SUSE CVE-2012-3382

Cross-site scripting XSS vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properl...

SUSE: Security Advisory (SUSE-SU-2012:0928-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : mono-web (openSUSE-SU-2012:0974-1)

Mono was updated to fix : A cross site scripting attack in the System.Web class 'forbidden extensions' filtering was fixed. CVE-2012-3382 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

SuSE 11.2 Security Update : Mono (SAT Patch Number 6543)

Mono was updated to fix a cross-site scripting attack in the System.Web class 'forbidden extensions' filtering has been fixed. CVE-2012-3382 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information...

Debian Security Advisory DSA 2512-1 (mono)

The remote host is missing an update to mono announced via advisory DSA 2512-1. OpenVAS Vulnerability Test $Id: deb25121.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2512-1 mono Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : mono vulnerabilities (USN-1517-1)

It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting XSS attacks. CVE-2012-3382 It was...

USN-1517-1: Mono vulnerabilities

It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting XSS attacks. CVE-2012-3382 It was...

CVE-2012-3382

Cross-site scripting XSS vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properl...

CVE-2012-3382

CVE-2012-3382 describes an XSS vulnerability in Mono 2.10.8 and earlier caused by improper handling of error messages for a crafted file name with a forbidden extension in System.Web/HttpForbiddenHandler.cs. The connected advisories show that multiple distributions (Mandriva, openSUSE, SUSE/OpenV...

[SECURITY] [DSA 2512-1] mono security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2512-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 12, 2012 http://www.debian.org/security/faq -...

CVE-2012-3382

Cross-site scripting XSS vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properl...