Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2011-0039

Malware in sbrugna...

3.3CVSS6.1AI score0.00332EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2011-1189

Malware in sbrugna...

5.1CVSS7.1AI score0.03889EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-0523

Malware in sbrugna...

4.3CVSS6.4AI score0.01112EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2011-1179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute...

5.1CVSS7.2AI score0.03889EPSS
Exploits0References2
Veracode
Veracode
added 2020/04/10 12:54 a.m.28 views

Arbitrary Code Execution

spice-xpi is vulnerable to arbitrary code execution. The vulnerability exists as an uninitialized pointer use flaw was found in the SPICE Firefox plug-in. If a user were tricked into visiting a malicious web page with Firefox while the SPICE plug-in was enabled, it could cause Firefox to crash or...

5.1CVSS4.8AI score0.03889EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.24 views

Scientific Linux Security Update : spice-xpi on SL5.x,SL6.x i386/x86_64

An uninitialized pointer use flaw was found in the SPICE Firefox plug-in. If a user were tricked into visiting a malicious web page with Firefox while the SPICE plug-in was enabled, it could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefo...

5.1CVSS7.6AI score0.03889EPSS
Exploits0References3
CVE
CVE
added 2011/04/18 5:0 p.m.95 views

CVE-2011-1179

CVE-2011-1179 concerns the SPICE Firefox plug-in (spice-xpi) versions 2.4, 2.3, 2.2 and possibly earlier, where a flaw in two plugin files (nsScriptablePeer.cpp and plugin.cpp) can cause multiple uses of an uninitialized pointer. This can lead to denial of service (crash) and potentially arbitrar...

5.1CVSS7.6AI score0.03889EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2011/04/18 5:0 p.m.16 views

CVE-2011-1179

The SPICE Firefox plug-in spice-xpi 2.4, 2.3, 2.2, and possibly other versions allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to 1 plugin/nsScriptablePeer.cpp and 2 plugin/plugin.cpp, which trigger multiple uses of an uninitializ...

9.4AI score0.03889EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2010/08/26 12:0 a.m.42 views

CentOS 5 : spice-xpi (CESA-2010:0651)

An updated spice-xpi package that fixes two security issues and three bugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...

3.3CVSS5.8AI score0.00314EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/08/25 12:11 p.m.3 views

spice-xpi symlink attack

The SPICE aka spice-xpi plug-in 2.2 for Firefox allows local users to overwrite arbitrary files via a symlink attack on an unspecified log file...

3.3CVSS5.9AI score0.00314EPSS
Exploits0References4
Prion
Prion
added 2009/06/16 9:0 p.m.12 views

Security feature bypass

Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probably other versions before 3.0.29.1, when used as a plug-in for Firefox, does not restrict access to the shell.execute JavaScript API method, which allows remote attackers to execute arbitrary commands via a .dxstudio file that...

9.3CVSS7.9AI score0.40176EPSS
Exploits10References8Affected Software1
securityvulns
securityvulns
added 2009/06/14 12:0 a.m.35 views

DX Studio Player Firefox plug-in code execution

It's possible to execute system commands via Javascript API...

9.3CVSS3.2AI score0.40176EPSS
Exploits10References1Affected Software1
seebug.org
seebug.org
added 2009/06/11 12:0 a.m.47 views

DX Studio Player < 3.0.29.1 Firefox plug-in Command Injection Vuln

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio Player Firefox plug-in command injectio...

9.3CVSS0.1AI score0.40176EPSS
Exploits10
Core Security
Core Security
added 2009/06/09 12:0 a.m.36 views

DX Studio Player Firefox plug-in command injection

1. Advisory Information Title: DX Studio Player Firefox plug-in command injection Advisory ID: CORE-2009-0521 Advisory URL:http://www.coresecurity.com/core-labs/advisories/DXStudio-player-firefox-plugin Date published: 2009-06-09 Date of last update: 2009-06-08 Vendors contacted: Worldweaver...

9.3CVSS7.5AI score0.40176EPSS
Exploits10
Rows per page
Query Builder