Debian DSA-1950-1 : webkit - several vulnerabilities

Several vulnerabilities have been discovered in WebKit, a Web content engine library for Gtk+. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0945 Array index error in the insertItemBefore method in WebKit, allows remote attackers to execute...

DSA-1988-1 qt4-x11 - several vulnerabilities

Bulletin has no description...

Sun Java Plug-in Sandbox Security Bypass (CVE-2004-1029)

The Sun Java plug-in is a component of the Java 2 Runtime Environment. Sun's Java plug-in technology creates a connection between a Web browser and the Java platform. This connection enables Java applets, served from a Web site, to be run within a Web browser in a restricted environment, known as...

Ubuntu USN-857-1 (qt4-x11)

The remote host is missing an update to qt4-x11 announced via advisory USN-857-1. OpenVAS Vulnerability Test $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8571.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-857-1 qt4-x11 Authors: Thomas...

Ubuntu 8.10 / 9.04 : qt4-x11 vulnerabilities (USN-857-1)

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

USN-857-1: Qt vulnerabilities

It was discovered that QtWebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

Ubuntu: Security Advisory (USN-836-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 8.10 / 9.04 : webkit vulnerabilities (USN-836-1)

It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

USN-836-1: WebKit vulnerabilities

It was discovered that WebKit did not properly handle certain SVGPathList data structures. If a user were tricked into viewing a malicious website, an attacker could exploit this to execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0945 Several flaws were...

PT-2009-4302 · Mozilla +1 · Firefox +1

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions prior to 3.0.11 Description: A race condition in the NPObjWrapper NewResolve function might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, related to a use-after-fre...

CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

CVE-2009-1712

Removed by vendor...

CVE-2009-1712

CVE-2009-1712 affects WebKit in qt4-x11 (Qt4 X11) where WebKit does not prevent remote loading of local Java applets via APPLET/OBJECT, potentially allowing an attacker to execute arbitrary code, gain privileges, or access data. Public advisories (e.g., Debian DSA-1988-1, DSA-1950-1) document thi...

CVE-2009-1712

WebKit in Apple Safari before 4.0 does not prevent remote loading of local Java applets, which allows remote attackers to execute arbitrary code, gain privileges, or obtain sensitive information via an APPLET or OBJECT element...

Apple Mac OSX - Java applet Remote Deserialization Remote (2)

Apple Mac OSX - Java applet Remote Deserialization Remote 2 Critical Mac OS X Java Vulnerabilities Introduction Five months ago, CVE-2008-5353 and other vulnerabilities were publicly disclosed, and fixed by Sun. CVE-2008-5353 allows malicious code to escape the Java sandbox and run arbitrary...

Java applets can be used to read sensitive information – Opera Security Advisories

Java applets can be used to read sensitive information – Opera Security Advisories OPCOM Team | December 16, 2008 Severity: Highly Severe Problem Description Once a Java applet has been cached, if a page can predict the cache path for that applet, it can load the applet from the cache, causing it...

GLSA-200811-01 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200811-01 Opera: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Opera: Opera does not restrict the ability of a framed web page to change the address associated with a different frame CVE-2008-4195. Chri...

CVE-2008-1013

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet...

Deserialization of untrusted data

Apple QuickTime before 7.4.5 enables deserialization of QTJava objects by untrusted Java applets, which allows remote attackers to execute arbitrary code via a crafted applet...

QuickTime < 7.4.5 Multiple Vulnerabilities (Mac OS X)

The version of QuickTime installed on the remote Mac OS X host is older than 7.4.5. Such versions contain several vulnerabilities : - Untrusted Java applets may obtain elevated privileges CVE-2008-1013. - Downloading a movie file may lead to information disclosure CVE-2008-1014. - Viewing a...