openSUSE Security Update : mediawiki (openSUSE-SU-2010:0154-1)

MediaWiki was prone to a CSS validation flaw and data leakage vulnerability CVE-2010-1189, CVE-2010-1190. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mediawiki-2356. The text description o...

DynPG CMS Multiple Remote File Inclusion Vulnerability

fucking the Web Apps attack edition / / / / L /' / , / / /' , / /' /' / /' / / / / / / L / / / // // // ///////////L // ////// // // Hack0wn! Security Project / /&...

Internet Explorer HTML CSS Tag Rendering Memory Corruption (MS10-018; CVE-2010-0807)

A remote code execution vulnerability has been reported in Internet Explorer. The vulnerability is due to the way Internet Explorer accesses an object that has been deleted. To trigger this issue, an attacker may create a malicious web page that will cause Internet Explorer to exit unexpectedly...

DynPG CMS v4.1.0 Multiple Vulnerabilities

Exploit for php platform in category web applications ========================================= DynPG CMS v4.1.0 Multiple Vulnerabilities ========================================= +Title : DynPG CMS Multiple Remote File Inclusion Vulnerability +Version: 4.1.0 Other or lower versions may also be...

DynPG CMS 4.1.0 - Multiple Vulnerabilities

DynPG CMS v4.1.0 Multiple Vulnerability fucking the Web Apps attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \\ \ \ \ \ \ \ \ \ \\ \ \ \...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Input validation

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

CVE-2010-1189

MediaWiki prior to 1.15.2 is affected by a CSS validation issue that allows editors to link to images on attacker‑controlled sites, enabling collection of IP addresses and other user information. The root cause is the CSS validation check not preventing this behavior. Impact is limited to disclos...

CVE-2010-1189

MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue."...

Mozilla to Fix CSS History Leak Soon

The developers at Mozilla soon will be adding a new privacy enhancement to the Firefox browser that will help prevent attackers and the operators of third-party Web sites from seeing which other sites a user has visited. The technology is meant to address one of the older privacy problems on the...

Mozilla Firefox缓存XUL样式表更改浏览器UI漏洞

BUGTRAQ ID: 38922 CVECAN ID: CVE-2010-0169 Firefox是一款流行的开源WEB浏览器。 远程XUL文档所使用的样式表可能会污染用户的XUL缓存，而浏览器Chrome之后会使用这个缓存确定用户界面的样式。恶意网站可以利用这个漏洞更改浏览器的样式属性，如字体大小和颜色。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla Thunderbird 3.0 Mozilla SeaMonkey 2.0 厂商补丁： Mozilla -------...

Code injection

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

CVE-2010-0169

The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings in a stylesheet before adding this stylesheet to...

CVE-2010-0169

Technical details about CVE-2010-0169 are not provided in the supplied documents. Please monitor official advisories and vendor patches for affected products and versions.

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

A memory corruption was reported in vulnerability in Mozilla Firefox. This flaw is due to the way Mozilla Firefox handles firstletter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a malicious webpage. Successful exploitation could allow f...

Update Protection against Mozilla Firefox Browser Engine Memory Corruption

A memory corruption vulnerability was reported in Mozilla Firefox, a popular Web browser developed by Mozilla Foundation. This flaw is due to the way Mozilla Firefox handles first-letter CSS style elements. A remote attacker can exploit this vulnerability by persuading a target user to open a...

Debian DSA-2022-1 : mediawiki - several vulnerabilities

Several vulnerabilities have been discovered in mediawiki, a web-based wiki engine. The following issues have been identified : - Insufficient input sanitization in the CSS validation code allows editors to display external images in wiki pages. This can be a privacy concern on public wikis as it...

[SECURITY] [DSA 2022-1] New mediawiki packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA-2022-1 [email protected] http://www.debian.org/security/ Nico Golde March 23th, 2010 http://www.debian.org/security/faq -...

Apple Saferi multiple vulnerabilities (Mar10)

The host is running Apple Saferi and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodapplesafarimultvuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Apple Safari multiple vulnerabilities Mar10 Authors: Madhuri D Updated By: Antu Sanadi on 2010-18-2010 Added the CVE and...