8004 matches found
setroubleshoot security and bug fix update
setroubleshoot: 2.0.5-3.0.1.el5 - replace missed references to bugzilla.redhat.com with linux.oracle.com 2.0.5-3 - Resolve: bug 436564: socket.getsockopt on ppc generates exception Fix typo in original setroubleshoot-getcredentials.patch 2.0.5-2 - Resolve: bug 437857: python error in system...
PHP path translation vulnerability
Overview PHP contains a path translation vulnerability that may allow an attacker to execute arbitrary code. Description PHP is a scripting language that is designed for web-based applications and can be imbedded directly into HTML.PHP versions prior to 5.2.6 contain a path translation...
Immunity Canvas: VISUALPIC_INCLUDE
Name| visualpicinclude ---|--- CVE| CVE-2008-1876 Exploit Pack| CANVAS Description| VisualPic 0.3.1 Remote File Include Notes| CVE Name: CVE-2008-1876 VENDOR: Snarky.fr Repeatability: Infinite References: http://www.frsirt.com/english/advisories/2008/1127 CVE Url:...
Secunia Research: Lotus Notes EML Reader Buffer Overflows
====================================================================== Secunia Research 08/04/2008 - Lotus Notes EML Reader Buffer Overflows - ====================================================================== Table of Contents Affected...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-0887. Reason: This candidate is a duplicate of CVE-2008-0887. Notes: All CVE users should reference CVE-2008-0887 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
PR07-41: XSS on Juniper Networks Secure Access 2000
PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'...
CVE-2008-0628
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
Xxe
The XML parsing code in Sun Java Runtime Environment JDK and JRE 6 Update 3 and earlier processes external entity references even when the "external general entities" property is false, which allows remote attackers to conduct XML external entity XXE attacks and cause a denial of service or acces...
CVE-2008-0628
CVE-2008-0628 affects Sun Java Runtime Environment (JRE/JDK) 6 Update 3 and earlier. The XML parsing code processes external entity references even when the “external general entities” property is false, enabling an XXE attack that can cause denial of service or allow access to restricted resourc...
Debian Security Advisory DSA 1463-1 (postgresql-7.4)
The remote host is missing an update to postgresql-7.4 announced via advisory DSA 1463-1. OpenVAS Vulnerability Test $Id: deb14631.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1463-1 postgresql-7.4 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Sof...
ProCheckUp Security Advisory 2007.38
PR07-38: XSS on sIFR Vulnerability Found: 12 November 2007 Vendor contacted: 19 November 2007 Vulnerability fixed: The issue remains unfixed. The developer of sIFR was contacted several times but did not respond. Severity: Medium Successfully tested on: sIFR 2.0.2 Description: Sites using sIFR to...
SecurityReason - Apache (mod_proxy_ftp) Undefined Charset UTF-7 XSS Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SecurityReason - Apache modproxyftp Undefined Charset UTF-7 XSS Vulnerability Author: sp3x Date: - - Written: 15.12.2007 - - Public: 10.01.2008 SecurityReason Research SecurityAlert Id: 49 CVE: CVE-2008-0005 SecurityRisk: Low Affected Software: Apache...
Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability
H - Security Labs Tikiwiki v1.9.8.3 Security Advisory ID : HSEC20072212 General Information -------------------------- Name : Tikiwiki 1.9.8.3 Vendor HomePage :http://tikiwiki.org Platforms : PHP && MySQL Vulnerability Type : Input Validation Error Timeline ------------------------- 17 December...
CVE-2007-6356
exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...
DEBIAN-CVE-2007-6356
exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...
CVE-2007-6356
exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...
CVE-2007-6356
exiftags before 1.01 allows attackers to cause a denial of service infinite loop via recursive IFD references in the EXIF data in a JPEG image...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-6313. Reason: this candidate's description and references were inconsistent and described unrelated, non-security issues. The original intended issue is covered by CVE-2007-6313. Notes: All references and descriptions in this...
ProCheckUp Security Advisory 2007.14
PR07-14: Cross-site Scripting XSS / HTML injection on F5 FirePass 4100 SSL VPN 'my.activation.php3' server-side script Date Found: 19th June 2007 Successfully tested on: version 5.5.2 F5 Networks has confirmed the following versions to be vulnerable: FirePass versions 5.4.1 - 5.5.2 FirePass...
Eggblog v3.1.0 XSS Vulnerability
H - Security Labs Eggblog v3.1.0 Security Advisory ID : HSEC20071111 General Information -------------------------- Name : EggBlog v.3.1.0 Vendor HomePage :http://sourceforge.net/projects/eggblog/ Platforms : PHP && MySQL Vulnerability Type : Input Validation Error Timeline...