Scientific Linux Security Update : thunderbird on SL4.x,SL5.x i386/x86_64

Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could possibly lead to arbitrary code execution with the privileges of the user running Thunderbird. CVE-2011-0080...

Mozilla Products Certificate Page Clickjacking Vulnerability (Windows)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to clickjacking vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsclickjackingvulnwin.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Certificate Page Clickjacking Vulnerability Windows Authors:...

Mozilla Products Certificate Page Clickjacking Vulnerability (Mac OS X)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to clickjacking vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsclickjackingvulnmacosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Certificate Page Clickjacking Vulnerability Mac OS X Authors:...

Code injection

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted...

Mozilla: Clickjacking of certificate warning page (MFSA 2012-54)

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted...

Mozilla: Clickjacking of certificate warning page (MFSA 2012-54)

The certificate-warning functionality in browser/components/certerror/content/aboutCertError.xhtml in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.10 does not properly handle attempted...

Clickjacking of certificate warning page — Mozilla

Security Researcher Matt McCutchen reported that a clickjacking attack using the certificate warning page. A man-in-the-middle MITM attacker can use an iframe to display its own certificate error warning page about:certerror with the "Add Exception" button of a real warning page from a malicious...

Plesk Zero Day Exploit in the Wild, Thousands of sites got Hacked

Sucuri Malware Labs notify that some zero-day exploits are available to Hackers which are being used to Hack into Parallels' Plesk Panel Port Number 8443. These attacks was keep on raising from last few months as you can see in the Graph: At least 4000 new websites were infected each day, Sucuri...

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

Binary data 800967.prm...

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

Binary data 6508.pasl...

BlackHole Exploit Kit Gets New Domain-Generation Algorithm

Nothing is more frustrating than spending days or weeks compromising dozens of Web sites and setting up your network of malicious redirects and then finding out that someone has screwed it all up by taking down one of your infected sites. Luckily, the crew behind the BlackHole exploit kit has...

CVE-2012-2815

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain...

CVE-2012-2815

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain...

Information disclosure

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain...

CVE-2012-2815

Google Chrome before 20.0.1132.43 allows remote attackers to obtain potentially sensitive information from a fragment identifier by leveraging access to an IFRAME element associated with a different domain...

CVE-2012-2815

CVE-2012-2815 affects Chromium/Chrome where an attacker could access information from a fragment identifier by abusing an IFRAME tied to a different origin. The connected advisories/document set corroborate chromium-related vulnerabilities and list CVE-2012-2815 among affected entries. Gentoo/Ope...

CVE-2012-2815

Removed by vendor...

Google Chrome < 20.0.1132.43 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 20.0.1132.43 and is, therefore, affected by the following vulnerabilities : - An error exists related to the loading of the 'metro' DLL. CVE-2012-2764 - An error exists related to the leaking of iframe fragment id...

Opera Multiple Denial of Service Vulnerabilities - June12 (Mac OS X)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12macosx.nasl 5912 2017-04-10 09:01:51Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Mac OS X Authors: Sooraj KS Copyright:...

Opera Multiple Denial of Service Vulnerabilities - June12 (Linux)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12lin.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Linux Authors: Sooraj KS Copyright: Copyright ...