php: XSS via PHP error messages

Cross-site scripting XSS vulnerability in PHP, possibly 5.2.7 and earlier, when displayerrors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208...

FreeBSD Ports: amarok

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Ubuntu: Security Advisory (USN-582-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200903-34 : Amarok: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200903-34 Amarok: User-assisted execution of arbitrary code Tobias Klein has discovered multiple vulnerabilities in Amarok: Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp trigge...

Mandrake Security Advisory MDVSA-2009:068-1 (poppler)

The remote host is missing an update to poppler announced via advisory MDVSA-2009:068-1. OpenVAS Vulnerability Test $Id: mdksa20090681.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:068-1 poppler Authors: Thomas Reinke Copyright: Copyright c 2009...

Gentoo Security Advisory GLSA 200903-04 (devil)

The remote host is missing updates announced in advisory GLSA 200903-04. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200903-04 (devil)

The remote host is missing updates announced in advisory GLSA 200903-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

RedHat Update for nss_ldap RHSA-2008:0389-02

Check for the Version of nssldap OpenVAS Vulnerability Test RedHat Update for nssldap RHSA-2008:0389-02 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

DevIL: User-assisted execution of arbitrary code

Background Developer's Image Library DevIL is a cross-platform image library. Description Stefan Cornelius Secunia Research discovered two boundary errors within the iGetHdrHeader function in src-IL/src/ilhdr.c. Impact A remote attacker could entice a user to open a specially crafted Radiance RGB...

RedHat Update for kernel RHSA-2008:0154-01

Check for the Version of kernel OpenVAS Vulnerability Test RedHat Update for kernel RHSA-2008:0154-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

TightVNC <= 1.3.9 ClientConnection Multiple Integer Overflow Vulnerabilities - Linux

TightVNC is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UltraVNC < 1.0.5.4 ClientConnection Multiple Integer Overflow Vulnerabilities - Windows

UltraVNC is prone to multiple integer overflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TightVNC ClientConnection Multiple Integer Overflow Vulnerabilities (Linux)

This host is running TightVNC and is prone to Multiple Integer Overflow Vulnerability. OpenVAS Vulnerability Test $Id: secpodtightvncmultintoverflowvulnlin.nasl 5148 2017-01-31 13:16:55Z teissa $ TightVNC ClientConnection Multiple Integer Overflow Vulnerabilities Linux Authors: Sujit Ghosal...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

Cross site scripting

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0523

Cross-site scripting XSS vulnerability in Adobe RoboHelp Server 6 and 7 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled when displaying the Help Errors log...

CVE-2009-0654

Tor 0.2.0.28, and probably 0.2.0.34 and earlier, allows remote attackers, with control of an entry router and an exit router, to confirm that a sender and receiver are communicating via vectors involving 1 replaying, 2 modifying, 3 inserting, or 4 deleting a single cell, and then observing cell...

GraphicsMagick Multiple Vulnerabilities - Linux

GraphicsMagick graphics tool is prone to multiple buffer overflow/underflow vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Password is being logged for 500 errors

The user passwords are being exposed in the log files when a 500 error happens. The following Jira solved the problem for the information displayed in the user Browser: http://jira.atlassian.com/browse/CONF-12360...

CVE-2009-0388

Multiple integer signedness errors in 1 UltraVNC 1.0.2 and 1.0.5 and 2 TightVnc 1.3.9 allow remote VNC servers to cause a denial of service heap corruption and application crash or possibly execute arbitrary code via a large length value in a message, related to the a...