CVE-2010-1940

Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of thi...

CVE-2010-1940

Removed by vendor...

Google Chrome Cross Site Data Leakage Vulnerability - Windows

Google Chrome Web Browser is prone to cross site data leakage vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-1851

Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage"...

Cross site scripting

Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage"...

Cross site scripting

Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site...

CVE-2010-1851

Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP requests in a possibly unexpected manner, which might allow remote web servers to identify specific persons and their product searches via HTTP request logging, related to a "cross-site data leakage"...

CVE-2010-1851

CVE-2010-1851 affects Google Chrome with the Invisible Hand extension enabled. The issue stems from cookies being used during background HTTP requests, which could enable remote servers to correlate requests and identify specific users and their product searches through HTTP request logging, desc...

Google Chrome Multiple Vulnerabilities (win)

This host is installed with Google Chrome Web Browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultvulnapr10.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Vulnerabilities win Authors: Madhuri D Updated By: Madhuri D on 2010-05-10...

Google Chrome 4.1.249.1059 Multiple Vulnerabilities - Windows

Google Chrome Web Browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Wing FTP Server HTTP Directory Traversal Vulnerability

Christian Navarrete has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an input validation error when processing HTTP requests. This can be exploited to access files outside the web ro...

Code injection

Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the service access control list SACL for weblogs during weblog creation, which allows remote authenticated users to publish content via HTTP requests...

Serv-U < 9.4.0.0

According to its banner, the installed version of Serv-U is earlier than 9.4.0.0, and is, therefore, potentially affected by the following issues : - When importing users, restricted administrators could create user accounts outside their home directory. - When exporting users, restricted...

Secunia Research: Quicksilver Forums Cross-Site Request Forgery Vulnerability

====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Cross-Site Request Forgery Vulnerability - ====================================================================== Table of Contents Affected...

osDate 2.1.9 - Remote File Inclusion

======================================================================================== o osDate Remote File Inclusion Vulnerabilities Software : osDate dating and matchmaking script version 2.1.9 mostly affected Vendor : http://www.tufat.com/ Download : http://www.tufat.com/sfreedatingsystem.ht...

Microsoft Excel DbOrParamQry memory corruption

Added: 03/11/2010 CVE: CVE-2010-0264 BID: 38555 OSVDB: 62823 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability in Microsoft Excel allows command execution when a user...

Zenoss Server Multiple Vulnerabilities

The host is running Zenoss Server and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbzenossservmultvuln.nasl 5388 2017-02-21 15:13:30Z teissa $ Zenoss Server Multiple Vulnerabilities Authors: Rachana Shetty Copyright: Copyright c 2010 SecPod, http://www.secpod.com This...

MDaemon Raw Message Handler Buffer Overflow (CVE-2003-1200)

WorldClient is a program listening on TCP/3000 and executing the CGI program Form2Raw, which processes HTTP requests. The vulnerable products do not require any user credentials to access the program. The specially crafted content will be passed unchecked to the vulnerable server program, MDaemon...

Trend Micro OfficeScan Console Authentication Buffer Overflow (CVE-2007-3454)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on the nodes of an enterprise network. The product is a central command centre...

Novell GroupWise Messenger HTTP POST Request Invalid Memory Access (CVE-2006-4511)

Novell GroupWise Messenger is a corporate instant messaging solution targeted towards medium to large enterprise organizations. It facilitates secure communications and policy-based management through Novell's eDirectory product suite. The product is based on a client-server model where messaging...