seamonkey (important)

seamonkey version 2.6 fixes several security issues: MFSA 2011-53/CVE-2011-3660: Miscellaneous memory safety hazards MFSA 2011-54/CVE-2011-3661: Potentially exploitable crash in the YARR regular expression library MFSA 2011-55/CVE-2011-3658: nsSVGValue out-of-bounds access MFSA...

Medium: dhcp

Issue Overview: A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in "/etc/dhcp/dhcpd.conf". A remote attacker could use this flaw to crash dhcpd. CVE-2011-4539 Affected Packages: dhcp Issue Correction: Run yum...

PT-2011-5168 · Php · Phpids

Name of the Vulnerable Software and Affected Versions: PHPIDS versions prior to 0.7 Description: The issue allows remote attackers to bypass rulesets and add PHP sequences to a file due to improper implementation of Regular Expression Denial of Service ReDoS filters. Recommendations: For versions...

Kuwait Government will suspend Twitter accounts of Anonymous Users

Kuwait Government will suspend Twitter accounts of Anonymous Users In Kuwait, the Ministry of Interior is in the process of enforcing a rule of their own on Twitter which prevents Kuwaiti users from using anonymous accounts. The ministry said in a press statement that such measure comes in order ...

Tiki Wiki CMS Groupware 8.2 Code Injection

------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1&regexres=phpinfo&regex=//e%00/ Tiki internal filters remove all null bytes from user input, but for some strange reason this doesn't happen within admin sessions. So,...

Tiki Wiki CMS Groupware 8.2 - 'snarf_ajax.php' Remote PHP Code Injection

------------------------------------------------------------------------- Tiki Wiki CMS Groupware /tiki-8.2/snarfajax.php?url=1&regexres=phpinfo&regex=//e%00/ Tiki internal filters remove all null bytes from user input, but for some strange reason this doesn't happen within admin sessions. So,...

Mozilla Firefox 8.0 Multiple Vulnerabilities

Binary data 801379.prm...

FreeBSD : mozilla -- multiple vulnerabilities (e3ff776b-2ba6-11e1-93c6-0011856a6e37)

The Mozilla Project reports : MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...

Firefox < 9.0 Multiple Vulnerabilities

The installed version of Firefox is earlier than 9.0 and thus, is potentially affected by the following security issues : - An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler...

Potentially exploitable crash in the YARR regular expression library — Mozilla

Security researcher Aki Helin reported a crash in the YARR regular expression library that could be triggered by javascript in web content...

Mozilla Thunderbird < 9.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 9.0 and thus, is potentially affected by the following security issues : - An out-of-bounds memory access error exists in the 'SVG' implementation and can be triggered when 'SVG' elements are removed during a 'DOMAttrModified' event handler...

mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2011-53 Miscellaneous memory safety hazards rv:9.0 MFSA 2011-54 Potentially exploitable crash in the YARR regular expression library MFSA 2011-55 nsSVGValue out-of-bounds access MFSA 2011-56 Key detection without JavaScript via SVG animation MFSA 2011-58 Crash...

isc-dhcp-server -- Remote DoS

ISC reports: A bug exists which allows an attacker who is able to send DHCP Request packets, either directly or through a relay, to remotely crash an ISC DHCP server if that server is configured to evaluate expressions using a regular expression i.e. uses the "=" or "" comparison operators...

BSD libc/regcomp(3) Memory Management / Recursion

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiple BSD libc/regcomp3 Multiple Vulnerabilities Author: Maksymilian Arciemowicz http://www.netbsd.org/donations/ http://securityreason.com/ http://cxib.net/ Date: - - Dis.: 05.10.2011 - - Pub.: 04.11.2011 CVE: CVE-2011-3336 Affected Software: - -...

HTTP Page Scraper

Scrape defined data from a specific web page based on a regular expression This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Page Scraper', 'Description' = 'Scrape defined data from a specif...

Mozilla Firefox Memory Corruption and Integer Underflow Vulnerabilities (MAC OS X)

The host is installed with Mozilla Firefox and is prone to memory corruption and integer underflow vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxmemcorrptnintunderflowvulnmacosx.nasl 7015 2017-08-28 11:51:24Z teissa $ Mozilla Firefox Memory Corruption and Integer Underflow...

Mozilla Firefox Memory Corruption and Integer Underflow Vulnerabilities - Mac OS X

Mozilla Firefox is prone to memory corruption and integer underflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Excel Conditional Expression Ptg Type Confusion Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the...

Mozilla Firefox Memory Corruption and Integer Underflow Vulnerabilities - Windows

Mozilla Firefox is prone to memory corruption and integer underflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Firefox < 7.0 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 7.0 and thus, is potentially affected by the following security issues : - If an attacker could trick a user into holding down the 'Enter' key, via a malicious game, for example, a malicious application or extension could be downloaded and...