3800 matches found
Debian DSA-1885-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3070 Jesse Ruderman discovered crashes in the layout...
Debian DSA-1830-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted...
Debian DSA-1999-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1571 Alin Rad Pop discovered that incorrect memory...
Debian DSA-1922-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3380 Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers...
[SECURITY] [DSA 1999-1] New xulrunner packages fix several vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1999-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 18, 2010 http://www.debian.org/security/faq -...
DSA-1999-1 xulrunner - several vulnerabilities
Bulletin has no description...
kernel: personality: fix PER_CLEAR_ON_SETID
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...
Microsoft IE表格布局重用远程代码执行漏洞(MS10-002)
BUGTRAQ ID: 37892 CVE ID: CVE-2010-0245 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 在表格容器中使用特定的元素时,如果删除了其中一个元素,IE就会错误的从布局树中解除对该元素的链接。之后在遍历这个树的时候,IE会重新使用已经释放的对象。 攻击者可以通过构建特制的网页来利用该漏洞,当用户查看网页时,该漏洞可能允许远程执行代码。 Microsoft Internet Explorer 8.0 临时解决方法: 将Internet...
Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when specific elements are used with...
Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a Col element is used within an...
DasForum Local File Inclusion
'/ -.- --------------------oOO------OOo------------------- | DasForum layout Local File Inclusion Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Download: http://mirror.vocabbuilder.net/savannah/dasforum/ ! Date:...
Mandriva Update for kdepim4 MDVA-2010:013 (kdepim4)
Check for the Version of kdepim4 OpenVAS Vulnerability Test Mandriva Update for kdepim4 MDVA-2010:013 kdepim4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Layout CMS 1.0 SQL-Injection and Cross-Site Scripting Vulnerabilities
Layout CMS 1.0 SQL-Injection and Cross-Site Scripting Vulnerabilities. Webapps exploit for php platform source: http://www.securityfocus.com/bid/40415/info Layout CMS is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize...
OpenJDK information leaks in mutable variables (6588003,6656586,6656610,6656625,6657133,6657619,6657625,6657695,6660049,6660539,6813167)
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context-dependent attackers to obtain sensitive information via vectors involving static variables that are declared without the final keyword, related to 1 LayoutQueue, 2 Cursor.predefined, 3...
K-Meleon 1.5.3 Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
kernel: personality: fix PER_CLEAR_ON_SETID
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easier for local users to leverage the details of memory usage to 1 conduct NULL...
Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Windows)
This host is installed with Mozilla Firefox and is pront to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxdosvulnnov09win.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox Denial Of Service Vulnerability Nov-09 Windows Authors: Sharath S Copyright: Copyright c 20...
Mozilla Firefox Denial Of Service Vulnerability Nov-09 (Linux)
This host is installed with Mozilla Firefox and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxdosvulnnov09lin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox Denial Of Service Vulnerability Nov-09 Linux Authors: Sharath S Copyright: Copyright c 2009...
Mandriva Linux Security Advisory : kernel (MDVSA-2009:289)
Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PERCLEARONSETID setting that does not clear the ADDRCOMPATLAYOUT and MMAPPAGEZERO flags when executing a setuid or setgid program, which makes it easi...
USN-852-1: Linux kernel vulnerabilities
Solar Designer discovered that the z90crypt driver did not correctly check capabilities. A local attacker could exploit this to shut down the device, leading to a denial of service. Only affected Ubuntu 6.06. CVE-2009-1883 Michael Buesch discovered that the SGI GRU driver did not correctly check...