9085 matches found
USN-1306-2: Mozvoikko and ubufox update
USN-1306-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 9. Original advisory details: Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman,...
USN-1306-1: Firefox vulnerabilities
Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Firefox or execute arbitrary code as the...
seamonkey (important)
seamonkey version 2.6 fixes several security issues: MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access MFSA...
seamonkey (important)
seamonkey version 2.6 fixes several security issues: MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access MFSA...
Medium: dhcp
Issue Overview: A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in "/etc/dhcp/dhcpd.conf". A remote attacker could use this flaw to crash dhcpd. CVE-2011-4539 Affected Packages: dhcp Issue Correction: Run yum...
PT-2011-5168 · Php · Phpids
Name of the Vulnerable Software and Affected Versions: PHPIDS versions prior to 0.7 Description: The issue allows remote attackers to bypass rulesets and add PHP sequences to a file due to improper implementation of Regular Expression Denial of Service ReDoS filters. Recommendations: For versions...
Kuwait Government will suspend Twitter accounts of Anonymous Users
Kuwait Government will suspend Twitter accounts of Anonymous Users In Kuwait, the Ministry of Interior is in the process of enforcing a rule of their own on Twitter which prevents Kuwaiti users from using anonymous accounts. The ministry said in a press statement that such measure comes in order ...
Tiki Wiki CMS Groupware 8.2 Code Injection
------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1®exres=phpinfo®ex=//e%00/ Tiki internal filters remove all null bytes from user input, but for some strange reason this doesn't happen within admin sessions. So,...
Tiki Wiki CMS Groupware 8.2 - 'snarf_ajax.php' Remote PHP Code Injection
------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1®exres=phpinfo®ex=//e%00/ Tiki internal filters remove all null bytes from user input, but for some strange reason this doesn't happen within admin sessions. So,...
FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)
The Mozilla Project reports : MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...
Mozilla Firefox 8.0 Multiple Vulnerabilities
Binary data 801379.prm...
Firefox < 9.0 Multiple Vulnerabilities
The installed version of Firefox is earlier than 9.0 and thus, is potentially affected by the following security issues : - An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler...
mozilla -- multiple vulnerabilities
The Mozilla Project reports: MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...
Mozilla Thunderbird < 9.0 Multiple Vulnerabilities
The installed version of Thunderbird is earlier than 9.0 and thus, is potentially affected by the following security issues : - An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler...
Potentially exploitable crash in the YARR regular expression library — Mozilla
Security researcher Aki Helin reported a crash in the YARR regular expression library that could be triggered by javascript in web content...
isc-dhcp-server -- Remote DoS
ISC reports: A bug exists which allows an attacker who is able to send DHCP Request packets, either directly or through a relay, to remotely crash an ISC DHCP server if that server is configured to evaluate expressions using a regular expression i.e. uses the "=" or "" comparison operators...
BSD libc/regcomp(3) Memory Management / Recursion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple BSD libc/regcomp3 Multiple Vulnerabilities Author: Maksymilian Arciemowicz http://www.netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - - Dis.: 05.10.2011 - - Pub.: 04.11.2011 CVE: CVE-2011-3336 Affected Software: - -...
HTTP Page Scraper
Scrape defined data from a specific web page based on a regular expression This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Page Scraper', 'Description' = 'Scrape defined data from a specif...
Mozilla Firefox Memory Corruption and Integer Underflow Vulnerabilities - Mac OS X
Mozilla Firefox is prone to memory corruption and integer underflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mozilla Firefox Memory Corruption and Integer Underflow Vulnerabilities (MAC OS X)
The host is installed with Mozilla Firefox and is prone to memory corruption and integer underflow vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxmemcorrptnintunderflowvulnmacosx.nasl 7015 2017-08-28 11:51:24Z teissa $ Mozilla Firefox Memory Corruption and Integer Underflow...