609 matches found
CVE-2011-2953
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an...
Design/Logic Flaw
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an...
CVE-2011-2953
An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via unknown vectors, related to an...
Fedora Update for icedtea-web FEDORA-2011-9541
Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2011-9541 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Flash Player < 10.3.181.22 XSS (APSB11-13)
An unspecified cross-site scripting vulnerability exists in versions of Flash Player earlier than 10.3.181.22 10.3.181.23 for ActiveX. An attacker may be able to leverage this issue to inject and execute arbitrary HTML and script code in a user's browser. %NASLMINLEVEL 70300 C Tenable Network...
Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...
Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib componen...
WordPress Sermon Browser Plugin 0.43 - Cross-Site Scripting and SQL Injection Vulnerabilities
There are several vulnerabilities in this plugin. The first is a cross-site scripting vulnerability and the second is an SQL injection vulnerability. These issues allow an attacker to steal cookie-based authentication credentials, modify data, or compromise the access. Solution Update the plugin...
MDVA-2011:010 : djvulibre
Various problems were discovered with the DJVULibre firefox browser-plugin: Browser plugin from dejavulibre is obsolete and was causing browser crashes when viewing DJVU content. This browser plugin is now disabled, mozilla-plugin-dejavu should now be used. Djvulibre crashed when converting DJVU...
Google Releases Permanent Opt-Out Extension For Chrome
Google has delivered a new tool that enables Chrome users to permanently opt out of ad-tracking cookies in the company’s browser. The new extension gives users the ability to make their choices about not being tracked by online advertisers permanent, at least in Google Chrome. The move by Google ...
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...
Novell iPrint Client Browser Plugin embed Tag Parameter Buffer Overflow
Added: 01/03/2011 CVE: CVE-2010-4314 BID: 45301 OSVDB: 66959 Background Novell iPrint is an application which allows users to install and manage printers. Problem A buffer overflow vulnerability in Novell iPrint browser plugin allows command execution when a user loads a web page with an overly...
Novell iPrint Client Netscape Plugin call-back-url Parameter Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. Authentication is not required to exploit this vulnerability. The flaw exists within the npnipp.dll Mozilla browser plugin for iPrint client. When assembling a URL using the...
Plugin, FireSheep, Lays Open Web 2.0 Insecurity
HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...
Design/Logic Flaw
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1 allows remote attackers to arguments to the RecordClip method, which allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via a "...
CVE-2010-3749
The CVE-2010-3749 flaw affects RealNetworks RealPlayer 11.0–11.1 and RealPlayer SP 1.0–1.1, in the browser-plugin/ActiveX implementation for the RecordClip method. A specific argument containing a double-quote enables parameter injection that allows remote code execution: an attacker can craft a ...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow (CVE-2010-3552)
Java Technology is a programming platform which aims to provide a system for developing and deploying cross-platform applications. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML file with Internet Explorer, which will allow execution of arbitrar...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...
Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
Added: 10/15/2010 CVE: CVE-2010-3552 BID: 44023 Background Oracle Java SE and Java for Business are development platforms for developing and deploying Java applications. They include the Java SE Development Kit JDK and the Java Runtime Environment JRE. The JRE provides the minimum requirements fo...