3947 matches found
CVE-2011-0083
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Design/Logic Flaw
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
[USN-1158-1] curl vulnerabilities
========================================================================== Ubuntu Security Notice USN-1158-1 June 24, 2011 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : curl vulnerabilities (USN-1158-1)
Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client's security credential. CVE-2011-2192 Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount ...
CVE-2011-2363
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Ubuntu Update for curl USN-1158-1
Ubuntu Update for Linux kernel vulnerabilities USN-1158-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11581.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for curl USN-1158-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
CVE-2011-0083
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)
Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...
CVE-2011-1714
Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...
tudou.com UTF7-BOM Cross Site Scripting
xss attacks through utf7-BOM string injection the beginning of the utf-7 BOM chascter is from Gareth Heyes's paper 《XSS Lightsabre techniques》 ---------------------start---------------------------------- CSS expressions with UTF-7 • UTF-7 BOM character can force UTF-7 in a external style sheet •...
CVE-2010-3269
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted 1 .wrf or 2 .arf file, related to use of a function pointer in a...
Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability (941693)
This host is missing a critical security update according to Microsoft Bulletin MS08-025. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Memory corruption
Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...
PT-2010-5383 · Cisco · Clamav
Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.96.5 Description: The issue is related to an off-by-one error in the icon cb function in pe icons.c in libclamav. This error can be exploited by remote attackers to cause a denial of service, resulting in memory...
Fedora 12 : php-pear-CAS-1.1.3-1.fc12 (2010-15970)
This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...