Ubuntu Update for curl USN-1158-1

Ubuntu Update for Linux kernel vulnerabilities USN-1158-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11581.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for curl USN-1158-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

CVE-2011-2363

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

CVE-2011-0083

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

Mozilla Multiple dangling pointer vulnerabilities (MFSA 2011-23)

Use-after-free vulnerability in the nsSVGPathSegList::ReplaceItem function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

CVE-2011-1714

Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...

tudou.com UTF7-BOM Cross Site Scripting

xss attacks through utf7-BOM string injection the beginning of the utf-7 BOM chascter is from Gareth Heyes's paper 《XSS Lightsabre techniques》 ---------------------start---------------------------------- CSS expressions with UTF-7 • UTF-7 BOM character can force UTF-7 in a external style sheet •...

CVE-2010-3269

Multiple stack-based buffer overflows in the Cisco WebEx Recording Format WRF and Advanced Recording Format ARF Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted 1 .wrf or 2 .arf file, related to use of a function pointer in a...

Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability (941693)

This host is missing a critical security update according to Microsoft Bulletin MS08-025. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Memory corruption

Off-by-one error in the iconcb function in peicons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third...

PT-2010-5383 · Cisco · Clamav

Name of the Vulnerable Software and Affected Versions: ClamAV versions prior to 0.96.5 Description: The issue is related to an off-by-one error in the icon cb function in pe icons.c in libclamav. This error can be exploited by remote attackers to cause a denial of service, resulting in memory...

Fedora 12 : php-pear-CAS-1.1.3-1.fc12 (2010-15970)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...

Fedora 13 : php-pear-CAS-1.1.3-1.fc13 (2010-15943)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...

Fedora 14 : php-pear-CAS-1.1.3-1.fc14 (2010-15796)

This release contains 3 security fixes for vulnerabilities in the proxy callback mechanism. These vulnerabilities only affect phpCAS clients that are running in proxy mode. The release is fully compatible with all versions 1.1.x versions. The changes are : Security Issue - CVE-2010-3690 phpCAS: X...

CVE-2010-3692

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU PGTiou parameter...

CVE-2010-3690

Multiple cross-site scripting XSS vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Proxy Granting Ticket IOU PGTiou parameter to the callback function in client.php, 2 vectors involving functions that...