2144 matches found
Ipswitch WhatsUp Professional multiple flaws
WhatsUp is a tool from Ipswitch to monitor application and network, embedding a custom web server on port 8022. Description: This custom web server is prone to multiple flaws. -as authenticated user: src disclosure http://server:8022/NmConsole/Login.asp. there are many XSS flaws, as...
Information disclosure
MUTE 0.4 allows remote attackers to cause a denial of service messages not forwarded and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes...
CVE-2006-0808
MUTE 0.4 allows remote attackers to cause a denial of service messages not forwarded and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes...
CVE-2006-0808
MUTE 0.4 allows remote attackers to cause a denial of service messages not forwarded and obtain sensitive information about a target by filling a client's mWebCache cache with malicious "zombie" nodes...
Critical: Red Hat Security Advisory: firefox security update
An updated firefox package that fixes several security bugs is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Igor Bukanov discovered a bug in the way Firefox's Javascript interpret...
Ubuntu 5.04 : mozilla-firefox, mozilla vulnerabilities (USN-124-1)
When a popup is blocked the user is given the ability to open that popup through the popup-blocking status bar icon and, in Firefox, through the information bar. Doron Rosenberg noticed that popups which are permitted by the user were executed with elevated privileges, which could be abused to...
Debian DSA-781-1 : mozilla-thunderbird - several vulnerabilities
Several problems have been discovered in Mozilla Thunderbird, the standalone mail client of the Mozilla suite. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0989 Remote attackers could read portions of heap memory into a JavaScript string via the...
Debian DSA-779-2 : mozilla-firefox - several vulnerabilities
We experienced that the update for Mozilla Firefox from DSA 779-1 unfortunately was a regression in several cases. Since the usual praxis of backporting apparently does not work, this update is basically version 1.0.6 with the version number rolled back, and hence still named 1.0.4-. For...
DSA-779-2 mozilla-firefox - several
Bulletin has no description...
thunderbird security update
CentOS Errata and Security Advisory CESA-2005:601 Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and...
Important: Red Hat Security Advisory: thunderbird security update
Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way...
FreeBSD defvs jail restrictions bypass
It's possible to access restricted hidden device nodes from kailed environment...
Fedora Core 4 : thunderbird-1.0.6-1.1.fc4 (2005-606)
Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird handled anonymous functions during regular expression string replacement. It is possible for a malicious HTML mail to capture a random block of client memory. The Common Vulnerabilities and...
devfs -- ruleset bypass
Problem description Due to insufficient parameter checking of the node type during device creation, any user can expose hidden device nodes on devfs mounted file systems within their jail. Device nodes will be created in the jail with their normal default access permissions. Impact Jailed process...
FreeBSD : mozilla -- privilege escalation via DOM property overrides (f650d5b8-ae62-11d9-a788-0001020eed82)
A Mozilla Foundation Security Advisory reports : mozbugra4 reported several exploits giving an attacker the ability to install malicious code or steal data, requiring only that the user do commonplace actions like click on a link or open the context menu. The common cause in each case was...
USN-124-1: Mozilla and Firefox vulnerabilities
When a popup is blocked the user is given the ability to open that popup through the popup-blocking status bar icon and, in Firefox, through the information bar. Doron Rosenberg noticed that popups which are permitted by the user were executed with elevated privileges, which could be abused to...
CVE-2005-1160
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...
CVE-2005-1160
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...
Important: Red Hat Security Advisory: firefox security update
Updated firefox packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Vladimir V. Perepelitsa discovered a bug in the way Firefox handles...
CVE-2005-1160
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object...