CVE-2010-5070

The JavaScript implementation in Apple Safari 4 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method, a different vulnerability tha...

Design/Logic Flaw

The Cascading Style Sheets CSS implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document. NOTE: this may overlap CVE-2010-2264...

CVE-2010-5072

The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method...

CVE-2002-2437

The CVE-2002-2437 entry describes an information-disclosure flaw in the JavaScript implementation of Mozilla Firefox (before 4.0), Thunderbird (before 3.3), and SeaMonkey (before 2.1). The vulnerability arises from improper restrictions on the values returned by getComputedStyle, enabling remote ...

[SECURITY] [DSA 2358-1] openjdk-6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2358-1 [email protected] http://www.debian.org/security/ December 05, 2011 http://www.debian.org/security/faq - -------------------------------------------------------------------------...

Debian DSA-2356-1 : openjdk-6 - several vulnerabilities (BEAST)

Several vulnerabilities have been discovered in OpenJDK, an implementation of the Java platform : - CVE-2011-3389 The TLS implementation does not guard properly against certain chosen-plaintext attacks when block ciphers are used in CBC mode. - CVE-2011-3521 The CORBA implementation contains a...

[USN-1268-1] Linux kernel vulnerabilities

========================================================================== Ubuntu Security Notice USN-1268-1 November 21, 2011 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

Ubuntu Update for linux USN-1268-1

Ubuntu Update for Linux kernel vulnerabilities USN-1268-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12681.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for linux USN-1268-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu 8.04 LTS : linux vulnerabilities (USN-1268-1)

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

USN-1268-1: Linux kernel vulnerabilities

It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...

USN-1263-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Deepak Bhole discovered a flaw in the Same Origin Policy SOP implementation in the IcedTea web browser plugin. This could allow a remote attacker to open connections to certain hosts that should not be permitted. CVE-2011-3377 Juliano Rizzo and Thai Duong discovered that the block-wise AES...

Mandriva Linux Security Advisory : java-1.6.0-openjdk (MDVSA-2011:170)

Security issues were identified and fixed in openjdk icedtea6 and icedtea-web : IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking CVE-2011-3547. IcedTea6 prior to 1.10.4 allow...

PBCS Technology - articlenav.php SQL Injection

PBCS Technology - articlenav.php SQL Injection source: https://www.securityfocus.com/bid/50577/info PBCS Technology is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacke...

Admin Bot - 'news.php' SQL Injection

source: https://www.securityfocus.com/bid/50562/info Admin Bot is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...

Admin Bot - news.php SQL Injection

Admin Bot - news.php SQL Injection source: https://www.securityfocus.com/bid/50562/info Admin Bot is prone to an SQL Injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...

Moderate: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and four bugs are now available for Red Hat Enterprise Linux 5.6 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...

USN-1244-1: Linux kernel (OMAP4) vulnerabilities

Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. CVE-2010-3873 Andrea Righi discovered a race condition in the KSM memory merging support. If KSM was being...

Null pointer dereference

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...

CVE-2011-1478

The napireuseskb function in net/core/dev.c in the Generic Receive Offload GRO implementation in the Linux kernel before 2.6.38 does not reset the values of certain structure members, which might allow remote attackers to cause a denial of service NULL pointer dereference via a malformed VLAN fra...

CVE-2011-3347

A certain Red Hat patch to the be2net implementation in the kernel package before 2.6.32-218.el6 on Red Hat Enterprise Linux RHEL 6, when promiscuous mode is enabled, allows remote attackers to cause a denial of service system crash via non-member VLAN packets...