[SECURITY] Fedora 10 Update: perl-Gtk2-MozEmbed-0.08-5.fc10.2

This module allows you to use the Mozilla embedding widget from Perl...

[SECURITY] Fedora 10 Update: gecko-sharp2-0.13-3.fc10

This package provides Mono bindings for the Gecko engine, through an easy-to-use widget that will allow you to embed a Mozilla browser window into your Gtk application...

PT-2008-5544 · Microsoft · Internet Explorer +2

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 5.01 SP4, 6 SP1 Microsoft Internet Explorer version 6 on Windows XP and Server 2003 Description: The issue arises from a stack-based buffer overflow that occurs when Microsoft Internet Explorer does not...

CVE-2008-2806

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...

Design/Logic Flaw

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...

CVE-2008-2806

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...

CVE-2008-2806

CVE-2008-2806 affects Mozilla Firefox <= 2.0.0.15 and SeaMonkey

CVE-2008-2806

Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 on Mac OS X allow remote attackers to bypass the Same Origin Policy and create arbitrary socket connections via a crafted Java applet, related to the Java Embedding Plugin JEP and Java LiveConnect...

Xpdf嵌入字体处理代码执行漏洞

BUGTRAQ ID: 28830 CVECAN ID: CVE-2008-1693 Xpdf是便携文档格式（PDF）文件的开放源码查看器。 Xpdf显示PDF文件中所嵌入的畸形字体的方式存在漏洞，攻击者可以创建恶意的PDF文件，如果打开了该文件就会导致Xpdf崩溃或执行任意指令。 Xpdf 3.x Debian ------ Debian已经为此发布了一个安全公告（DSA-1548-1）以及相应补丁: DSA-1548-1：New xpdf packages fix arbitrary code exitution...

PHP 5.2.5之前版本多个安全漏洞

BUGTRAQ ID: 26403 CVECAN ID: CVE-2007-4887 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的5.2.5之前版本中存在多个安全漏洞，具体包括： 1 htmlentities和htmlspecialchars函数中不会接受部分多字节序列； 2 fnmatch、setlocale和glob函数中存在多个缓冲器溢出； 3 处理.htaccess文件中的错误可能导致通过.htaccess文件修改mail.forceextraparameters php.ini指令，绕过disablefunctions指令； 4...

Design/Logic Flaw

Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service browser crash via a Thread subclass that calls super.run from its run method...

CVE-2007-2906

Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service browser crash via a Thread subclass that calls super.run from its run method...

CVE-2007-2906

Java Embedding Plugin 0.9.6.1 allows remote attackers to cause a denial of service browser crash via a Thread subclass that calls super.run from its run method...

CVE-2007-2906

CVE-2007-2906 affects Java Embedding Plugin 0.9.6.1. The vulnerability is in a Thread subclass that calls super.run from its run method, which can be exploited remotely to cause a denial of service (browser crash). The available connected records confirm the affected product/version and the root ...

Allow embedding multimedia content located on remote servers

Re: CSP-8387 Currently, when embedding multimedia content on Confluence you are restricted to embedding files located on the Confluence server. The page http://confluence.atlassian.com/display/CONF20/Embedding+Multimedia+Content singles out "security reasons" as the reason for this limitation. In...

Multiple RSS applications crosssite scripting

It's possible to embed scripts in RSS content...

CVE-2007-0164

Camouflage 1.2.1 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing certain bytes of the JPEG image with alternate password information...

Authentication flaw

Camouflage 1.2.1 embeds password information in the carrier file, which allows remote attackers to bypass authentication requirements and decrypt embedded steganography by replacing certain bytes of the JPEG image with alternate password information...

DEBIAN-CVE-2006-4514

Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...

Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime media player. The specific flaw exists within the parsing of H.264 content. The implicit trust of a user-supplied size value during a memory copy loop allows an attacker to create an...