7982 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus SAV before 10.1 MR8, Symantec Endpoint Protection SEP 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject...
CVE-2009-1428
Multiple cross-site scripting XSS vulnerabilities in ccLgView.exe in the Symantec Log Viewer, as used in Symantec AntiVirus SAV before 10.1 MR8, Symantec Endpoint Protection SEP 11.0 before 11.0 MR1, Norton 360 1.0, and Norton Internet Security 2005 through 2008, allow remote attackers to inject...
Symantec Log Viewer JavaScript Injection Vulnerabilities
SUMMARY The Log Viewer feature in some Symantec products contains two parsing errors which could be exploited through Java script injection. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Norton 360 | 1.0 | Run LiveUpdate in Interactive Mode Norton Internet Security | 2005 through 200...
FreeBSD : CVS path validation errors (0792e7a7-8e37-11d8-90d1-0020ed76ef5a)
Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...
MDVA-2008:135-1 : draksnapshot
This update fixes several issues in draksnapshot: The draksnapshot applet received the following fixes: - on desktop startup, it will wait for 30s before checking for available disc so that notification is positioned at the right place, on the applet icon - it prevents crashing if DBus is not...
Mandriva Linux Security Advisory : wordnet (MDVSA-2008:182-1)
Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input CVE-2008-2149, CVE-2008-3908. Update : The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that correct...
Mandriva Linux Security Advisory : pulseaudio (MDVSA-2008:065)
Luigi Auriemma found a few programming errors in Pulseaudio, that can be used to crash the Pulseaudio daemon, by authenticated and unauthenticated users. The updated packages fix these issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Fedora 10 : squid-3.0.STABLE13-1.fc10 (2009-1526)
Thu Feb 5 2009 Jonathan Steffan - 7:3.0.STABLE13-1 - upgrade to latest upstream - Thu Jan 29 2009 Henrik Nordstrom - 7:3.0.STABLE12-1 - upgrade to latest upstream - Fri Dec 19 2008 Henrik Nordstrom - 7:3.0.STABLE10-3 - actually include the upstream bugfixes in the build - Fri Dec 19 2008 Henrik...
Mandriva Linux Security Advisory : poppler (MDVSA-2009:068-1)
A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method CVE-2009-0755. A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of...
FreeBSD : xpdf -- multiple vulnerabilities (a21037d5-2c38-11de-ab3b-0017a4cccfc6)
Secunia reports : Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and...
php: XSS via PHP error messages
Cross-site scripting XSS vulnerability in PHP, possibly 5.2.7 and earlier, when displayerrors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208...
Mandriva Update for kbd MDVA-2008:174 (kbd)
Check for the Version of kbd OpenVAS Vulnerability Test Mandriva Update for kbd MDVA-2008:174 kbd Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Mandriva Update for rpmdrake MDKA-2007:078 (rpmdrake)
Check for the Version of rpmdrake OpenVAS Vulnerability Test Mandriva Update for rpmdrake MDKA-2007:078 rpmdrake Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for wordnet MDVSA-2008:182-1 (wordnet)
Check for the Version of wordnet OpenVAS Vulnerability Test Mandriva Update for wordnet MDVSA-2008:182-1 wordnet Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for gftp MDVSA-2008:018 (gftp)
Check for the Version of gftp OpenVAS Vulnerability Test Mandriva Update for gftp MDVSA-2008:018 gftp Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
Mandriva Update for libusb MDKA-2007:071 (libusb)
Check for the Version of libusb OpenVAS Vulnerability Test Mandriva Update for libusb MDKA-2007:071 libusb Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
Mandriva Update for wordnet MDVSA-2008:182-1 (wordnet)
Check for the Version of wordnet OpenVAS Vulnerability Test Mandriva Update for wordnet MDVSA-2008:182-1 wordnet Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for libusb MDKA-2007:071 (libusb)
Check for the Version of libusb OpenVAS Vulnerability Test Mandriva Update for libusb MDKA-2007:071 libusb Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
php: XSS via PHP error messages
Cross-site scripting XSS vulnerability in PHP, possibly 5.2.7 and earlier, when displayerrors is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: because of the lack of details, it is unclear whether this is related to CVE-2006-0208...
FreeBSD Ports: amarok
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...