[SECURITY] Fedora 17 Update: drupal6-ctools-1.10-1.fc17

This suite is primarily a set of APIs and tools to improve the developer experience. It also contains a module called the Page Manager whose job is to manage pa ges. In particular it manages panel pages, but as it grows it will be able to manage far more than just Panels. For the moment, it...

Fedora Update for claws-mail-plugins FEDORA-2012-18558

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for claws-mail-plugins FEDORA-2012-18559

Check for the Version of claws-mail-plugins OpenVAS Vulnerability Test Fedora Update for claws-mail-plugins FEDORA-2012-18559 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for claws-mail-plugins FEDORA-2012-18558

Check for the Version of claws-mail-plugins OpenVAS Vulnerability Test Fedora Update for claws-mail-plugins FEDORA-2012-18558 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Fedora Update for claws-mail-plugins FEDORA-2012-18559

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

[SECURITY] Fedora 16 Update: claws-mail-plugins-3.9.0-2.fc16

Additional plugins for Claws Mail...

[SECURITY] Fedora 17 Update: claws-mail-plugins-3.9.0-2.fc17

Additional plugins for Claws Mail...

[SECURITY] Fedora 18 Update: claws-mail-plugins-3.9.0-2.fc18

Additional plugins for Claws Mail...

Wordpress Plugins - image-store Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------------- Wordpress Plugins - image-store Arbitrary File Upload Vulnerability -------------------------------------------------------------------------------- Author =...

Cross site request forgery (csrf)

The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service CPU consumption, read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll...

Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : thunderbird vulnerabilities (USN-1636-1)

Gary Kwong, Jesse Ruderman, Christian Holler, Bob Clary, Kyle Huey, Ed Morley, Chris Lord, Boris Zbarsky, Julian Seward, Bill McCloskey, and Andrew McCreight discovered several memory corruption flaws in Thunderbird. If a user were tricked into opening a malicious website and had JavaScript...

Mozilla Releases Firefox 17 with Click-to-Play, Updates Firefox for Android

Mozilla pushed out the latest build of its flagship browser, Firefox 17, today, adding a new click-to-play blocklisting feature that will help prevent users from running out-of-date or vulnerable versions of plug-ins or extensions. The update tweaks click-to-play in Firefox prompting users to...

Frames can shadow top.location — Mozilla

Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location with a frame whose name attribute's value is set to "top". This can allow for possible cross-site scripting XSS attacks through plugins...

CVE-2011-2486

nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash...

CVE-2011-2486

Summary: CVE-2011-2486 affects nspluginwrapper prior to 1.4.4. The flaw lies in incorrect handling of NPNVprivateModeBool, which can prevent Firefox plugins from correctly determining Private Browsing state, enabling remote attackers to bypass access restrictions (as demonstrated with Flash). Imp...

CVE-2011-2486

nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash...

nspluginwrapper: NPNVprivateModeBool variable not forwarded

nspluginwrapper before 1.4.4 does not properly provide access to NPNVprivateModeBool variable settings, which could prevent Firefox plugins from determining if they should run in Private Browsing mode and allow remote attackers to bypass intended access restrictions, as demonstrated using Flash...

Mozilla: Fixes for Location object issues (MFSA 2012-90)

Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 do not prevent use of the valueOf method to shadow the location object aka window.location, which makes it easier for remote attackers to...

firefox security update

firefox 10.0.10-1.0.1.el63 - Replaced firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.10-1 - Update to 10.0.10 ESR 10.0.8-2 - Fixed rhbz865284 - add the storage.nfsfilesystem config key to property list - disable OOP for wrapped plugins nspluginwrapper xulrunner...

DarkBot Malware Circulation very fast via Skype

Two weeks back we reported that Security firm Trend Micro discovered a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is:...