1295 matches found
[SECURITY] Fedora 20 Update: mingw-icu-50.1.2-3.fc20
ICU is a set of C and C++ libraries that provides robust and full-featured Unicode and locale support. The library provides calendar support, conversions for many character sets, language sensitive collation, date and time formatting, support for many locales, message catalogs and resources,...
[SECURITY] Fedora 18 Update: nodejs-normalize-package-data-0.2.0-1.fc18
normalize-package-data exports a function that normalizes package metadata. This data is typically found in a package.json file, but in principle could come from any source - for example the npm registry. normalize-package-data is used by read-package-json to normalize the data it reads from a...
Alienvault OSSIM SIEM 4.1 SQL Injection
Title: Alienvault OSSIM Open Source SIEM 4.1 Multiple SQL Vulnerabilities Date: February 15, 2013 Author: Glafkos Charalambous Vendor: AlienVault Vendor URL: http://www.alienvault.com Reported: February 17, 2013 Timeline: --------- 17 Feb 2013: Vulnerability Reported to AlienVault 19 Feb 2013:...
OSSAMS - Open Source Security Assessment Management System
OSSAMS - Open Source Security Assessment Management System As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to...
Code injection
Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service memory consumption via "badly behaved applications," related to 1 SlapiAttr mishandling in the DN normalization code and 2 pointer mishandling in the...
CVE-2010-4746
Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allow remote attackers to cause a denial of service memory consumption via "badly behaved applications," related to 1 SlapiAttr mishandling in the DN normalization code and 2 pointer mishandling in the...
CVE-2010-2766
CVE-2010-2766 is a memory/DOM handling flaw in Mozilla’s browser engines where the normalization code could remove DOM nodes during traversal, leading to an access of a deleted object and potential code execution. Affected products and versions per the provided documents: Mozilla Firefox before 3...
CVE-2010-2766
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...
Mozilla Patches Firefox DLL Load Hijacking Bug
Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications. The open-source group released Firefox 3.6.9 with patches for a total of 15 vulnerabilities 11 rated critical, including the publicly known DLL...
Mozilla Crash and remote code execution in normalizeDocument (MFSA 2010-57)
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code...
SeaMonkey < 2.0.7 Multiple Vulnerabilities
Binary data 800885.prm...
Firefox 3.6.x < 3.6.9 Multiple Vulnerabilities
Binary data 800747.prm...
Mozilla Firefox 3.5.x < 3.5.12 Multiple Vulnerabilities
Binary data 5656.prm...
tomcat request dispatcher information disclosure vulnerability
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...
DEBIAN-CVE-2010-0211
The slapmodrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smrnormalize function, which allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a modrdn call with an RDN string containing...
openldap: modrdn processing IA5StringNormalize NULL pointer dereference
OpenLDAP 2.4.22 allows remote attackers to cause a denial of service crash via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smrnormalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schemainit.c, as...
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly (MS03-044)
Microsoft Windows Help Centre Handles - Malformed Escape Sequences Incorrectly MS03-044 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly ---------------------------------------------------------------------------- Help and Support Centre is the default application...
tomcat request dispatcher information disclosure vulnerability
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct...
RedHat Security Advisory RHSA-2009:1562
The remote host is missing updates announced in advisory RHSA-2009:1562. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not address all possible flaws in the way Tomcat handle...
Important: Red Hat Security Advisory: tomcat security update
Updated tomcat packages that fix several security issues are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP...