CVE-2012-1952

The nsTableFrame::InsertFrames function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 does not properly perform a cast of a frame variable during processing of mixed row-group and...

CVE-2012-2280

EMC RSA Authentication Manager 7.1 before SP4 P14 and RSA SecurID Appliance 3.0 before SP4 P14 do not properly use frames, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a "Cross frame scripting vulnerability."...

PT-2012-4664 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.4.5 Description: The issue is related to multiple stack-based buffer overflows in the Near Field Communication Controller Interface NCI in the Linux kernel. This can be exploited by remote attackers who send...

UBUNTU-CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface NCI in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via incoming frames with crafted length fields...

CVE-2010-4648

The orinocoioctlsetauth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames...

Opera < 11.62 Multiple Vulnerabilities

The version of Opera installed on the remote Windows host is earlier than 11.62 and is, therefore, potentially affected by multiple vulnerabilities : - The download dialog box can be displayed in a very small window thus, tricking a user into not realizing it is open. Certain keyboard entries aft...

CVE-2012-1926

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

Design/Logic Flaw

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

CVE-2012-1926

CVE-2012-1926 affects the Opera web browser prior to 11.62. The issue arises when using the History API (history.pushState/history.replaceState) in conjunction with cross-domain frames, bypassing the Same Origin Policy and enabling unintended read access to history.state. The vulnerability is doc...

CVE-2012-1926

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the 1 history.pushState and 2 history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information...

History.state can leak the state data from cross domain pages – Opera Security Advisories

When a site uses history.pushState and history.replaceState to add or replace history entries, it can also provide optional data, which may typically be used to restore the given state when the user navigates through their browser history. When pages with cross-domain frames use this functionalit...

RedHat Update for xen RHSA-2012:0370-01

Check for the Version of xen OpenVAS Vulnerability Test RedHat Update for xen RHSA-2012:0370-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Important: Red Hat Security Advisory: xen security and bug fix update

Updated xen packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

USN-1369-1: Thunderbird vulnerabilities

Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Thunderbird can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, o...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 68ac6266-25c3-11e1-b63a-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 68ac6266-25c3-11e1-b63a-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Ubuntu Update for ubufox USN-1355-3

Ubuntu Update for Linux kernel vulnerabilities USN-1355-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN13553.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ubufox USN-1355-3 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1355-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1355-3: ubufox and webfav update

USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. Original advisory details: It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect...

USN-1355-1: Firefox vulnerabilities

It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. CVE-2012-0450 Nicolas Gregoire and Aki Helin discovered that when processing a malformed...

Wireless Penetration Testing Series Part 2: Basic concepts of WLANs

Wireless Penetration Testing Series Part 2: Basic concepts of WLANs This blog post is in continuation of the Wireless Penetration Testing and Hacking series we started Part 1: Getting Started with Monitoring and Injection on the basis of the "SecurityTube Wi-Fi Security Expert" SWSE course which ...