CVE-2012-2889

Cross-site scripting XSS vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS UXSS."...

CVE-2012-2889

Cross-site scripting XSS vulnerability in Google Chrome before 22.0.1229.79 allows remote attackers to inject arbitrary web script or HTML via vectors involving frames, aka "Universal XSS UXSS."...

TP-LINK TL-WR340G Denial Of Service

=== intro === TP-LINK TL-WR340G is a SOHO router with integrated IEEE 802.11b/g AP. Now it's marked End-of-Life. Transmitting crafted frames in proximity of working router cause device to malfunction. Wireless communication stops, existing clients don't receive frames from AP except beacons , new...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Scientific Linux. A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem emulation. An unprivileged, local guest user could provide a large number of bytes th...

SeaMonkey < 2.11.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.11.0. Such versions are potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948, CVE-2012-1949 - Several memory safety issues...

Thunderbird 10.0.x < 10.0.6 Multiple Vulnerabilities (Mac OS X)

The installed version of Thunderbird 10.0.x is potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948 - Several memory safety issues exist related to the Gecko layout engine...

CVE-2012-1952

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and...

Mozilla: Gecko memory corruption (MFSA 2012-44)

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and...

CVE-2012-1952

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and...

CVE-2012-2280

EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "Cross frame scripting vulnerability."...

PT-2012-4664 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.4.5 Description: The issue is related to multiple stack-based buffer overflows in the Near Field Communication Controller Interface NCI in the Linux kernel. This can be exploited by remote attackers who send...

UBUNTU-CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface NCI in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via incoming frames with crafted length fields...

CVE-2010-4648

The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...

Opera < 11.62 Multiple Vulnerabilities

The version of Opera installed on the remote Windows host is earlier than 11.62 and is, therefore, potentially affected by multiple vulnerabilities : - The download dialog box can be displayed in a very small window thus, tricking a user into not realizing it is open. Certain keyboard entries aft...

CVE-2012-1926

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

Design/Logic Flaw

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

CVE-2012-1926

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

CVE-2012-1926

CVE-2012-1926 affects the Opera web browser prior to 11.62. The issue arises when using the History API (history.pushState/history.replaceState) in conjunction with cross-domain frames, bypassing the Same Origin Policy and enabling unintended read access to history.state. The vulnerability is doc...

History.state can leak the state data from cross domain pages – Opera Security Advisories

When a site uses history.pushState and history.replaceState to add or replace history entries, it can also provide optional data, which may typically be used to restore the given state when the user navigates through their browser history. When pages with cross-domain frames use this functionalit...

RedHat Update for xen RHSA-2012:0370-01

Check for the Version of xen OpenVAS Vulnerability Test RedHat Update for xen RHSA-2012:0370-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...