Dangling pointer vulnerability in nsPluginArray — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the implementation of the window.navigator.plugins object. When a page reloads, the plugins array would reallocate all of its members without checking for existing references to each member. This could resu...

Very rare the TXT file hung it-vulnerability warning-the black bar safety net

| TXT file in the Insert a piece of JAVA code behind the HTML code is the IE implementation of Affected versions of IE6 7 8 Code: ‘scriptalertsb/script iframe src=http://xxxxx. org width=5 0 0 height=5 0 0/iframe Presentation: Reference: http://xxxxx.org/test.txt Picture hanging horse The above...

CVE-2010-1126

The JavaScript implementation in WebKit allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method...

Design/Logic Flaw

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus metho...

CVE-2010-1126

The JavaScript implementation in WebKit allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method...

Denial of service

The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service device reload via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability."...

CVE-2010-0578

CVE-2010-0578 affects Cisco IOS Software on Cisco 7200 Series and Cisco 7301 routers with a VPN Acceleration Module 2+ (VAM2+). The IKE implementation may be triggered by a malformed IKE packet to cause a remote denial of service (device reload). Public documentation from Cisco’s advisory (cisco-...

CVE-2010-0579

Cisco IOS Software SIP weaknesses (CVE-2010-0579) allow unauthenticated, remote attackers to trigger a device reload via malformed SIP messages; the issue affects Cisco IOS 12.3 and 12.4 with SIP enabled and is addressed by Cisco advisories (e.g., Cisco-SA-20100324-SIP) with official fixes. In th...

Ubuntu Update for thunderbird vulnerabilities USN-915-1

Ubuntu Update for Linux kernel vulnerabilities USN-915-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9151.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for thunderbird vulnerabilities USN-915-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

[SECURITY] Fedora 13 Update: gnu-smalltalk-3.1-8.fc13

GNU Smalltalk is an implementation that closely follows the Smalltalk-80 language as described in the book Smalltalk-80: the Language and its Implementation' by Adele Goldberg and David Robson. The Smalltalk programming language is an object oriented programming language. Unlike other Smalltalks...

CVE-2010-0008

The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service infinite loop via 1 an Out Of The Blue OOTB chunk or 2 a chunk of zero length...

CVE-2010-0008

CVE-2010-0008 affects the Linux kernel SCTP implementation prior to 2.6.23. The vulnerability in sctp_rcv_ootb allows remote attackers to cause a denial of service (infinite loop) via an Out Of The Blue (OOTB) chunk or a zero-length chunk. This CVE is also referenced in MiracleLinux AXSA-2010-166...

CVE-2010-0008

The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service infinite loop via 1 an Out Of The Blue OOTB chunk or 2 a chunk of zero length...

CVE-2010-0008

The sctprcvootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service infinite loop via 1 an Out Of The Blue OOTB chunk or 2 a chunk of zero length...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed...

GNU tar / cpio buffer overflow

Buffer overflow in rmt code implementation...

Mozilla Firefox Browser Engine Memory Corruption (CVE-2009-3382)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs on the Windows,...

Mozilla Firefox SVG Element Processing Memory Corruption (CVE-2009-2469)

Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, and various graphic formats, and so on. The browser runs on Windows,...

Debian DSA-1956-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3986 : David James discovered that the window.opener...

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation.

Enomaly ECP: Multiple vulnerabilities in VMcasting protocol & implementation. Synopsis Enomaly ECP up to and including v3.0.4 is believed to contain an insecure silent update mechanism that could allow a remote attacker to execute arbitrary code as root, and to inject or modify VM workloads for...