Cross Platform Webkit File Dropper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cross Platform Webkit File Dropper', 'Description' = %q This module exploits a XSLT vulnerability in Webkit to drop ASCII or UTF-8 files to the...

FreeBSD : databases/postgresql*-server -- multiple vulnerabilities (07234e78-e899-11e1-b38d-0023ae8e59f0)

The PostgreSQL Global Development Group reports : The PostgreSQL Global Development Group today released security updates for all active branches of the PostgreSQL database system, including versions 9.1.5, 9.0.9, 8.4.13 and 8.3.20. This update patches security holes associated with libxml2 and...

Apple Safari libxslt File Create

Added: 10/24/2011 CVE: CVE-2011-1774 BID: 48840 OSVDB: 74017 Background Safari is a web browser for Mac OS X and Windows. Problem Safari versions prior to 5.0.6 use unsafe security settings when implementing libxslt. An attacker may leverage this weakness by creating a web page that references a...

Apple Safari libxslt File Create

Added: 10/24/2011 CVE: CVE-2011-1774 BID: 48840 OSVDB: 74017 Background Safari is a web browser for Mac OS X and Windows. Problem Safari versions prior to 5.0.6 use unsafe security settings when implementing libxslt. An attacker may leverage this weakness by creating a web page that references a...

Apple Safari libxslt File Create

Added: 10/24/2011 CVE: CVE-2011-1774 BID: 48840 OSVDB: 74017 Background Safari is a web browser for Mac OS X and Windows. Problem Safari versions prior to 5.0.6 use unsafe security settings when implementing libxslt. An attacker may leverage this weakness by creating a web page that references a...

Cross Platform Webkit File Dropper

This module exploits a XSLT vulnerability in Webkit to drop ASCII or UTF-8 files to the target file-system. By default, the file will be dropped in C:\Program Files\ This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework cla...

Apple Safari Multiple Vulnerabilities (Jul 2011) - Mac OS X

Apple Safari web browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari";...

SuSE 11.1 Security Update : libwebkit (SAT Patch Number 4917)

This update of libwebkit fixes : - XSLT file creation allowed webpages evaluating XSLT code to create files. CVE-2011-1774 - ZDI-11-139 Webkit Anonymous Frame remote code exec %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...

CVE-2011-1774

WebKit in Apple Safari before 5.0.6 has improper libxslt security settings, which allows remote attackers to create arbitrary files, and consequently execute arbitrary code, via a crafted web site. NOTE: this may overlap CVE-2011-1425...

CVE-2011-1774

WebKit in Apple Safari before 5.0.6 is affected by CVE-2011-1774 due to improper libxslt security settings, allowing remote attackers to create arbitrary files and potentially execute arbitrary code via a crafted web site. This vulnerability arises from how XSLT output handling interacts with lib...