
CVE-2004-2083
Summary: Opera Web Browser 7.0–7.23 is affected by a file-download extension spoofing flaw. When a malicious site provides a downloadable file, the filename may embed a CLSID that makes the file appear as a trusted type, tricking users into executing it. This can lead to arbitrary code execution ...
CVE-2004-2083
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."...
galeon, mozilla security update
CentOS Errata and Security Advisory CESA-2005:384-01 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073786.html Affected packages: galeon mozilla mozilla-chat mozilla-devel mozilla-dom-inspector mozilla-js-debugger mozilla-mail mozilla-nspr...
mozilla security update
CentOS Errata and Security Advisory CESA-2005:384 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073779.html https://lists.centos.org/pipermail/centos-announce/2005-April/073780.html...
RHEL 2.1 / 3 : Mozilla (RHSA-2005:384)
Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bu...
mozilla security update
CentOS Errata and Security Advisory CESA-2005:386 Updated mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup...
Important: Red Hat Security Advisory: Mozilla security update
Updated mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Vladimir V...
Important: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Vladimir V. Perepelitsa discovered a bug in the way Firefox handles...
JVN#97757029 w3ml cross-site scripting vulnerability
Impact An arbitrary script could be executed on the user's web browser which may allow an attacker to steal cookie information. Solution Products Affected w3ml-0.4-20020625 and earlier...
Firefox < 1.0.3 Multiple Vulnerabilities
The remote version of this software contains various security issues that may allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. if NASLLEVEL 3004 exit1; include"compat.inc"; ifdescription scriptid18064; scriptversion"1.22"; scriptcveid "CVE-2005-0752...
Microsoft Internet Explorer DHTML Object Race Condition Memory Corruption Vulnerability
Description A vulnerability in Microsoft Internet Explorer may allow remote attackers to execute arbitrary code in the context of users visiting malicious Web sites. This issue presents itself the affected application attempts to process certain script objects, a race condition may lead to the...