Lucene search
K

403 matches found

OpenVAS
OpenVAS
added 2013/12/17 12:0 a.m.27 views

Ubuntu Update for thunderbird USN-2053-1

Check for the Version of thunderbird OpenVAS Vulnerability Test $Id: gbubuntuUSN20531.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for thunderbird USN-2053-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...

10CVSS0.6AI score0.11076EPSS
Exploits10References2
Tenable Nessus
Tenable Nessus
added 2013/12/12 12:0 a.m.35 views

Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2053-1)

Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...

10CVSS8.4AI score0.11076EPSS
Exploits10References10
Ubuntu
Ubuntu
added 2013/12/11 3:14 p.m.73 views

USN-2053-1: Thunderbird vulnerabilities

Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...

10CVSS8.3AI score0.11076EPSS
Exploits10References1
Cvelist
Cvelist
added 2013/12/11 3:0 p.m.31 views

CVE-2013-6673

Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a...

7.1AI score0.02886EPSS
Exploits2References21
Tenable Nessus
Tenable Nessus
added 2013/12/11 12:0 a.m.35 views

Firefox ESR 24.x < 24.2 Multiple Vulnerabilities

The installed version of Firefox ESR 24.x is earlier than 24.2, and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two...

10CVSS7.1AI score0.11076EPSS
Exploits11References19
ThreatPost
ThreatPost
added 2013/12/10 2:36 p.m.11 views

Firefox 26 Makes Java Plugins Click-to-Play, Fixes 14 Security Flaws

Mozilla has released a major new version of Firefox, which includes fixes for more than a dozen security vulnerabilities as well as an important change that makes all Java plugins click-to-play be default. This feature prevents those plugins from running automatically on Web pages, which helps...

0.4AI score
Exploits0References17
Mozilla
Mozilla
added 2013/12/10 12:0 a.m.57 views

Trust settings for built-in roots ignored during EV certificate validation — Mozilla

Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation EV capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to...

5.9CVSS1.7AI score0.02886EPSS
Exploits2References2Affected Software4
Packet Storm
Packet Storm
added 2013/07/06 12:0 a.m.997 views

phpVibe 3.1 Disclosure / Remote File Inclusion

Exploit Title: phpVibe 3.1 Multiple Vulnerability Date: 2013-05-07 Author: indoushka Software Link: http://phprevolution.com/ Category: webapps/php Version: 3.1 Price: 40€ Google dork: "Powered by phpVibe v3.1" installation Application error message :...

Exploits0
CVE
CVE
added 2013/03/26 2:0 p.m.216 views

CVE-2013-1609

CVE-2013-1609 affects Symantec Enterprise Vault (EV) for File System Archiving, due to unquoted Windows search paths in the File Collector and File PlaceHolder services. Root cause: unquoted service paths enabling local privilege escalation via a Trojan horse program. Affected products/versions: ...

7.8CVSS9AI score0.0041EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2013/03/26 2:0 p.m.29 views

CVE-2013-1609

Multiple unquoted Windows search path vulnerabilities in the 1 File Collector and 2 File PlaceHolder services in Symantec Enterprise Vault EV for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program...

9.2AI score0.0041EPSS
Exploits0References2
0day.today
0day.today
added 2012/08/24 12:0 a.m.36 views

Bitcart Remote File Upload

Exploit for php platform in category web applications Exploit Title: Bitcart Remote File Upload Date: 23/08/2012 Author: DaOne @LibyanCA Vendor: http://www.bit-cart.com/ Price: $399 Google dork: intext:"Shopping cart developed By Bitwords Media" Exploit http://site.com/upload.php Find Your Ev!L o...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/02/11 12:0 a.m.25 views

Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php?base_path Remote File Inclusion

Basic Analysis and Security Engine BASE 1.4.5 - basegraphform.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/51979/info BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to gain...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2011/09/03 12:0 a.m.35 views

Openads 2.0.11 Remote File Inclusion

Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:[email protected] Software Link: http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download...

7.4AI score
Exploits0
0day.today
0day.today
added 2011/09/03 12:0 a.m.35 views

Openads-2.0.11 Remote File inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:email protected Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/08/27 12:0 a.m.31 views

Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit

Exploit for windows platform in category local exploits =============================================== Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 1 1 | | | | | | | | | | | | \ \ / / 0 ...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2011/07/04 12:0 a.m.99 views

About the security content of Mac OS X v10.6.8 and Security Update 2011-004

About the security content of Mac OS X v10.6.8 and Security Update 2011-004 Last Modified: June 23, 2011 Article: HT4723 Email this article Print this page Summary This document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update...

10CVSS0.3AI score0.32357EPSS
Exploits21
NVD
NVD
added 2011/06/24 8:55 p.m.18 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5.9CVSS5AI score0.00754EPSS
Exploits1References3
Prion
Prion
added 2011/06/24 8:55 p.m.17 views

Code injection

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5.8CVSS6.2AI score0.00754EPSS
Exploits1References3Affected Software2
CVE
CVE
added 2011/06/24 8:0 p.m.49 views

CVE-2011-0199

CVE-2011-0199 affects Apple Mac OS X’s Certificate Trust Policy prior to 10.6.8. The issue is an EV certificate handling error where, if OCSP URLs are absent and CRL checking is enabled, CRL is not checked and a revoked EV certificate may be accepted, enabling MITM-style spoofing of SSL. Public d...

5.9CVSS4.9AI score0.00754EPSS
Exploits1References3Affected Software2
Cvelist
Cvelist
added 2011/06/24 8:0 p.m.20 views

CVE-2011-0199

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...

5AI score0.00754EPSS
Exploits1References3
Rows per page
Query Builder