9 matches found
EUVD-2016-6768
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2016-5833
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the columntitle function in wp-admin/includes/class-wp-media- list-table.php in WordPress before 4.5.3 allows remote...
thunderbird: Information Disclosure of /tmp directory listing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...
thunderbird: Information Disclosure of /tmp directory listing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...
thunderbird: Information Disclosure of /tmp directory listing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...
CVE-2016-5834
Cross-site scripting XSS vulnerability in the wpgetattachmentlink function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833...
UBUNTU-CVE-2016-5834
Cross-site scripting XSS vulnerability in the wpgetattachmentlink function in wp-includes/post-template.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5833...
CVE-2016-5833
Cross-site scripting XSS vulnerability in the columntitle function in wp-admin/includes/class-wp-media-list-table.php in WordPress before 4.5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted attachment name, a different vulnerability than CVE-2016-5834...
AL-Mail32 vulnerable to denial-of-service (DoS)
Overview AL-Mail32 provided by CREAR Corporation is an email client for Windows. AL-Mail32 contains a denial-of-service DoS vulnerability due to a flaw in processing attachments. Yosuka HASEGAWA of NetAgent Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer unde...