635 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
CVE-2010-2477
CVE-2010-2477 involves multiple XSS vulnerabilities in the paste.httpexceptions implementation of Paste before 1.7.4, enabling remote injection of script/HTML via 404-related vectors. Affected components include paste.urlparser.StaticURLParser, paste.urlparser.PkgResourcesParser, paste.urlmap.URL...
CVE-2010-2477
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
CVE-2010-2477
Multiple cross-site scripting XSS vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors involving a 404 status code, related to 1 paste.urlparser.StaticURLParser, 2...
PT-2010-4738 · Microsoft · Internet Explorer
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 8 Description: The issue is related to the improper handling of the Anchor element during content pasting and editing in Internet Explorer. This might allow remote attackers to obtain sensitive...
Debian DSA-2106-1 : xulrunner - several vulnerabilities
Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...
FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)
The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...
Mozilla Copy-and-paste or drag-and-drop into designMode document allows XSS (MFSA 2010-62)
Cross-site scripting XSS vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in...
Copy-and-paste or drag-and-drop into designMode document allows XSS — Mozilla
Security researcher Paul Stone reported that when an HTML selection containing JavaScript is copy-and-pasted or dropped onto a document with designMode enabled the JavaScript will be executed within the context of the site where the code was dropped. A malicious site could leverage this issue in ...
Fedora Update for python-paste FEDORA-2010-10414
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for python-paste FEDORA-2010-10383
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for python-paste FEDORA-2010-10383
Check for the Version of python-paste OpenVAS Vulnerability Test Fedora Update for python-paste FEDORA-2010-10383 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for python-paste FEDORA-2010-10414
Check for the Version of python-paste OpenVAS Vulnerability Test Fedora Update for python-paste FEDORA-2010-10414 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora 11 : python-paste-1.7.4-1.fc11 (2010-10400)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
Fedora 12 : python-paste-1.7.4-1.fc12 (2010-10383)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
Fedora 13 : python-paste-1.7.4-1.fc13 (2010-10414)
1.7.4 The only real change is to paste.httpexceptions, which was using insecure quoting of some parameters and allowed an XSS hole, most specifically with its 404 messages. The most notably WSGI application using this is paste.urlparse.StaticURLParser and PkgResourcesParser. By directing someone ...
[SECURITY] Fedora 13 Update: python-paste-1.7.4-1.fc13
These provide several pieces of "middleware" or filters that can be nested to build web applications. Each piece of middleware uses the WSGI PEP 333 interface, and should be compatible with other middleware based on those interfaces...
[SECURITY] Fedora 12 Update: python-paste-1.7.4-1.fc12
These provide several pieces of "middleware" or filters that can be nested to build web applications. Each piece of middleware uses the WSGI PEP 333 interface, and should be compatible with other middleware based on those interfaces...
Fedora Update for python-paste FEDORA-2010-10400
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for python-paste FEDORA-2010-10400
Check for the Version of python-paste OpenVAS Vulnerability Test Fedora Update for python-paste FEDORA-2010-10400 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...