7588 matches found
CVE-2008-4122
Joomla! 1.5.8 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
Design/Logic Flaw
Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not set the secure flag for the PHPSESSID cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
CVE-2008-3057
Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not set the secure flag for the PHPSESSID cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
CVE-2008-3057
Octeth Oempro 3.5.5.1, and possibly other versions before 4, does not set the secure flag for the PHPSESSID cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session...
WebLogic simple catch the chicken law-vulnerability and early warning-the black bar safety net
This article has been published in the hacker X-Files for 2 0 0 8 year 1 1 issue of the magazine on After the author published on the blog, such as reproduced please retain this information! Tomcat is estimated to many people to bring a N meaty chicken server, directly scan weak passwords, into t...
GLSA-200811-01 : Opera: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200811-01 Opera: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Opera: Opera does not restrict the ability of a framed web page to change the address associated with a different frame CVE-2008-4195. Chri...
Mantis < 1.1.4 HTTPS Session Cookie Secure Flag Weakness
Binary data 4694.prm...
CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
DEBIAN-CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
Design/Logic Flaw
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
CVE-2008-4796
The httpsrequest function Snoopy/Snoopy.class.php in Snoopy 1.2.3 and earlier, as used in 1 ampache, 2 libphp-snoopy, 3 mahara, 4 mediamate, 5 opendb, 6 pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs...
Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS While Processing SSL Packet Advisory ID: cisco-sa-20080924-ssl http://www.cisco.com/warp/public/707/cisco-sa-20080924-ssl.shtml Revision 1.0 For Public Release 2008 September 24 1600 UTC GMT -...
CVE-2008-4198
Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page...
CVE-2008-4198
Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page...
Design/Logic Flaw
Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page...
CVE-2008-4198
Opera before 9.52, when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection, which might allow remote attackers to trick a user into performing unsafe actions on the http page...
CVE-2008-4198
CVE-2008-4198 affects Opera before 9.52. When an HTTP page that loads an HTTPS page in a frame is rendered, Opera shows a padlock security indicator and a dialog for a secure connection, which could mislead users into unsafe actions on the HTTP page. Connected advisories confirm this as a frame/s...