5055 matches found
Opera Web Browser Multiple Security Vulnerabilities Aug-08 (Windows)
The remote host is running Opera Web Browser, which is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperamultvulnaug08win900038.nasl 5375 2017-02-20 16:39:23Z cfi $ Description: Opera Web Browser Multiple Security Vulnerabilities Aug-08 Windows Authors: Chandan S...
Gregarius 0.5.4 - SQL Injection
GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems - setRenderOptionsILTITLENOESCAPE;...
[SECURITY] Fedora 8 Update: liferea-1.4.15-3.fc8
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
Cybozu Garoon vulnerable to arbitrary script execution
Overview Cybozu Garoon, a groupware from Cybozu, contains a vulnerability that allows an attacker to execute an arbitrary script when a user views RSS feed. Yoshiki Kawada of LAC Little eArth Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the vendors under Information...
JVN#52363223: Cybozu Garoon vulnerable to arbitrary script execution
Cybozu Garoon, a groupware from Cybozu, contains a vulnerability that allows an attacker to execute an arbitrary script when a user views RSS feed. Impact An arbitrary script could be executed on the user's web browser. Solution Update the Software Apply the latest update provided by the vendor...
[SECURITY] Fedora 8 Update: liferea-1.4.13-3.fc8
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
[SECURITY] Fedora 7 Update: liferea-1.4.13-3.fc7
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
Opera: Multiple vulnerabilities
Background Opera is a fast web browser that is available free of charge. Description Michal Zalewski reported two vulnerabilities, memory corruption when adding news feed sources from a website CVE-2008-1761 as well as when processing HTML CANVAS elements to use scaled images CVE-2008-1762...
[SECURITY] Fedora 7 Update: liferea-1.4.13-2.fc7
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
[SECURITY] Fedora 8 Update: liferea-1.4.11-2.fc8
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
[SECURITY] Fedora 7 Update: liferea-1.4.9-2.fc7
Liferea Linux Feed Reader is an RSS/RDF feed reader. It's intended to be a clone of the Windows-only FeedReader. It can be used to maintain a list of subscribed feeds, browse through their items, and show their contents...
DEBIAN-CVE-2008-0456
CRLF injection vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP respons...
Toshiba Surveillance - 'MeIpCamX.dll 1.0.0.4' Remote Buffer Overflow
///add su one, user: sun pass: tzu shellcode = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u3749%u4949" + "%u4949%u4949%u4949%u4949%u4949%u4949%u5a51%u456a" + "%u5058%u4230%u4231%u6b41%u4141%u3255%u4241%u3241" + "%u4142%u4230%u5841%u3850%u4241%u6d75%u6b39%u494c" +...
CVE-2008-0272
Cross-site request forgery CSRF vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users...
CVE-2008-0272
Cross-site request forgery CSRF vulnerability in the aggregator module in Drupal 4.7.x before 4.7.11 and 5.x before 5.6 allows remote attackers to delete items from a feed as privileged users...
DEBIAN-CVE-2008-0191
WordPress 2.2.x and 2.3.x allows remote attackers to obtain sensitive information via an invalid p parameter in an rss2 action to the default URI, which reveals the full path and the SQL database structure...
SA-2008-002 - Atom - Access bypass
The Atom module provides a list of node titles, and teasers or bodies as part of a syndication feed. In certain conditions, the titles, teasers, and body were not respecting access permissions, potentially exposing content to syndication not available otherwise. Versions affected Atom for Drupal...
SA-2008-005 - Drupal core - Cross site request forgery
The aggregator module fetches items from RSS feeds and makes them available on the site. The module provides an option to remove items from a particular feed. This has been implemented as a simple GET request and is therefore vulnerable to cross site request forgeries. For example: Should a...
CVE-2007-5859
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service application termination or execute arbitrary code via a crafted feed: URL that triggers memory corruption...
Memory corruption
Unspecified vulnerability in Safari RSS in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service application termination or execute arbitrary code via a crafted feed: URL that triggers memory corruption...