Low: Red Hat Security Advisory: sos security, bug fix, and enhancement update

An updated sos package that fixes one security issue, several bugs, and adds various enhancements is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in includes/templates/templatedefault/common/tplheadertestinfo.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the 1 mainpage parameter or 2 PATHINFO, a different...

USN-1251-1: Firefox and Xulrunner vulnerabilities

It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. CVE-2011-3647 Yosuke Hasegawa discovered that the Mozill...

CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

CVE-2011-3650

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

Mozilla: crash while profiling page with many functions (MFSA 2011-49)

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

Mozilla: crash while profiling page with many functions (MFSA 2011-49)

Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service memory corruption and application crash or possibly have...

SuSE 10 Security Update : yast2-core (ZYPP Patch Number 7725)

This update of yast2-core fixes security issues, bugs, and adds a debugging feature. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid56619; scriptversion"1.7";...

Google Chrome PoC, killing thread

No description provided by source. -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ -. .' \ ,--' ,----'/ '. / ,---. ,--',--. .----. .----. ...--'' | OO' .-OO |'--...| \ /.\ | OO| -',-. |.-, | | |.' | | | | | .-, --. .--''-'|.' | | | | |OO .' .' | | ..'| |/ | | './ | | | .-. || |/| ' |...

Google Chrome - Killing Thread (PoC)

Google Chrome - Killing Thread PoC -' pigtail23 -' -' www.remoteshell.de -.OO .- OO.- OO .-/ | '-' | | | | | | | | |'-| |'| |\ -' / --' --' -----' --' --' --' --' -----' ------' ---'' October 22, 2011 Ohh nice! What u doing google? Thx 4 ur bug! 0o Google Chrome PoC, killing thread. Exploitable o...

Visual DuxDebugger Debugger - Disassembler for Windows 64-bit

Visual DuxDebugger Debugger - Disassembler for Windows 64-bit Main features Fully support 64-bit native processes Fully support 64-bit .NET processes Full code analysis Full memory analysis Code edition Memory edition Module export formats EXE/DLL/CSV Debug multiple processes Debug multiple child...

Visual DuxDebugger Debugger - Disassembler for Windows 64-bit

Visual DuxDebugger Debugger - Disassembler for Windows 64-bit Main features Fully support 64-bit native processes Fully support 64-bit .NET processes Full code analysis Full memory analysis Code edition Memory edition Module export formats EXE/DLL/CSV Debug multiple processes Debug multiple child...

Fedora 16 : hplip-3.11.7-2.fc16 (2011-11116)

This update fixes a temporary file vulnerability in the fax support of HPLIP when debugging is enabled. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much a...

CentOS Update for systemtap CESA-2011:0841 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 15 : NetworkManager-0.8.9997-2.git20110531.fc15 (2011-7919)

This update includes no changes to NetworkManager but ensures that the latest update is installed to fix a security issue in NetworkManager-0.8.999-3.git20110526. This issue was previously fixed in NetworkManager-0.8.9997-1.git20110531.fc15 but was not marked as a security update...

Nmap NSE net: http-php-version

Attempts to retrieve the PHP version from a web server. PHP has a number of magic queries that return images or text that can vary with the PHP version. This script uses the following queries: '/?=PHPE9568F36-D428-11d2-A769-00AA001ACF42': gets a GIF logo, which changes on April Fool's Day...

Nmap NSE net: hostmap

Tries to find hostnames that resolve to the target's IP address by querying the online database at http://www.bfk.de/bfkdnslogger.html. The script is in the 'external' category because it sends target IPs to a third party in order to query their database. SYNTAX: hostmap.prefix: If set, saves the...

Nmap NSE net: http-robots.txt

Checks for disallowed entries in '/robots.txt' on a web server. The higher the verbosity or debug level, the more disallowed entries are shown. SYNTAX: http.pipeline: If set, it represents the number of HTTP requests that'll be pipelined ie, sent in a single request. This can be set low to make...

Nmap NSE net: daap-get-library

Retrieves a list of music from a DAAP server. The list includes artist names and album and song titles. Output will be capped to 100 items if not otherwise specified in the 'daapitemlimit' script argument. A 'daapitemlimit' below zero outputs the complete contents of the DAAP library. Based on...