Lucene search
K

4397 matches found

CVE
CVE
added 2008/09/10 4:0 p.m.114 views

CVE-2008-2326

CVE-2008-2326 affects Apple Bonjour for Windows (mDNSResponder) prior to 1.0.5. The vulnerability is a NULL pointer dereference when resolving a crafted .local domain name with a long label, leading to denial of service (application crash). Public docs from multiple sources confirm the issue and ...

5CVSS5.9AI score0.07551EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/03/04 12:0 a.m.43 views

openSUSE 10 Security Update : apache2-mod_jk (apache2-mod_jk-4997)

Fixed various issues in tomcat : - CVE-2007-3382: Handling of cookies containing a ' character - CVE-2007-3385: Handling of ' in cookies - CVE-2007-5641: tomcat path traversal / information leak - CVE-2007-1860: directory traversal - CVE-2007-3386: tomcat XSS - CVE-2007-5342: insufficient access...

6.8CVSS5.4AI score0.58956EPSS
Exploits9References6
seebug.org
seebug.org
added 2007/12/31 12:0 a.m.32 views

Mutt BROWSE_GET_NAMESPACE IMAP名称空间处理远程溢出漏洞

BUGTRAQ ID: 18642 CVECAN ID: CVE-2006-3242 Mutt是一个小型但功能强大的基于文本的MIME邮件客户端。 Mutt处理畸形邮件时存在漏洞,远程攻击者可能利用此漏洞在客户端上执行任意指令。 Mutt的browse.c文件的browsegetnamespace函数中存在缓冲区溢出漏洞。如果恶意的IMAP服务器向Mutt发送了超长的名称空间的话,就会触发这个漏洞,导致客户端崩溃或执行任意指令。 Mutt Mutt 1.4.2 Gentoo Linux 厂商补丁: Mutt ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.5CVSS0.6AI score0.05889EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/10 12:0 a.m.31 views

Ubuntu 5.04 / 5.10 / 6.06 LTS : mutt vulnerability (USN-307-1)

TAKAHASHI Tamotsu discovered that mutt's IMAP backend did not sufficiently check the validity of namespace strings. If an user connects to a malicious IMAP server, that server could exploit this to crash mutt or even execute arbitrary code with the privileges of the mutt user. Note that Tenable...

7.5CVSS6AI score0.05889EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.30 views

openSUSE 10 Security Update : mutt (mutt-1701)

Mutt had a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability CVE-2006-3242. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mutt-1701. The text...

7.5CVSS5.8AI score0.05889EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/04/10 12:0 a.m.14 views

Fedora Core 5 : libXfont-1.2.8-1.fc5 (2007-422)

Fri Apr 6 2007 Adam Jackson 1.2.8-1 - libXfont 1.2.8. - Wed Jan 17 2007 Kristian Hagsberg 1.2.6-2 - Add built-in-scalable.patch to prevent crash when trying to scale built-in bitmap fonts. - Fri Jan 5 2007 Adam Jackson 1.2.6-1 - Update to 1.2.6 - Fri Dec 1 2006 Adam Jackson 1.2.5-1 - Update to...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.23 views

Fedora Core 4 : mutt-1.4.2.1-5.fc4 (2006-761)

Thu Jun 29 2006 Miroslav Lichvar 5:1.4.2.1-5.fc4 - fix a buffer overflow when processing IMAP namespace 197152, CVE-2006-3242 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...

7.5CVSS5.7AI score0.05889EPSS
Exploits1References1
CVE
CVE
added 2006/07/21 9:0 p.m.46 views

CVE-2006-3798

DeluxeBB 1.07 and earlier exposes a vulnerability where a remote attacker can set the COOKIE data to overwrite the internal variables _GET, _POST, _ENV, and _SERVER during an extract function call, resulting in pollution of the global namespace and potentially multiple security vulnerabilities. A...

5CVSS7.2AI score0.01329EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2005/12/21 11:3 a.m.13 views

CVE-2005-4455

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi...

5CVSS6.2AI score0.01041EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/12/21 11:0 a.m.19 views

CVE-2005-4455

cleanhtml.pl 1.129 in LiveJournal CVS before Dec 13 2005 allows remote attackers to inject scripting languages via the XSL namespace in XML, via vectors such as customview.cgi...

6.2AI score0.01041EPSS
Exploits0References2
securityvulns
securityvulns
added 2005/08/05 12:0 a.m.18 views

[SA16319] Karrigell Python Namespace Exposure Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.3AI score
Exploits0
Ubuntu
Ubuntu
added 2005/07/27 4:34 a.m.67 views

USN-155-1: Mozilla vulnerabilities

Secunia.com reported that one of the recent security patches in Firefox reintroduced the frame injection patch that was originally known as CAN-2004-0718. This allowed a malicious web site to spoof the contents of other web sites. CAN-2005-1937 It was discovered that a malicious website could...

7.5CVSS6.3AI score0.68097EPSS
Exploits8
RedHat Linux
RedHat Linux
added 2005/07/22 10:41 a.m.4 views

security flaw

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

7.5CVSS6.1AI score0.05815EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2005/07/21 10:14 a.m.6 views

security flaw

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

7.5CVSS6.1AI score0.05815EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/07/13 4:0 a.m.27 views

CVE-2005-2269

Firefox before 1.0.5, Mozilla before 1.7.9, and Netscape 8.0.2 does not properly verify the associated types of DOM node names within the context of their namespaces, which allows remote attackers to modify certain tag properties, possibly leading to execution of arbitrary script or code, as...

6.5AI score0.05815EPSS
Exploits1References24
securityvulns
securityvulns
added 2003/03/16 12:0 a.m.27 views

Remote Exploit in Business::OnlinePayment::WorldPay::Junior

Business::OnlinePayment::WorldPay::Junior is a perl module providing a backend for perl scripts to manage credit/debit card payments through the WorldPay Select Junior service. I am the author of the module. There is a bug in all version of Business::OnlinePayment::WorldPay::Junior prior to 1.05...

6.8AI score
Exploits0
exploitpack
exploitpack
added 1999/02/18 12:0 a.m.16 views

Microsoft Windows NT 4.0 SP4 - Known DLL Cache

Microsoft Windows NT 4.0 SP4 - Known DLL Cache source: https://www.securityfocus.com/bid/234/info The names and mappings of kernel objects in NT are cached in the "object namespace". In this area, DLL mappings are kept in a section called KnownDlls. By manipulating the namespace, it is possible t...

Exploits0
Rows per page
Query Builder