506 matches found
USN-2602-1 firefox vulnerabilities
Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Gary Kwong, Andrew McCreight, Christian Holler, Jon Coppeard, and Milan Sreckovic discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...
mod_jk: information leak due to incorrect JkMount/JkUnmount directives processing
It was discovered that a JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to potentially access a private artifact in a tree that would otherwise not be accessible to them...
Seagate BlackArmor NAS - Multiple Vulnerabilities
No description provided by source. Exploit Title: Seagate BlackArmor NAS Multiple Vulnerabilities Date: 2/17/14 Exploit Author: Shayan Sadigh twitter.com/r1pplex | [email protected] Vendor Homepage: http://www.seagate.com/external-hard-drives/network-storage/ Version: All BlackArmor NAS...
USN-2210-1: cups-filters vulnerability
Sebastian Krahmer discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands. CVE-2014-2707 Johannes Meixner discovered that cups-browsed ignored invalid BrowseAllow directives. This could cause...
Blank password may bypass user authentication
The ActiveDirectoryLdapAuthenticator does not check the password length. If the directory allows anonymous binds then it may incorrectly authenticate a user who supplies an empty password...
CVE-2012-2663
extensions/libxttcp.c in iptables through 1.4.21 does not match TCP SYN+FIN packets in --syn rules, which might allow remote attackers to bypass intended firewall restrictions via crafted packets. NOTE: the CVE-2012-6638 fix makes this issue less relevant...
Photodex ProShow Producer 5.0.3297 Memory Corruption
Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: Photodex ProShow Producer Vendor URL: www.photodex.com Type: Improper Restriction of Operations within the Bounds of a Memory BufferCWE-119 Date found: 2013-02-14 Date published: 2013-02-14...
SuSE Update for seamonkey openSUSE-SU-2012:0935-1 (seamonkey)
Check for the Version of seamonkey OpenVAS Vulnerability Test $Id: gbsuse201209351.nasl 8249 2017-12-27 06:29:56Z teissa $ SuSE Update for seamonkey openSUSE-SU-2012:0935-1 seamonkey Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...
Apple RemoteDesktop information leakage
VNC enctyprion settings are ignored...
Grand phpcmsv9 burst pipe processing password vulnerability-vulnerability warning-the black bar safety net
Vulnerability type: SQL injection vulnerability Hazard rating: high The self-assessment Rank: 1 to 5 Vulnerability status: the vulnerability has notified the manufacturer but the manufacturer ignored the vulnerability Brief description: Grand phpcmsv9 squib processing the password vulnerability o...
Mozilla Firefox < 14.0 Multiple Vulnerabilities
Binary data 6519.prm...
Buenosaires.gov.ar SQL Injection
http://www.dim.buenosaires.gov.ar/areas/hacienda/isc/cursos/curso.php?id=-236%20union%20select%20user,2,version,4,database,6&modo=presencial&qrs=1 and the answer is ... [email protected]. Área Temática Gestión y Conducción. Modalidad Presencial. Resumen Temático stproduccion...
RSA Authentication Client information leal
SENSITIVE and NON-EXTRACTABLE flags are ignored for shared kay, making it possible to extract it...
Mozilla Firefox < 3.5.10 Multiple Vulnerabilities
Binary data 5579.prm...
Firefox < 3.5.10 Multiple Vulnerabilities
The installed version of Firefox is earlier than 3.5.10. Such versions are potentially affected by the following security issues : - A memory corruption vulnerability can lead to arbitrary code execution if garbage collection is carefully timed after DOM nodes are moved between documents. MFSA...
mozilla -- multiple vulnerabilities
Mozilla Project reports: MFSA 2010-33 User tracking across sites using Math.random MFSA 2010-32 Content-Disposition: attachment ignored if Content-Type: multipart also present MFSA 2010-31 focus behavior can be used to inject or steal keystrokes MFSA 2010-30 Integer Overflow in XSLT Node Sorting...
openSUSE Security Update : seamonkey (seamonkey-2013)
Mozilla SeaMonkey was upgraded to version 2.0.3, fixing various bugs and security issues. Following security issues have been fixed: MFSA 2010-01 / CVE-2010-0159: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products...
nfs-utils: incorrect use of tcp_wrappers, causing hostname-based rules to be ignored
The goodclient function in nfs-utils 1.0.9, and possibly other versions before 1.1.3, invokes the hostsctl function with the wrong order of arguments, which causes TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-509)
The Mozilla Firefox browser is updated to version 3.0.6 fixing various security and stability issues. MFSA 2009-01 / CVE-2009-0352 / CVE-2009-0353: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these...
CVE-2006-0814
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing 1 "." dot and 2 space characters, which are ignored by Windows, as demonstrated by PHP files...