403 matches found
Ubuntu Update for thunderbird USN-2053-1
Check for the Version of thunderbird OpenVAS Vulnerability Test $Id: gbubuntuUSN20531.nasl 8483 2018-01-22 06:58:04Z teissa $ Ubuntu Update for thunderbird USN-2053-1 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free...
Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2053-1)
Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...
USN-2053-1: Thunderbird vulnerabilities
Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application...
CVE-2013-6673
Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a...
Firefox ESR 24.x < 24.2 Multiple Vulnerabilities
The installed version of Firefox ESR 24.x is earlier than 24.2, and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2013-5609, CVE-2013-5610 - Two...
Firefox 26 Makes Java Plugins Click-to-Play, Fixes 14 Security Flaws
Mozilla has released a major new version of Firefox, which includes fixes for more than a dozen security vulnerabilities as well as an important change that makes all Java plugins click-to-play be default. This feature prevents those plugins from running automatically on Web pages, which helps...
Trust settings for built-in roots ignored during EV certificate validation — Mozilla
Firefox user Sijie Xia reported that if a user explicitly removes the trust for extended validation EV capable root certificates in the certificate manager, the change is not properly used when validating EV certificates, causing the setting to be ignored. This removes the ability of users to...
phpVibe 3.1 Disclosure / Remote File Inclusion
Exploit Title: phpVibe 3.1 Multiple Vulnerability Date: 2013-05-07 Author: indoushka Software Link: http://phprevolution.com/ Category: webapps/php Version: 3.1 Price: 40€ Google dork: "Powered by phpVibe v3.1" installation Application error message :...
CVE-2013-1609
CVE-2013-1609 affects Symantec Enterprise Vault (EV) for File System Archiving, due to unquoted Windows search paths in the File Collector and File PlaceHolder services. Root cause: unquoted service paths enabling local privilege escalation via a Trojan horse program. Affected products/versions: ...
CVE-2013-1609
Multiple unquoted Windows search path vulnerabilities in the 1 File Collector and 2 File PlaceHolder services in Symantec Enterprise Vault EV for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program...
Bitcart Remote File Upload
Exploit for php platform in category web applications Exploit Title: Bitcart Remote File Upload Date: 23/08/2012 Author: DaOne @LibyanCA Vendor: http://www.bit-cart.com/ Price: $399 Google dork: intext:"Shopping cart developed By Bitwords Media" Exploit http://site.com/upload.php Find Your Ev!L o...
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php?base_path Remote File Inclusion
Basic Analysis and Security Engine BASE 1.4.5 - basegraphform.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/51979/info BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to gain...
Openads 2.0.11 Remote File Inclusion
Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:[email protected] Software Link: http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download...
Openads-2.0.11 Remote File inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:email protected Software Link:...
Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit
Exploit for windows platform in category local exploits =============================================== Recover MyFiles 3.8.4.3300 DLL Hijacking Exploit =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 1 1 | | | | | | | | | | | | \ \ / / 0 ...
About the security content of Mac OS X v10.6.8 and Security Update 2011-004
About the security content of Mac OS X v10.6.8 and Security Update 2011-004 Last Modified: June 23, 2011 Article: HT4723 Email this article Print this page Summary This document describes of Mac OS X v10.6.8 and Security Update 2011-004, which can be downloaded and installed via Software Update...
CVE-2011-0199
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...
Code injection
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...
CVE-2011-0199
CVE-2011-0199 affects Apple Mac OS X’s Certificate Trust Policy prior to 10.6.8. The issue is an EV certificate handling error where, if OCSP URLs are absent and CRL checking is enabled, CRL is not checked and a revoked EV certificate may be accepted, enabling MITM-style spoofing of SSL. Public d...
CVE-2011-0199
The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation EV certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate...