Microsoft Warns of New IE Zero Day

UPDATE–Microsoft is looking into reports of targeted attacks against a new vulnerability that exists in all supported versions of Internet Explorer. The attacks are targeting IE 8 and 9 and there’s no patch for the vulnerability right now, though Microsoft has developed a FixIt tool for it. “The...

Scientific Linux Security Update : elinks on SL4.x, SL5.x i386/x86_64

CVE-2007-2027 elinks tries to load .po files from a non-absolute path CVE-2008-7224 elinks: entitycache static array buffer overflow off-by-one An off-by-one buffer overflow flaw was discovered in the way ELinks handled its internal cache of string representations for HTML special entities. A...

CVE-2012-2364

Cross-site scripting XSS vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a...

Flock 2.6.1 Denial Of Service

Exploit Title: Flock 2.6.1 DoS Date: 29/03/2012 Author: r45c4l Email: [email protected] Product url: http://flock.en.softonic.com/ Version: 2.6.1 CVE : :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: Produ...

CVE-2011-1940

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

CVE-2011-1940

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

CVE-2011-1940

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

CVE-2011-1940

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.3.x before 3.3.10.1 and 3.4.x before 3.4.1 allow remote attackers to inject arbitrary web script or HTML via a crafted table name that triggers improper HTML rendering on a Tracking page, related to 1 libraries/tbllinks.inc.php and...

Ubuntu 10.04 LTS / 10.10 : thunderbird vulnerabilities (USN-1122-1)

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-3.0, firefox-3.5, xulrunner-1.9.2 vulnerabilities (USN-1112-1)

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. CVE-2011-0081 It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker...

Ubuntu 11.04 : thunderbird vulnerabilities (USN-1122-2)

USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. This update provides the corresponding fixes for Natty. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the...

USN-1122-3: Thunderbird regression

USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A regression was introduced which caused Thunderbird to display an empty menu bar. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that there was a vulnerability in the...

Ubuntu Update for firefox USN-1112-1

Ubuntu Update for Linux kernel vulnerabilities USN-1112-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11121.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for firefox USN-1112-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1122-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-1112-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1122-2: Thunderbird vulnerabilities

USN-1122-1 fixed vulnerabilities in Thunderbird for Lucid and Maverick. This update provides the corresponding fixes for Natty. Original advisory details: It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibl...

USN-1122-1: Thunderbird vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. CVE-2011-0081 It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If...

USN-1112-1: Firefox and Xulrunner vulnerabilities

It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Firefox. CVE-2011-0081 It was discovered that Firefox incorrectly handled certain JavaScript requests. An attacker...

Apple Safari and Google Chrome Webkit Object Outline Memory Corruption (CVE-2010-1813)

WebKit is a development toolkit which allows third party developers to build applications that use Internet technologies such as HTML, HTTP, and others. A remote attacker could exploit this issue by convincing a user to open a maliciously crafted HTML, which may allow the attacker to execute...