27 matches found
Mandriva Update for mozilla-firefox MDKSA-2007:152 (mozilla-firefox)
Check for the Version of mozilla-firefox OpenVAS Vulnerability Test Mandriva Update for mozilla-firefox MDKSA-2007:152 mozilla-firefox Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute ...
Mandriva Update for mozilla-thunderbird MDVSA-2007:047 (mozilla-thunderbird)
Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2007:047 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Ubuntu: Security Advisory (USN-503-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1345-1 (xulrunner)
The remote host is missing an update to xulrunner announced via advisory DSA 1345-1. OpenVAS Vulnerability Test $Id: deb13451.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1345-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1346-1 (iceape)
The remote host is missing an update to iceape announced via advisory DSA 1346-1. OpenVAS Vulnerability Test $Id: deb13461.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1346-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1391-1 (icedove)
The remote host is missing an update to icedove announced via advisory DSA 1391-1. OpenVAS Vulnerability Test $Id: deb13911.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1391-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1345-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1344-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1346-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 6.06 LTS / 6.10 / 7.04 : firefox vulnerabilities (USN-493-1)
A flaw was discovered in handling of 'about:blank' windows used by addons. A malicious website could exploit this to modify the contents, or steal confidential data such as passwords, of other web pages. CVE-2007-3844 Jesper Johansson discovered that spaces and double-quotes were not correctly...
Debian DSA-1391-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3734 Bernd Mielke, Boris Zbarsky, David Baron, Daniel Veditz, Jesse...
[SECURITY] [DSA 1391-1] New icedove packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 1391-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 19th, 2007 http://www.debian.org/security/faq -...
DSA-1391-1 icedove - several vulnerabilities
Bulletin has no description...
Design/Logic Flaw
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe...
CVE-2007-3896
The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe...
CVE-2007-4841
Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a 1 mailto, 2 nntp, 3 news, or 4 snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7...
Input validation
Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to execute arbitrary commands via a 1 mailto, 2 nntp, 3 news, or 4 snews URI with invalid "%" encoding, related to improper file type handling on Windows XP with Internet Explorer 7...
USN-503-1: Thunderbird vulnerabilities
Various flaws were discovered in the layout and JavaScript engines. By tricking a user into opening a malicious email, an attacker could execute arbitrary code with the user's privileges. Please note that JavaScript is disabled by default for emails, and it is not recommended to enable it...
Debian DSA-1345-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3844 'mozbugra4' discovered that a regression in the handling of'about:blank' windows used ...
CVE-2007-3845
Mozilla Firefox before 2.0.0.6, Thunderbird before 1.5.0.13 and 2.x before 2.0.0.6, and SeaMonkey before 1.1.4 allow remote attackers to execute arbitrary commands via certain vectors associated with launching "a file handling program based on the file extension at the end of the URI," a variant ...