Firefox 3.6 < 3.6.7 Multiple Vulnerabilities

The installed version of Firefox 3.6.x is earlier than 3.6.7. Such versions are potentially affected by the following security issues : - Multiple memory safety bugs could result in memory corruption, potentially resulting in arbitrary code execution. MFSA 2010-34 - An error in DOM attribute...

firefox: cross-domain information disclosure

Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 permit cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which...

Mozilla Firefox 3.5.x < 3.5.11 Multiple Vulnerabilities

Binary data 5606.prm...

Firefox 3.6.x < 3.6.7 Multiple Vulnerabilities

Binary data 800780.prm...

Cross-domain data theft using CSS — Mozilla

Google security researcher Chris Evans reported that data can be read across domains by injecting bogus CSS selectors into a target site and then retrieving the data using JavaScript APIs. If an attacker can inject opening and closing portions of a CSS selector into points A and B of a target pag...

nsCSSValue::Array index integer overflow — Mozilla

Security researcher J23 reported via TippingPoint's Zero Day Initiative that an array class used to store CSS values contained an integer overflow vulnerability. The 16 bit integer value used in allocating the size of the array could overflow, resulting in too small a memory buffer being created...

Joomla RedShop 1.0.23.1 Blind SQL Injection

RedShop 1.0.23.1 Joomla Component Blind SQL Injection Vulnerability Name RedShop Vendor http://redweb.dk Versions Affected 1.0.23.1 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-07-13 X. INDEX I. ABOUT THE...

openSUSE Security Update : opera (openSUSE-SU-2010:0368-1)

Opera was upgraded to the 10.60 release. It brings lots of new features, bugfixes and security fixes. Security fixes include: CVE-2010-0653: Opera permits cross-origin loading of CSS style sheets even when the style sheet download has an incorrect MIME type and the style sheet document is...

Google Chrome multiple vulnerabilities - July 10

The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnjul10.nasl 5306 2017-02-16 09:00:16Z teissa $ Google Chrome multiple vulnerabilities - July 10 Authors: Madhuri D Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Joomla! Component redSHOP 1.0 - pid SQL Injection

Joomla! Component redSHOP 1.0 - pid SQL Injection / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...

Joomla! Component redSHOP 1.0 - &#039;pid&#039; SQL Injection

/ / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID ----------------------------------------------------------------------- Joomla...

Joomla! Component Minify4Joomla! - Arbitrary File Upload / Persistent Cross-Site Scripting

======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent XSS Vulnerability Date : july 9,2010 Critical Level : HIGH vendor URL...

Joomla! Component Minify4Joomla - Arbitrary File Upload Persistent Cross-Site Scripting

Joomla! Component Minify4Joomla - Arbitrary File Upload Persistent Cross-Site Scripting ======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent...

Minify4Joomla Cross Site Scripting

======================================================= Minify4Joomla Upload and Persistent XSS Vulnerability ======================================================= Name : Minify4Joomla Upload and Persistent XSS Vulnerability Date : july 9,2010 Critical Level : HIGH vendor URL...

Minify4Joomla Upload and Persistent XSS Vulnerability

Exploit for php platform in category web applications ===================================================== Minify4Joomla Upload and Persistent XSS Vulnerability ===================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /'...

Google Chrome 5.0.375.99更新修复多个安全漏洞

BUGTRAQ ID: 41334 CVE ID: CVE-2010-2645,CVE-2010-2646,CVE-2010-2647,CVE-2010-2648,CVE-2010-2649,CVE-2010-2650,CVE-2010-2651,CVE-2010-2652 Google Chrome是Google发布的开源WEB浏览器。 Chrome的5.0.375.99版本更新修复了多个安全漏洞，用户受骗访问恶意网页就可能导致拒绝服务或完全入侵用户系统。 1 在使用WebGL时Chrome中可能出现越界读访问错误。 2 Chrome没有正确地隔离沙盒中的IFRAME元素。 3...

Fedora 12 : mediawiki-1.15.3-53.fc12 (2010-6335)

This is a security and bugfix release of MediaWiki 1.15.3. Three security issues are fixed in this update: A CSS validation issue was discovered which allows editors to display external images in wiki pages. A data leakage vulnerability was discovered in thumb.php which affects wikis which restri...

Cisco CSS / ACE multiple security vulnerabilities

Certificate validation vulnerability, insufficient Web request validation...

CVE-2010-2651

The Cascading Style Sheets CSS implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2010-2629

The Cisco Content Services Switch CSS 11500 with software 8.20.4.02 and the Application Control Engine ACE 4710 with software A23.0 do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling...