Several GET locks web server

The remote web server shuts down temporarily or blacklists us when it receives several GET HTTP/1.0 requests in a row. This might trigger false positive in generic destructive or DoS plugins. The scanner enabled some countermeasures, however they might be insufficient. SPDX-FileCopyrightText: 200...

[SECURITY] [DSA 815-1] New kdebase packages fix local root vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 815-1 [email protected] http://www.debian.org/security/ Martin Schulze September 16th, 2005 http://www.debian.org/security/faq -...

FreeBSD : mozilla -- arbitrary code execution vulnerability (cbfde1cd-87eb-11d9-aa18-0001020eed82)

A Mozilla Foundation Security Advisory reports : Plugins such as flash can be used to load privileged content into a frame. Once loaded various spoofs can be applied to get the user to interact with the privileged content. Michael Krax's 'Fireflashing' example demonstrates that an attacker can op...

CVE-2005-2039

Unknown vulnerability in "various plugins" for NanoBlogger 3.2.1 and earlier allows remote attackers to execute arbitrary commands...

CVE-2005-1713

Serendipity 0.8 is affected by multiple XSS vulnerabilities described in CVE-2005-1713, exploitable via the templatedropdown and shoutbox plugins. The Red Hat and NVD entries corroborate that remote attackers could inject arbitrary web script or HTML through these plugins, enabling client-side sc...

CVE-2005-1713

Multiple cross-site scripting XSS vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 templatedropdown and 2 shoutbox plugins...

CVE-2005-1452

Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."...

CVE-2005-0527

Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."...

CVE-2005-1157

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute...

CVE-2005-0527

Firefox 1.0 allows remote attackers to execute arbitrary code via plugins that load "privileged content" into frames, as demonstrated using certain XUL events when a user drags a scrollbar two times, aka "Firescrolling."...

galeon, mozilla security update

CentOS Errata and Security Advisory CESA-2005:384-01 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073786.html Affected packages: galeon mozilla mozilla-chat mozilla-devel mozilla-dom-inspector mozilla-js-debugger mozilla-mail mozilla-nspr...

mozilla security update

CentOS Errata and Security Advisory CESA-2005:384 Merged security bulletin from advisories: https://lists.centos.org/pipermail/centos-announce/2005-April/073779.html https://lists.centos.org/pipermail/centos-announce/2005-April/073780.html...

RHEL 2.1 / 3 : Mozilla (RHSA-2005:384)

Updated Mozilla packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bu...

Important: Red Hat Security Advisory: firefox security update

Updated firefox packages that fix various security bugs are now available. This update has been rated as having Important security impact by the Red Hat Security Response Team. Mozilla Firefox is an open source Web browser. Vladimir V. Perepelitsa discovered a bug in the way Firefox handles...

GLSA-200504-18 : Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-18 Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities The following vulnerabilities were found and fixed in the Mozilla Suite and Mozilla Firefox: Vladimir V. Perepelitsa reported a memory disclosure bug in JavaScript...

CVE-2005-1157

Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute...

Multiple Netscape / Mozilla / Firefox vulnerabilities

Search content hijacking with search plugins, crossite scripting with link tag...

Mozilla Suite: Multiple vulnerabilities

Background The Mozilla Suite is a popular all-in-one web browser that includes a mail and news reader. Description The following vulnerabilities were found and fixed in the Mozilla Suite: Mark Dowd from ISS X-Force reported an exploitable heap overrun in the GIF processing of obsolete Netscape...

CVE-2005-0527

CVE-2005-0527 affects Firefox 1.0 (Mozilla/Firefox family) where plugins can load privileged content into frames, enabling remote code execution as demonstrated by Firescrolling when a user drags a scrollbar twice. Connected advisories show this as part of broader Mozilla/XPCOM plugin access issu...

awstats63.txt

/==========================================/ // GHC - AWStats - ADVISORY \ PRODUCT: AWStats // VERSION: = 6.3 \ URL: http://awstats.sourceforge.net/ // VULNERABILITY CLASS: Multiple vulnerabilities \ RISK: high /==========================================/ Product Description "AWStats is a free...