Memory corruption

The Cascading Style Sheets CSS implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2010-2651

Removed by vendor...

CVE-2010-2651

The Cascading Style Sheets CSS implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

CVE-2010-2651

CVE-2010-2651 affects Google Chrome’s CSS rendering in versions before 5.0.375.99, where improper style rendering could allow remote attackers to trigger memory corruption (DoS or other impact) via unknown vectors. Documented in OpenVAS/Ubuntu USN entries and the Chrome 5.0.375.99 update (July 20...

CVE-2010-1576

Mode C Vulnerability: CVE-2010-1576 affects Cisco CSS 11500 (pre-8.20.4.02) and Cisco ACE 4710 (pre-A2(3.0)); the issue is improper handling of HTTP header end-of-line sequences (LF, CR, LFCR vs CRLF), enabling header insertion bypass and HTTP request smuggling via crafted headers (e.g., ClientCe...

CVE-2010-1575

CVE-2010-1575 affects Cisco CSS 11500 (software 08.20.1.01) and Cisco ACE; root cause is weak enforcement of HTTP ClientCert-* headers during SSL termination, leaving room for an attacker to spoof client certificates and impersonate other users. Impact, as described, is potential authentication b...

CVE-2010-1575

The Cisco Content Services Switch CSS 11500 with software 08.20.1.01 conveys authentication data through ClientCert- headers but does not delete client-supplied ClientCert- headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a...

CVE-2010-2629

CVE-2010-2629 and CVE-2010-1576 describe HTTP header handling flaws in Cisco CSS 11500 and ACE 4710, enabling HTTP request smuggling via LF/CRLF header terminators and potential header spoofing of ClientCert-* fields when GET lines are CRLF-terminated and mixed newline sequences occur. The issue ...

CVE-2010-2651

The Cascading Style Sheets CSS implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

UBUNTU-CVE-2010-2651

The Cascading Style Sheets CSS implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

Google Chrome < 5.0.375.99 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 5.0.375.99. It therefore is reportedly affected by multiple vulnerabilities : - An unspecified error allows an out-of-bounds read with WebGL. Issue 42396 - An unspecified error exists in the process of isolating sandboxed...

Google Chrome < 5.0.375.99 Multiple Vulnerabilities

Binary data 5591.pasl...

Google Chrome < 5.0.375.99 Multiple Vulnerabilities

Binary data 800949.prm...

Multiple Cisco CSS / ACE Client Certificate And HTTP Header Manipulation Vulnerabilities

Virtual Security Research, LLC. http://www.vsecurity.com/ Security Advisory -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Multiple Cisco CSS / ACE Client Certificate and HTTP Header Manipulation Vulnerabilities Release Date: 2010-07-02 Application:...

Cisco CSS Content Services Switch and ACE Application Control Engine HTTP SSL Header Spoofing Vulnerability

Cisco CSS Content Services Switch CSS, SSL Services Module SSLM, and ACE Application Control Engine ACE contain a vulnerability that could allow an authenticated, remote attacker to insert spoofed SSL headers into HTTP requests. The vulnerability exists because the affected products weakly enforc...

PenPals 1.0 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

MediaWiki 1.15.x < 1.15.4, 1.16.x < 1.16 beta 3 XSS and CSRF Vulnerabilities

MediaWiki is prone to cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2010-2264

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages...

CVE-2010-2264

The vulnerability CVE-2010-2264 affects the CSS :visited handling in WebKit-based Safari. Affected software: Safari before 5.0 on Mac OS X 10.5–10.6 and Windows, and Safari before 4.1 on Mac OS X 10.4. Root cause: the :visited pseudo-class is not properly handled by CSS in WebKit, enabling remote...

CVE-2010-2264

Removed by vendor...