[SECURITY] Fedora 12 Update: php-pear-Net-Traceroute-0.21.2-1.fc12

OS independent wrapper class for executing traceroute calls...

[SECURITY] Fedora 10 Update: slim-1.3.1-9.fc10

SLiM Simple Login Manager is a graphical login manager for X11. It aims to be simple, fast and independent from the various desktop environments. SLiM is based on latest stable release of Login.app by Per Lid=C3=A9n. In the distribution, slim may be called through a wrapper, slim-dynwm, which...

w3af (NASL wrapper)

This VT is deprecated. Copyright C 2009 Vlatko Kosturjak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it unde...

CVE-2009-2697

The Red Hat build script for the GNOME Display Manager GDM before 2.16.0-56 on Red Hat Enterprise Linux RHEL 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079...

Design/Logic Flaw

The Red Hat build script for the GNOME Display Manager GDM before 2.16.0-56 on Red Hat Enterprise Linux RHEL 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079...

CVE-2009-2697

The Red Hat build script for the GNOME Display Manager GDM before 2.16.0-56 on Red Hat Enterprise Linux RHEL 5 omits TCP Wrapper support, which might allow remote attackers to bypass intended access restrictions via XDMCP connections, a different vulnerability than CVE-2007-5079...

Adobe Flex 3.3 Cross Site Scripting

================================================== Adobe Flex 3.3 SDK DOM-Based XSS Public Release Date: 8/19/2009 Adam Bixby - Gotham Digital Science Affected Software: Adobe Flex 3.3 SDK and earlier ================================================== 1. Summary...

MDVA-2009:144 : libv4l

This update addresses the issue of urpmi preventing installation of both i586/x8664 versions of libv4l wrappers Mandriva bug 45316. Updated packages are provided to fix this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security...

Mozilla Foundation Security Advisory 2009-46

Mozilla Foundation Security Advisory 2009-46 Title: Chrome privilege escalation due to incorrectly cached wrapper Impact: Critical Announced: August 3, 2009 Reporter: Wladimir Palant, mozbugra4 Products: Firefox 3.5 Fixed in: Firefox 3.5.2 Description Mozilla add-on developer and community member...

Mozilla Firefox Chrome Privilege Escalation Vulnerability Aug-09 (Linux)

This host is installed with Mozilla Firefox and is prone to Chrome Privilege Escalation vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxchromeprivescvulnaug09lin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox Chrome Privilege Escalation Vulnerability Aug-09 Linux Authors: Sharath...

Chrome privilege escalation due to incorrectly cached wrapper — Mozilla

Mozilla add-on developer and community member Wladimir Palant reported broken functionality on pages that had a Link: HTTP header when an add-on was installed which implemented a Content Policy in JavaScript, such as AdBlock Plus or NoScript. Mozilla security researcher mozbugra4 demonstrated tha...

CVE-2009-2472

Affected software: Mozilla Firefox before 3.0.12 (as per CVE-2009-2472). Issue: during object construction, Firefox did not always use XPCCrossOriginWrapper, allowing bypass of the Same Origin Policy and enabling cross-site scripting (XSS) via a crafted document. Impact: potential XSS vulnerabili...

Mozilla multiple cross origin wrapper bypasses

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

CVE-2009-2472

Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting XSS attacks via a crafted document, related to a "cross origin wrapper bypass."...

CVE-2009-1201

Eval injection vulnerability in the cscowrapjs function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances ASA device with software 8.04, 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting XSS attacks by setting CSCOWebVPN'process...

CVE-2009-1201

Eval injection vulnerability in the cscowrapjs function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances ASA device with software 8.04, 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting XSS attacks by setting CSCOWebVPN'process...

[SECURITY] Fedora 9 Update: gtkmozembedmm-1.4.2.cvs20060817-30.fc9

This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...

Race condition while accessing the private data of a NPObject JS wrapper class object — Mozilla

Jakob Balle and Carsten Eiram of Secunia Research reported a race condition in NPObjWrapperNewResolve when accessing the properties of a NPObject, a wrapped JSObject. Balle and Eiram demonstrated that this condition could be reached by navigating away from a web page during the loading of a Java...

nfs-utils security and bug fix update

1.0.6-93.EL4 - Updated the tcpwrapper code to handle hostnames bz 467312 1.0.6-92.EL4 - Rebuilt to fix tcpwrapper dependency on x8664 archs. 1.0.6-91.EL4 - Added a run-time dependency on the tcpwrapper package. 1.0.6-90.EL4 - Fixed lockd not using settings in sysconfig/nfs bz 461043 - Fixed...

Nortel Contact Center Manager - Administration Password Disclosure

source: https://www.securityfocus.com/bid/34964/info Nortel Contact Center Manager Administration is prone to a password-disclosure vulnerability caused by a design error. Attackers can exploit this issue to gain access to the 'sysadmin' password. Successfully exploiting this issue may lead to...