Critical: Red Hat Security Advisory: xulrunner security update

Updated xulrunner packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

OpenJDK ICU Opentype layout engine crash (6963285)

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. An attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Fail...

Debian DSA-2106-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...

DMXready Polling Booth Manager - SQL Injection

DMXready Polling Booth Manager - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: DMXready Polling Booth Manager SQLi Vulnerability Vendor url:http://www.dmxready.com Version:1 Price:79$ Published: 2010-09-6 GThanx to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA120...

Microsoft Releases New Version of EMET Exploit Mitigation Toolkit

Mitigation has become the word of the moment at Microsoft, and the company on Thursday continued its recent flow of tools designed to lessen the effectiveness of certain attacks with the release of version 2.0 of its Enhanced Mitigation Experience Toolkit. The new version of the toolkit includes ...

Debian Security Advisory DSA 2075-1 (xulrunner)

The remote host is missing an update to xulrunner announced via advisory DSA 2075-1. OpenVAS Vulnerability Test $Id: deb20751.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2075-1 xulrunner Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

Debian: Security Advisory (DSA-2075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "HTML Layout Memory Corruption Vulnerability."...

Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Apple Safari Webkit foreignObject元素释放后使用漏洞

BUGTRAQ ID: 42046 CVE ID: CVE-2010-1786 Safari是苹果家族机器操作系统中默认捆绑的WEB浏览器。 Safari的Webkit对用于将外部文档嵌入到SVG名称空间的特殊标签的布局实现中存在漏洞。之后在尝试计算用于渲染标签内容的布局信息时，可能会访问之前已被释放的linebox，导致执行任意代码。 Apple Safari 5.x Apple Safari 4.x 厂商补丁： Apple ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.apple.com/safari/download/...

ZDI-10-141: Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability

ZDI-10-141: Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-141 August 5, 2010 -- CVE ID: CVE-2010-1786 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Apple -- Affected Products: Apple Safari --...

Apple Webkit SVG ForeignObject Rendering Layout Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari's Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Webkit's...

Google Chrome Multiple Unspecified Vulnerabilities - July 10

The host isnstalled with Google Chrome and is prone to multiple unspecified vulnerabilities. OpenVAS Vulnerability Test $Id: secpodgooglechromemultunspecifiedvulnjul10.nasl 5394 2017-02-22 09:22:42Z teissa $ Google Chrome Multiple Unspcified Vulnerabilities - July 10 Authors: Madhuri D Copyright:...

Debian DSA-2075-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-0182 Wladimir Palant discovered that security checks in XML processing were insufficiently...

CVE-2010-2899

Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows remote attackers to obtain sensitive information from process memory via unknown vectors...

CVE-2010-2899

Removed by vendor...

Frog CMS 0.9.5 Cross Site Request Forgery

Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download: http://www.madebyfrog.com/public/download/files/frog095.tar.gz --- -= CSRF PoC 1 - Create Admin User =- Frog CMS 0.9.5 Multiple CSRF Vulnerabilities - Create Admin User -= CSRF PoC 2 - Delete User =- -= CSRF PoC 3...

Fedora Update for python-mako FEDORA-2010-10544

Check for the Version of python-mako OpenVAS Vulnerability Test Fedora Update for python-mako FEDORA-2010-10544 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...