EUVD-2012-2559

Malware in sbrugna...

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the parsemetaelementcreate function. An attacker can execute arbitrary code or cause a denial of service condition by causing the vulnerable application to process a malicious DICOM image. Remediation A fix was pushed...

SUSE CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a UR...

UBUNTU-CVE-2015-2711

Mozilla Firefox before 38.0 does not recognize a referrer policy delivered by a referrer META element in cases of context-menu navigation and middle-click navigation, which allows remote attackers to obtain sensitive information by reading web-server Referer logs that contain private data in a UR...

CVE-2014-4908

Multiple cross-site scripting XSS vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching 1 share/pnp/application/views/kohanaerrorpage.php or 2 share/pnp/application/views/template.php, leading to improper handling...

CVE-2012-2573

Multiple cross-site scripting XSS vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted Cascading Style Sheets CSS expression property, 3 a CSS expression property in the STYLE...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with 1 a SCRIPT element, 2 a crafted SRC attribute of an IFRAME element, 3 a crafted CONTENT attribute of an...

Google Chrome 'KEYGEN' Element Denial Of Service Vulnerability

Google Chrome is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Chrome 'KEYGEN' Element Denial Of Service Vulnerability

This host is installed with Google Chrome and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodgooglechromekeygendosvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Google Chrome 'KEYGEN' Element Denial Of Service Vulnerability Authors: Sharath S Copyright: Copyright...

Mozilla Firefox 'keygen' HTML Tag DOS Vulnerability (Windows)

The host is installed with Mozilla Firefox browser and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: gbfirefoxkeygendosvulnwin.nasl 4865 2016-12-28 16:16:43Z teissa $ Mozilla Firefox 'keygen' HTML Tag DOS Vulnerability Windows Authors: Antu Sanadi Copyright: Copyrig...

Code injection

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

CVE-2009-1828

Mozilla Firefox 3.0.10 allows remote attackers to cause a denial of service infinite loop, application hang, and memory consumption via a KEYGEN element in conjunction with 1 a META element specifying automatic page refresh or 2 a JavaScript onLoad event handler for a BODY element. NOTE: it was...

CVE-2007-4595

Cross-site scripting XSS vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving 1 lack of charset specification within a META element or 2 a META element that specifies an unrecognized charset, which trigger automatic...

Cross site scripting

Cross-site scripting XSS vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving 1 lack of charset specification within a META element or 2 a META element that specifies an unrecognized charset, which trigger automatic...

CVE-2007-4595

Cross-site scripting XSS vulnerability in Mayaa before 1.1.12 allows remote attackers to inject arbitrary web script or HTML in certain circumstances involving 1 lack of charset specification within a META element or 2 a META element that specifies an unrecognized charset, which trigger automatic...

CVE-2007-4595

CVE-2007-4595 is a cross-site scripting vulnerability in Mayaa prior to 1.1.12. The issue arises when a page lacks a charset in a META element or specifies an unrecognized charset, triggering automatic browser charset recognition and improper handling of UTF-7 data, allowing remote attackers to i...