227 matches found
KLA11515 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, perform cross-site scripting attack, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete...
openSUSE Security Update : openssh (openSUSE-2019-1602)
This update for openssh fixes the following issues : Security vulnerabilities addressed : - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
Security update for openssh (moderate)
openSUSE Security Update: Security update for openssh Announcement ID: openSUSE-SU-2019:1602-1 Rating: moderate References: 1065237 1090671 1119183 1121816 1121821 1131709 Cross-References: CVE-2019-6109 CVE-2019-6111 Affected Products: openSUSE Leap 42.3 An update that solves two vulnerabilities...
SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2019:1524-1)
This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...
SUSE-SU-2019:1524-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
Amazon Linux 2 : openssh (ALAS-2019-1216)
An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented. A...
MGASA-2019-0156 Updated openssh packages fix security vulnerabilities
Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred CVE-2019-6109. Due to scp client insufficient...
Updated openssh packages fix security vulnerabilities
Updated openssh packages fix security vulnerabilities: Due to missing character encoding in the progress display, the object name can be used to manipulate the client output, for example to employ ANSI codes to hide additional files being transferred CVE-2019-6109. Due to scp client insufficient...
EulerOS 2.0 SP5 : openssh (EulerOS-SA-2019-1324)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle...
Same-Origin Policy Bypass
Mozilla Firefox is vulnerable to same-origin policy bypass. Using a flaw found in the way Firefox rendered web content with missing character encoding information, it bypasses same-origin inheritance and perform cross-site scripting XSS attacks...
Cross Site Scripting (XSS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Remote Code Execution (RCE)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
Cross Site Scripting (XSS)
Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...
SUSE SLES11 Security Update : openssh (SUSE-SU-2019:14030-1)
This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...
SUSE-SU-2019:14030-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
SUSE SLES12 Security Update : openssh (SUSE-SU-2019:0941-1)
This update for openssh fixes the following issues : Security vulnerabilities addressed : CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. CVE-2019-611...
SUSE-SU-2019:14016-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...
Debian DLA-1728-1 : openssh security update
Multiple scp client vulnerabilities have been discovered in OpenSSH, the premier connectivity tool for secure remote shell login and secure file transfer. CVE-2018-20685 In scp.c, the scp client allowed remote SSH servers to bypass intended access restrictions via the filename of . or an empty...
OPENSUSE-SU-2019:0307-1 Security update for openssh
This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...
openSUSE Security Update : openssh (openSUSE-2019-307)
This update for openssh fixes the following issues : Security vulnerabilities addressed : - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816 -...