Lucene search
+L

859 matches found

RedHat Linux
RedHat Linux
added 2010/03/25 8:52 a.m.8 views

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.9AI score0.87264EPSS
Exploits15References4
RedHat Linux
RedHat Linux
added 2010/03/17 5:19 p.m.16 views

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.9AI score0.87264EPSS
Exploits15References4
RedHat Linux
RedHat Linux
added 2010/03/03 6:20 p.m.6 views

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.9AI score0.87264EPSS
Exploits15References4
securityvulns
securityvulns
added 2010/02/22 12:0 a.m.40 views

AST-2010-002: Dialplan injection vulnerability

Asterisk Project Security Advisory - AST-2010-002 +------------------------------------------------------------------------+ | Product | Asterisk | |----------------------+-------------------------------------------------| | Summary | Dialplan injection vulnerability |...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2010/02/10 12:0 a.m.112 views

SSL data injection

Data injection possibility connected with SSL in-session renegotiation...

5.8CVSS2.8AI score0.87264EPSS
Exploits15References8Affected Software6
FreeBSD
FreeBSD
added 2010/02/09 12:0 a.m.63 views

OpenSSL -- Remote Data Injection / DoS

Applications that use SSLMODERELEASEBUFFERS, such as nginx, are prone to a race condition which may allow a remote attacker to inject random data into other connections...

4CVSS7.9AI score0.34132EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2009/12/10 7:30 p.m.20 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

9.3CVSS6.2AI score0.07115EPSS
Exploits0References1
Prion
Prion
added 2009/12/10 7:30 p.m.17 views

Design/Logic Flaw

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

9.3CVSS7.8AI score0.07115EPSS
Exploits0References22Affected Software2
NVD
NVD
added 2009/12/10 7:30 p.m.17 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

9.3CVSS8AI score0.07115EPSS
Exploits0References22
Cvelist
Cvelist
added 2009/12/10 7:0 p.m.26 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

7.9AI score0.07115EPSS
Exploits0References22
CVE
CVE
added 2009/12/10 7:0 p.m.65 views

CVE-2009-3796

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 are affected by CVE-2009-3796 (data injection vulnerability) that could allow remote code execution via unspecified vectors. Red Hat advisories RHSA-2009:1657/1658 and related summaries indicate upgrading Flash to 10.0.42.34 as remed...

9.3CVSS8AI score0.07115EPSS
Exploits0References22Affected Software2
RedHat Linux
RedHat Linux
added 2009/12/09 4:17 p.m.3 views

flash-plugin: multiple code execution flaws (APSB09-19) (CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

9.3CVSS6.2AI score0.07115EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2009/12/09 4:11 p.m.2 views

flash-plugin: multiple code execution flaws (APSB09-19) (CVE-2009-3794, CVE-2009-3796, CVE-2009-3797, CVE-2009-3798, CVE-2009-3799, CVE-2009-3800)

Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 might allow attackers to execute arbitrary code via unspecified vectors, related to a "data injection vulnerability."...

9.3CVSS6.2AI score0.07115EPSS
Exploits0References4
ThreatPost
ThreatPost
added 2009/12/09 3:23 a.m.53 views

Adobe Zaps Dangerous Flash Player Bugs

Adobe has shipped a critical Flash Player update to fix at least seven documented security vulnerabilities that expose nearly every computer user to dangerous hacker attacks. The Flash Player 10.0.42.34 update is available for all platforms Windows, Linux and Mac OS X. Here are the raw details:...

9.3CVSS2.9AI score0.11556EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2009/12/09 12:0 a.m.28 views

Adobe AIR < 1.5.3 Multiple Vulnerabilities (APSB09-19)

Binary data 5256.prm...

9.3CVSS8.9AI score0.11556EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2009/12/09 12:0 a.m.29 views

Flash Player < 9.0.260 / 10.0.42.34 Multiple Vulnerabilities (APSB09-19)

The remote Windows host contains a version of Adobe Flash Player that is earlier than 9.0.260 or 10.0.42.34. Such versions are potentially affected by multiple vulnerabilities : - A vulnerability in the parsing of JPEG data could lead to code execution. CVE-2009-3794 - A data injection...

9.3CVSS5.9AI score0.52844EPSS
Exploits6References8
Tenable Nessus
Tenable Nessus
added 2009/12/09 12:0 a.m.37 views

Adobe AIR < 1.5.3 Multiple Vulnerabilities (APSB09-19)

The remote Windows host contains a version of Adobe AIR that is earlier than 1.5.3. Such versions are potentially affected by multiple vulnerabilities : - A vulnerability in the parsing of JPEG data could lead to code execution. CVE-2009-3794 - A data injection vulnerability could lead to code...

9.3CVSS5.9AI score0.11556EPSS
Exploits2References7
ATTACKERKB
ATTACKERKB
added 2009/11/09 5:30 p.m.2 views

CVE-2009-3555

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

9.8CVSS6.8AI score0.87264EPSS
Exploits15References349
Exploit DB
Exploit DB
added 2009/07/17 12:0 a.m.50 views

Sguil/PADS - Remote Server Crash

Sguil/PADS Denial of Service exploit by Ataraxia Benjamin Rose Public announcement made 7/15/09. Please visit http://allmybase.com/ my blog for more up-to-date information, and a quick patch. More in-depth article available at: http://allmybase.com/?p=72 This more in-depth article does include...

7AI score
Exploits0
Prion
Prion
added 2009/04/30 8:30 p.m.13 views

Stack overflow

Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family aka RTworks before 4.0.5, and Enterprise Message Service EMS 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server aka RTserver, SmartSockets client libraries and add-on products, RTworks...

10CVSS9AI score0.0643EPSS
Exploits0References12Affected Software4
Rows per page
Query Builder