Mozilla Thunderbird < 3.0.10 Buffer Overflow

The installed version of Thunderbird is earlier than 3.0.10. Such versions are potentially affected by a heap-based buffer overflow vulnerability. The combination of DOM insertions and the handling of the JavaScript function 'document.write' exposes an error that can lead to a heap-based buffer...

CVE-2010-3711

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...

(libpurple): Multiple DoS (crash) flaws by processing of unsanitized Base64 decoder values

libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purplebase64decode function, which allows remote authenticated users to cause a denial of service NULL pointer dereference and application crash via a crafted message, related to the plugins for MSN, MySpaceIM,...

RealNetworks Realplayer RecordClip Parameter Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the browser plugins provided by...

Security fix for the ALT Linux 6 package libesmtp version 1.0.6-alt1

Oct. 5, 2010 Vladimir Lettiev 1.0.6-alt1 - New version 1.0.6: + Fixed CVE-2010-1192, CVE-2010-1194 certificate validation flaws - Build changes: + Disabled static build + Fixed install section + Plugins moved from devel subpackage to the main...

TinyMCE MCFileManager 2.1.2 Shell Upload

============================================== File Upload Vulnerability Plugins tinymce ============================================== http://tinymce.moxiecode.com/pluginsfilemanager.php Author : Hackeri-AL Contact : h-al at hotmail dot it Greetz : LoocK3D & b4cKd00r & GHoST61 & BaDBoy My Group ...

TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload

============================================== File Upload Vulnerability Plugins tinymce ============================================== http://tinymce.moxiecode.com/pluginsfilemanager.php Author : Hackeri-AL Contact : h-al at hotmail dot it Greetz : LoocK3D & b4cKd00r & GHoST61 & BaDBoy My Group ...

Mozilla Dangling pointer vulnerability using DOM plugin array (MFSA 2010-51)

The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service...

Dangling pointer vulnerability using DOM plugin array — Mozilla

Security researcher Sergey Glazunov reported a dangling pointer vulnerability in the implementation of navigator.plugins in which the navigator object could retain a pointer to the plugins array even after it had been destroyed. An attacker could potentially use this issue to crash the browser an...

[SECURITY] Fedora 13 Update: wireshark-1.2.10-1.fc13

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

Ubuntu Update for kdegraphics vulnerability USN-979-1

Ubuntu Update for Linux kernel vulnerabilities USN-979-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9791.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for kdegraphics vulnerability USN-979-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Replace unsafe text gadget and add to JIRA Cloud

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-21965. panel panel:title=Atlassian Update - 23 April 2015|borderStyle=solid|borderColor=ebf2f9|titleBGColor=ebf2f9|bgColor=ffffff Hi everyone...

Replace unsafe text gadget and add to JIRA Cloud

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-21965. panel panel:title=Atlassian Update - 23 April 2015|borderStyle=solid|borderColor=ebf2f9|titleBGColor=ebf2f9|bgColor=ffffff Hi everyon...

Replace unsafe text gadget and add to JIRA Cloud

panel:title=Atlassian Update - 23 April 2015|borderStyle=solid|borderColor=ebf2f9|titleBGColor=ebf2f9|bgColor=ffffff Hi everyone, There is an add-on from Atlassian Labs that provides a rich text dashboard gadget for JIRA Cloud. You can find it by searching for "rich text gadget" in the Find New...

MDVA-2010:175 : firefox

Firefox 3.6.6 modifies the crash protection feature to increase the amount of time that plugins are allowed to be non-responsive before being terminated. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:...

MDVA-2009:206 : phonon

In Amarok of mandriva 2010, the time bar is locked, you cannot seek to a point when listening to a song, this happens because missing gstreamer0.10-plugins-ugly, this phonon-gstreamer update adds this package as dependency fixing the bug. Additionally the gstreamer0.10-plugins-ugly packages are...

MDVA-2009:091 : gedit-plugins

The embedded terminal plugin was not included in gedit-plugins. The updated package was adjusted to include it. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This...

[SECURITY] Fedora 13 Update: pidgin-2.7.2-1.fc13

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

Mozilla Plugin parameter EnsureCachedAttrParamArrays remote code execution vulnerability

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter elements...

Mozilla Dangling pointer vulnerability in nsPluginArray

Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of servi...