1002 matches found
DSA-2821-1 gnupg - side channel attack
Bulletin has no description...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
WordPress < 3.6.1 PHP object injection vulnerability-vulnerability warning-the black bar safety net
0x00 background When I read an article about the Joomla“PHP object injection”vulnerability in a blog post, I dug deep it found Stefan Esser God in 2 0 1 0 annual black hat conference articles: http://media.blackhat.com/bh-us- ... Exploits-slides. pdf This article has mentioned in PHP unserialize...
Samba SetInformationPolicy AuditEventsInfo Heap Overflow (CVE-2012-1182)
A heap overflow vulnerability has been reported in Samba daemon. The vulnerability is due to an error on the PIDL auto-generated code in the LSA RPC service of the Samba daemon. Remote attackers could exploit this vulnerability by making a specially crafted call to SetInformationPolicy to set a...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
[SECURITY] Fedora 17 Update: php-5.4.16-1.fc17
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
OpenJDK: Frame injection in generated HTML (Javadoc, 8012375)
Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous...
WordPress Plugin Terillion Reviews - Profile Id HTML Injection
source: https://www.securityfocus.com/bid/58415/info The Terillion Reviews plugin for WordPress is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will allow attacker-supplied...
Astaro Security Gateway 8.1 - HTML Injection
source: https://www.securityfocus.com/bid/51301/info Astaro Security Gateway is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code would run in the context of t...
SimpleInvoices invoices Module - Customer Field Cross-Site Scripting
source: https://www.securityfocus.com/bid/56882/info Simple Invoices is prone to multiple HTML-injection vulnerabilities and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. Successful exploits will...
FreeBSD Ports: rt40
The remote host is missing an update to the system as announced in the referenced advisory. VID 4b738d54-2427-11e2-9817-c8600054b392 OpenVAS Vulnerability Test $ Description: Auto generated from VID 4b738d54-2427-11e2-9817-c8600054b392 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
[Dissy] Graphical frontend to the objdump disassembler
Dissy is a graphical frontend to the objdump disassembler. Dissy can be used for debugging and browsing compiler-generated code. Download Dissy...
OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect integrity, related to CORBA...
OpenJDK: mutable repository identifiers in generated stub code (CORBA, 7143851)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.237 and earlier allows remote attackers to affect integrity, related to CORBA...
AxisInternet VoIP Manager - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/55589/info AxisInternet VoIP Manager is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content. An attacker may leverage these issues to execute...