CVE-2009-2975

Mozilla Firefox 3.5.2 on Windows XP, in some situations possibly involving an incompletely configured protocol handler, does not properly implement setting the document.location property to a value specifying a protocol associated with an external application, which allows remote attackers to cau...

CentOS 3 / 5 : pidgin (CESA-2009:1218)

Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multip...

RHEL 3 / 4 / 5 : pidgin (RHSA-2009:1218)

Updated pidgin packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Pidgin is an instant messaging program which can log in to multiple accounts on multip...

Wireshark 1.2.0多个安全漏洞

Bugraq ID: 35748 Wireshark是一款开放源代码的协议处理程序。 Wireshark存在多个安全问题，远程攻击者可以利用漏洞使应用程序崩溃。 -IPMI解析器存在数组索引错误，发送特殊构建的网络报文可导致应用程序崩溃。 -蓝牙L2CAP, RADIUS, MIOP和sFlow解析器存在错误，通过发送特殊构建的网络报文可导致应用程序崩溃或挂起。 -AFS解析器存在错误可导致应用程序崩溃。 -Infiniband解析器存在错误，发送特殊构建的网络报文可导致部分平台上的应用程序崩溃。 Wireshark Wireshark 1.2 Wireshark Wireshark...

CVE-2009-2420

Technical details about CVE-2009-2420 are not publicly provided in the supplied documents. No concrete information on affected products, root cause, or remediation is included here; monitor for updates.

Mandrake Security Advisory MDVSA-2009:147 (pidgin)

The remote host is missing an update to pidgin announced via advisory MDVSA-2009:147. OpenVAS Vulnerability Test $Id: mdksa2009147.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:147 pidgin Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Mandrake Security Advisory MDVSA-2009:140 (gaim)

The remote host is missing an update to gaim announced via advisory MDVSA-2009:140. OpenVAS Vulnerability Test $Id: mdksa2009140.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:140 gaim Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

n.runs-SA-2009.005 - Apple Safari - Information disclosure

n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2009.005 23-Jun-2009 Vendor: Apple Inc., http://www.apple.com Affected Products: Safari Browser 3.2.3 all platforms Vulnerability: Information disclosure to Denial of Service Risk: MEDIUM Vendor communication: 2009/06/07 Bug found...

Ubuntu: Security Advisory (USN-781-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple iTunes 8.1.1 - ITMS Multiple Protocol Handler Buffer Overflow (Metasploit)

Apple iTunes 8.1.1 - ITMS Multiple Protocol Handler Buffer Overflow Metasploit $Id: $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Debian DSA-1805-1 : pidgin - several vulnerabilities

Several vulnerabilities have been discovered in Pidgin, a graphical multi-protocol instant messaging client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1373 A buffer overflow in the Jabber file transfer code may lead to denial of service or the...

DSA-1805-1 pidgin - several vulnerabilities

Bulletin has no description...

Opera PDF Javascript Security Bypass Vulnerability (Linux)

The host is installed with Opera Web Browser and is prone to PDF Javascript Security Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodoperapdfjsrestbypassvulnlin.nasl 5122 2017-01-27 12:16:00Z teissa $ Opera PDF Javascript Security Bypass Vulnerability Linux Authors: Antu Sanadi...

Design/Logic Flaw

Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that...

CVE-2009-1412

Argument injection vulnerability in the chromehtml: protocol handler in Google Chrome before 1.0.154.59, when invoked by Internet Explorer, allows remote attackers to determine the existence of files, and open tabs for URLs that do not satisfy the IsWebSafeScheme restriction, via a web page that...

CVE-2009-1412

Google Chrome before 1.0.154.59 is affected by CVE-2009-1412 via the chromehtml: protocol handler. A web page could set document.location to a chromehtml: value and, when launched from Internet Explorer, allow enumeration of local files and opening tabs for non‑IsWebSafe URLs, enabling potential ...

Stable Update: Security Fix

Edit 24 April: Removed "Such an attack only works if Chrome is not already running." Google Chrome's Stable channel has been updated to 1.0.154.59 to fix a security issue: CVE-2009-1412 ChromeHTML protocol handler same-origin bypass An error in handling URLs with a chromehtml: protocol could allo...

FreeBSD : nss -- exploitable buffer overflow in SSLv2 protocol handler (207f8ff3-f697-11d8-81b0-000347a4fa7d)

ISS X-Force reports that a remotely exploitable buffer overflow exists in the Netscape Security Services NSS library's implementation of SSLv2. From their advisory : The NSS library contains a flaw in SSLv2 record parsing that may lead to remote compromise. When parsing the first record in an SSL...

Ubuntu Update for gaim vulnerability USN-675-2

Ubuntu Update for Linux kernel vulnerabilities USN-675-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN6752.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for gaim vulnerability USN-675-2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1

Ubuntu Update for Linux kernel vulnerabilities USN-464-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4641.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone...