php: DoS when using HTTP proxy with the FTP wrapper

Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service application crash by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper...

DSA-2364-1 xorg - incorrect permission check

Bulletin has no description...

CVE-2011-4613

The X.Org X wrapper xserver-wrapper.c in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY...

CVE-2011-3365

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

Design/Logic Flaw

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

CVE-2011-3365

CVE-2011-3365 affects KDE Libraries (KDE SC) where the KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0–4.7.1 (and possibly earlier) renders certificate fields in a security dialog using the wrong font, allowing remote attackers to spoof the certificate's common name (CN) via rich text. Connected advis...

CVE-2011-3365

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

CVE-2011-3365

Removed by vendor...

[SECURITY] [DSA 2335-1] man2html security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2335-1 [email protected] http://www.debian.org/security/ Nico Golde November 5th, 2011 http://www.debian.org/security/faq -...

Debian DSA-2335-1 : man2html - missing input sanitization

Tim Starling discovered that the Debian-native CGI wrapper for man2html, a program to convert UNIX man pages to HTML, is not properly escaping user-supplied input when displaying various error messages. A remote attacker can exploit this flaw to conduct cross-site scripting XSS attacks...

[SECURITY] [DSA 2335-1] man2html security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2335-1 [email protected] http://www.debian.org/security/ Nico Golde November 5th, 2011 http://www.debian.org/security/faq -...

DSA-2335-1 man2html - missing input sanitization

Bulletin has no description...

RHEL 6 : php53 and php (RHSA-2011:1423)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1423 advisory. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A signedness issue was found in the way the PHP crypt...

RedHat Update for php53 and php RHSA-2011:1423-01

Check for the Version of php53 and php OpenVAS Vulnerability Test RedHat Update for php53 and php RHSA-2011:1423-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

RedHat Update for php53 and php RHSA-2011:1423-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

php: DoS when using HTTP proxy with the FTP wrapper

Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service application crash by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper...

kdelibs: input validation failure in KSSL

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

PT-2011-1143 · Kde +1 · Kdelibs +2

Name of the Vulnerable Software and Affected Versions: kdelibs versions 3.3.1 through 3.5.4 kdelibs versions prior to 4.12.5-r1 KDE SC versions 4.6.0 through 4.7.1 Description: The issue allows remote attackers to exploit vulnerabilities in the kdelibs package, potentially leading to a breach of...

Google Chrome v8 script object wrapper vulnerability

Google Chrome is an open source WEB browser. A security vulnerability exists in the v8 script object wrapper in Google Chrome, which can be exploited by remote attackers to cause a denial of service and other remote attacks...