Mozilla Seamonkey Multiple Vulnerabilities-01 (Windows)

The host is installed with Mozilla Seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaseamonkeymultvuln01oct12win.nasl 6093 2017-05-10 09:03:18Z teissa $ Mozilla Seamonkey Multiple Vulnerabilities-01 Windows Authors: Arun Kallavi Copyright: Copyright c 20...

Oracle BEA WebLogic Server Client Certificate Buffer Overflow (CVE-2009-1016)

There exists a buffer overflow vulnerability in BEA WebLogic Server Plugins...

Firefox 17 Beta Released with Click-to-Play Plugins for blocking vulnerable Plugins

Last week, Mozilla announced it will prompt Firefox users on Windows with old versions of Adobe Reader, Adobe Flash, and Microsoft Silverlight, but refused to detail how the system will work. Finally today Firefox 17 is now in beta and with it is a very cool feature, click-to-play plugins. When a...

Google Chrome < 22.0.1229.92 Multiple Vulnerabilities

Binary data 800947.prm...

Google Chrome < 22.0.1229.92 Multiple Vulnerabilities

Binary data 6600.pasl...

Google Chrome < 22.0.1229.92 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is earlier than 22.0.1229.92 and is, therefore, affected by the following vulnerabilities : - An unspecified error exists related to Skia text rendering can cause the application to crash. CVE-2012-2900 - A race condition exists related to...

FreeBSD : mozilla -- multiple vulnerabilities (6e5a9afd-12d3-11e2-b47d-c8600054b392)

The Mozilla Project reports : MFSA 2012-74 Miscellaneous memory safety hazards rv:16.0/ rv:10.0.8 MFSA 2012-75 select element persistance allows for attacks MFSA 2012-76 Continued access to initial origin after setting document.domain MFSA 2012-77 Some DOMWindowUtils methods bypass security check...

top object and location property accessible by plugins — Mozilla

Security researcher Mariusz Mlynski reported that the location property can be accessed by binary plugins through top.location and top can be shadowed by Object.defineProperty as well. This can allow for possible cross-site scripting XSS attacks through plugins...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTPREFERER header to 1 components/comcontent/views/article/tmpl/form.php, 2 components/comuser/controller.php, 3 plugins/system/legacy/html.php, or 4...

CVE-2011-4909

Multiple cross-site scripting XSS vulnerabilities in Joomla! before 1.5.12 allow remote attackers to inject arbitrary web script or HTML via the HTTPREFERER header to 1 components/comcontent/views/article/tmpl/form.php, 2 components/comuser/controller.php, 3 plugins/system/legacy/html.php, or 4...

Session-timeout not being respected

As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...

Session-timeout not being respected

As per the following KB I made changes that should have seen timeout reduced to 2 minutes. https://confluence.atlassian.com/pages/viewpage.action?pageId=126910597 in /confluence/WEB-INF/web.xml code 2 code I can't force Confluence to have a session timeout. This issue has been reproduced on first...

Fedora Update for guacamole-ext FEDORA-2012-14179

Check for the Version of guacamole-ext OpenVAS Vulnerability Test Fedora Update for guacamole-ext FEDORA-2012-14179 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 16 Update: libguac-0.6.3-1.fc16

Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centraliz ed server acts as a tunnel and proxy, allowing access to multiple desktops thr ough a web browser. No plugins are needed: the client requires nothing...

[SECURITY] Fedora 17 Update: guacd-0.6.1-3.fc17

Guacamole is an HTML5 web application that provides access to desktop environments using remote desktop protocols such as VNC or RDP. A centraliz ed server acts as a tunnel and proxy, allowing access to multiple desktops thr ough a web browser. No plugins are needed: the client requires nothing...

FreeBSD : jenkins -- multiple vulnerabilities (d846af5b-00f4-11e2-b6d0-00e0814cab4e)

Jenkins Security Advisory reports : This advisory announces security vulnerabilities that were found in Jenkins core and several plugins. - The first vulnerability in Jenkins core allows unprivileged users to insert data into Jenkins master, which can lead to remote code execution. For this...

jenkins -- multiple vulnerabilities

Jenkins Security Advisory reports: This advisory announces security vulnerabilities that were found in Jenkins core and several plugins. The first vulnerability in Jenkins core allows unprivileged users to insert data into Jenkins master, which can lead to remote code execution. For this...

[SECURITY] Fedora 17 Update: pnp4nagios-0.6.16-4.fc17

PNP is an addon to nagios which analyzes performance data provided by plugi ns and stores them automatically into RRD-databases...

Slackware: Security Advisory (SSA:2009-345-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Facebook Timeline Eraser Chrome Plugins Dupe Tens of Thousands of Users

Nearly 100,000 Facebook users have been duped into installing third-party Chrome plugins over the past few weeks that have access to all of their data on every Web site they visit. According to research recently conducted by security firm Barracuda Networks, the unsuspecting users were tricked in...