CentOS Update for pidgin CESA-2008:0584 centos3 x86_64

Check for the Version of pidgin OpenVAS Vulnerability Test CentOS Update for pidgin CESA-2008:0584 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Safari 3.2.1 Null Dereference

Safari 3.2.1 for windows safariUrl protocol Handler abussenull Deference Vendor:http://www.apple.com original advisore:http://lostmon.blogspot.com/2009/01/ safari-321-for-windows-safariurl.html vendor notify:YES Exploit available: Private This article is a "second" part of :...

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code

When an application attempts to access a URL that uses a protocol that it does not understand, it may choose to pass the URL to a registered handler for that protocol. If that registered handler is Opera, it will be started, passing the URL to open. Some external applications do not ensure that t...

Startup crash can allow execution of arbitrary code – Opera Security Advisories

Startup crash can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this...

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code – Opera Security Advisories

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description When an application attempts to access a URL that uses a protocol that it does not understand, it may...

Startup crash can allow execution of arbitrary code

When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this way can cause Opera to crash. To inject code, additional techniques will have to be employed...

Moderate: Red Hat Security Advisory: pidgin security and bug fix update

Updated Pidgin packages that fix several security issues and bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Pidgin is a multi-protocol Internet Messaging client. A denial-of-service...

CVE-2008-4269

The search-ms protocol handler in Windows Explorer in Microsoft Windows Vista Gold and SP1 and Server 2008 uses untrusted parameter data obtained from incorrect parsing, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "Windows Search Parsing Vulnerability....

Microsoft Windows search-ms Protocol Handler Command Execution (MS08-075; CVE-2008-4269)

Windows Search is a standard component of Windows Vista that allows instant search capabilities for most common file and data types.Windows Search has XML-based files that save information about a search in Windows. A remote code execution vulnerability was reported in Windows Explorer which allo...

Microsoft Windows 'search-ms' Protocol Parsing Remote Code Execution Vulnerability

Description Microsoft Windows Explorer is prone to a remote code-execution vulnerability that affects the 'search-ms' protocol handler. An attacker could exploit this issue by enticing a victim to visit a maliciously crafted website. Successfully exploiting this issue would allow the attacker to...

Design/Logic Flaw

Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications...

Microsoft Office Remote Code Execution Vulnerabilities (955047)

This host is missing critical security update according to Microsoft Bulletin MS08-055. OpenVAS Vulnerability Test $Id: secpodms08-055900046.nasl 5863 2017-04-05 07:38:11Z antu123 $ Description: Microsoft Office Remote Code Execution Vulnerabilities 955047 Authors: Chandan S Copyright: Copyright ...

CORE-2008-0103: Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass Advisory Information Title: Internet Explorer Zone Elevation Restrictions...

Information disclosure

The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via...

CVE-2008-1448

Technical details for CVE-2008-1448 are not provided in the connected documents. Public details are limited to related CVEs; monitor for updates.

CVE-2008-2927

Multiple integer overflows in the msnslplinkprocessmsg functions in the MSN protocol handler in 1 libpurple/protocols/msn/slplink.c and 2 libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message wi...

openSUSE 10 Security Update : epiphany (epiphany-4870)

This update brings the Mozilla XUL runner engine to security update version 1.8.1.10 MFSA 2007-37 / CVE-2007-5947: The jar protocol handler in Mozilla Firefox retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inne...

Apple QuickTime RTSP Response message Reason-Phrase buffer overflow vulnerability

Overview Apple QuickTime contains a buffer overflow vulnerability that may allow a remote, unauthenticated attacker to cause a denial-of-service condition and possibly execute arbitrary code. Description Real Time Streaming Protocol RTSP is a protocol that is used by streaming media systems. Appl...

Mozilla Firefox, SeaMonkey: Multiple vulnerabilities

Background Mozilla Firefox is a cross-platform web browser from Mozilla. SeaMonkey is a free, cross-platform Internet suite. Description Jesse Ruderman and Petko D. Petkov reported that the jar protocol handler in Mozilla Firefox and Seamonkey does not properly check MIME types CVE-2007-5947...

CVE-2007-6589

The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 does not update the origin domain when retrieving the inner URL parameter yields an HTTP redirect, which allows remote attackers to conduct cross-site scripting XSS attacks via a jar: URI, a different...