otrs -- XSS vulnerability could lead to remote code execution

The OTRS Project reports: This advisory covers vulnerabilities discovered in the OTRS core system. This is a variance of the XSS vulnerability, where an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your browser while displaying th...

CVE-2012-4193

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR 10.x before 10.0.9, and SeaMonkey before 2.13.1 omit a security check in the defaultValue function during the unwrapping of security wrappers, which allows remote attackers to bypass the Same...

CVE-2012-4193

CVE-2012-4193 affects Mozilla Firefox and related Mozilla products (Firefox before 16.0.1, Firefox ESR before 10.0.9, Thunderbird before 16.0.1, Thunderbird ESR before 10.0.9, SeaMonkey before 2.13.1). Root cause: a security check in the defaultValue unwrapping of security wrappers is omitted, al...

CVE-2012-3986

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils aka nsDOMWindowUtils methods, which allows remote attackers to bypass intended access restrictions v...

CVE-2012-3986

Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict calls to DOMWindowUtils aka nsDOMWindowUtils methods, which allows remote attackers to bypass intended access restrictions v...

CVE-2012-4907

Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page...

CVE-2012-4907

Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page...

Mozilla Firefox Multiple Vulnerabilities - August12 (Mac OS X)

This host is installed with Mozilla Firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxmultvulnaug12macosx.nasl 5958 2017-04-17 09:02:19Z teissa $ Mozilla Firefox Multiple Vulnerabilities - August12 Mac OS X Authors: Rachana Shetty Copyright: Copyrig...

otrs -- XSS vulnerability in Internet Explorer could lead to remote code execution

The OTRS Project reports: This advisory covers vulnerabilities discovered in the OTRS core system. Due to the XSS vulnerability in Internet Explorer an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your Internet Explorer while...

otrs -- XSS vulnerability in Internet Explorer

OTRS Security Advisory reports: This advisory covers vulnerabilities discovered in the OTRS core system. Due to the XSS vulnerability in Internet Explorer an attacker could send a specially prepared HTML email to OTRS which would cause JavaScript code to be executed in your Internet Explorer whil...

Total Shop UK eCommerice Cross Site Scripting

/------------------------------------------------------\ | Total Shop UK eCommerce Generic Cross-Site Scripting | ------------------------------------------------------/ Summary ======= The open source version of Total Shop UK eCommerce based on CodeIgniter version 2.1.2 is subject to a cross-sit...

MS12-037 Microsoft Internet Explorer Fixed Table Col Span Heap Overflow

This module exploits a heap overflow vulnerability in Internet Explorer caused by an incorrect handling of the span attribute for col elements from a fixed table, when they are modified dynamically by javascript code. This module requires Metasploit: https://metasploit.com/download Current source...

Mozilla Firefox Multiple Vulnerabilities - July12 (Mac OS X)

This host is installed with Mozilla firefox and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillafirefoxmultvulnjul12macosx.nasl 5963 2017-04-18 09:02:14Z teissa $ Mozilla Firefox Multiple Vulnerabilities - July12 Mac OS X Authors: Rachana Shetty Copyright: Copyright...

CVE-2012-2844

The PDF functionality in Google Chrome before 20.0.1132.57 does not properly handle JavaScript code, which allows remote attackers to cause a denial of service incorrect object access or possibly have unspecified other impact via a crafted document...

Opera Multiple Denial of Service Vulnerabilities - June12 (Mac OS X)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12macosx.nasl 5912 2017-04-10 09:01:51Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Mac OS X Authors: Sooraj KS Copyright:...

Opera Multiple Denial of Service Vulnerabilities - June12 (Windows)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12win.nasl 5931 2017-04-11 09:02:04Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Windows Authors: Sooraj KS Copyright: Copyrigh...

Opera Multiple Denial of Service Vulnerabilities - June12 (Linux)

The host is installed with Opera and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gboperamultdosvulnjune12lin.nasl 6018 2017-04-24 09:02:24Z teissa $ Opera Multiple Denial of Service Vulnerabilities - June12 Linux Authors: Sooraj KS Copyright: Copyright ...

Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Windows

Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Opera Multiple Denial of Service Vulnerabilities (Jun 2012) - Mac OS X

Opera is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-3566

Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service application hang via JavaScript code that changes a form before submission...