5740 matches found
Fedora 15 : python-feedparser-5.0.1-1.fc15 (2011-4988)
Current release: 5.0.1 - February 20, 2011 - Fix issue 91 invalid text in XML declaration causes sanitizer to crash - Fix issue 254 sanitization can be bypassed by malformed XML comments - Fix issue 255 sanitizer doesn't strip unsafe URI schemes Previous release: 5.0 - January 25, 2011 - Improved...
CVE-2011-1691
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets CSS implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the 1 counterIncrement and 2 counterReset...
CVE-2011-1691
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets CSS implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the 1 counterIncrement and 2 counterReset...
Null pointer dereference
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets CSS implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the 1 counterIncrement and 2 counterReset...
CVE-2011-1691
The counterToCSSValue function in CSSComputedStyleDeclaration.cpp in the Cascading Style Sheets CSS implementation in WebCore in WebKit before r82222, as used in Google Chrome before 11.0.696.43 and other products, does not properly handle access to the 1 counterIncrement and 2 counterReset...
CVE-2011-1691
Removed by vendor...
MediaWiki 1.16.3之前版本存在多个远程漏洞
Bugtraq ID: 47354 MediaWiki是一套以GPL授权发行的Wiki引擎。 MediaWiki存在多个安全漏洞,允许恶意用户进行跨站脚本攻击和绕过部分安全限制。 -应用程序不正确防止部分浏览器如Internet Explorer 6基于查询URL结尾来猜测内容类型,可被利用注入和执行HTML,在目标用户浏览器上执行任意脚本代码。 -通过CSS评注传递的输入在显示给用户之前,wikitext解析器没有对其进行过滤,可被利用注入和执行HTML,在目标用户浏览器上执行任意脚本代码。 -transwiki导入功能没有正确限制表单发送访问,可被利用执行未授权远程资源导入。...
CVE-2011-1691
The CVE-2011-1691 issue affects WebKit’s CSS Core (CSSComputedStyleDeclaration.cpp) in WebCore, where counterToCSSValue mishandles access to counterIncrement and counterReset from getComputedStyle data. It permits remote attackers to trigger a denial-of-service (NULL pointer dereference and crash...
(Pwn2Own) Webkit CSS Text Element Count Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WebKit library's...
Joomla! Component joomlacontenteditor - Blind SQL Injection
Joomla! Component joomlacontenteditor - Blind SQL Injection =================================================================== joomlacontenteditor comjce BLIND sql injection vulnerability =================================================================== Software: joomlacontenteditor comjce...
CVE-2011-1492
steps/utils/modcss.inc in Roundcube Webmail before 0.5.1 does not properly verify that a request is an expected request for an external Cascading Style Sheets CSS stylesheet, which allows remote authenticated users to trigger arbitrary outbound TCP connections from the server, and possibly obtain...
CVE-2011-1492
CVE-2011-1492 affects Roundcube Webmail prior to 0.5.1. The issue is in steps/utils/modcss.inc, where requests for an external CSS stylesheet are not properly verified, allowing remote authenticated users to trigger arbitrary outbound TCP connections from the server and potentially obtain sensiti...
Google Chrome multiple vulnerabilities - March 11 (Linux)
The host is running Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnmar11lin.nasl 7015 2017-08-28 11:51:24Z teissa $ Google Chrome multiple vulnerabilities - March 11 Linux Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...
Google Chrome < 10.0.648.204 Multiple Vulnerabilities (Mar 2011) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 10.0.648.204 Multiple Vulnerabilities (Mar 2011) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 15 Update: roundcubemail-0.5.1-1.fc15
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
CVE-2011-1294
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...
CVE-2011-1294
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...
Null pointer dereference
Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...
CVE-2011-1294
Removed by vendor...