1622 matches found
SuSE 10 Security Update : IBM Java 1.5.0 (ZYPP Patch Number 6741)
IBM Java 5 was updated to Service Refresh 11. It fixes lots of bugs and security issues. The timezone update to 1.6.9s with the latest Fiji change. - A vulnerability in the Java Runtime Environment with decoding DER encoded data might allow a remote client to cause the JRE to crash, resulting in ...
CVE-2010-2948
Stack-based buffer overflow in the bgprouterefreshreceive function in bgppacket.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a malformed Outbound Route Filtering ORF record in a BGP...
CVE-2010-2948
Stack-based buffer overflow in the bgprouterefreshreceive function in bgppacket.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a malformed Outbound Route Filtering ORF record in a BGP...
CVE-2010-2948
Affected software: Quagga bgpd (bgp_route_refresh_receive in bgp_packet.c) prior to version 0.99.17. Vulnerability type: stack-based buffer overflow when processing a malformed Outbound Route Filtering (ORF) in a BGP ROUTE-REFRESH message. Impact (as stated): remote authenticated users can cause ...
PT-2010-1071 · Quagga +1 · Quagga +1
Name of the Vulnerable Software and Affected Versions: Quagga versions prior to 0.99.17 Quagga versions 0.98.3 and 0.98.6 Description: The issue concerns multiple vulnerabilities in the Quagga package, which can lead to a disruption of confidentiality, integrity, and availability of protected...
Debian DSA-2104-1 : quagga - several vulnerabilities
Several remote vulnerabilities have been discovered in the BGP implementation of Quagga, a routing daemon. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2948 When processing a crafted Route Refresh message received from a configured, authenticated...
FreeBSD : quagga -- stack overflow and DoS vulnerabilities (167953a4-b01c-11df-9a98-0015587e2cc1)
The Red Hat security team reported two vulnerabilities : A stack-based buffer overflow flaw was found in the way Quagga's bgpd daemon processed Route-Refresh messages. A configured Border Gateway Protocol BGP peer could send a Route-Refresh message with specially crafted Outbound Route Filtering...
SuSE 11 Security Update : IBM Java 1.6.0 (SAT Patch Number 1748)
IBM Java 6 was updated to Service Refresh 7. The following security issues were fixed : - A vulnerability in the Java Runtime Environment with decoding DER encoded data might allow a remote client to cause the JRE to crash, resulting in a denial of service condition. CVE-2009-3876 / CVE-2009-3877...
SuSE9 Security Update : IBM Java 1.5.0 (YOU Patch Number 12564)
IBM Java 5 was updated to Service Refresh 11. It fixes lots of bugs and security issues. It also contains a timezone update for the current Fiji change timezone 1.6.9s. The update fixes the following security issues : - A vulnerability in the Java Runtime Environment with decoding DER encoded dat...
PT-2009-6215 · Cacti · Cacti
Name of the Vulnerable Software and Affected Versions: Cacti version 0.8.7e Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The affected areas include graph.php, include/top gra...
AwingSoft Winds3D Player SceneURL Buffer Overflow
This module exploits a data segment buffer overflow within Winds3D Viewer of AwingSoft Awakening 3.x WindsPly.ocx v3.6.0.0. This ActiveX is a plugin of AwingSoft Web3D Player. By setting an overly long value to the 'SceneURL' property, an attacker can overrun a buffer and execute arbitrary code...
New vulnerabilities in OpenX
Hello 3APA3A! I want to warn you about Denial of Service, Cross-Site Scripting and Redirector vulnerabilities in OpenX. DoS Looped DoS: http://site/adclick.php About Looped DoS I wrote in my classification of DoS vulnerabilities in web applications http://websecurity.com.ua/2663/. Vulnerable are...
Orca Browser 'javascript:' And 'data:' URI XSS Vulnerability
This host is installed with Orca Browser Browser and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gborcabrowserjsndataurixssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Orca Browser 'javascript:' And 'data:' URI XSS Vulnerability Authors: Sharath S Copyright:...
QtWeb 'javascript:' And 'data:' URI XSS Vulnerability
QtWeb Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Maxthon 'javascript:' And 'data:' URI XSS Vulnerability
Maxthon Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mozilla Product(s) 'javascript:' URI XSS Vulnerability - Sep09 (Linux)
This host is installed with Mozilla Products and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmozillaprdtsjsurixssvulnsep09lin.nasl 6482 2017-06-29 08:31:43Z cfischer $ Mozilla Products 'javascript:' URI XSS Vulnerability - Sep09 Linux Authors: Sharath S...
Google Chrome 'javascript: URI' XSS Vulnerability - Sep09
This host is installed with Google Chrome Web Browser and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromejsurixssvulnsep09.nasl 4869 2016-12-29 11:01:45Z teissa $ Google Chrome 'javascript: URI' XSS Vulnerability - Sep09 Authors: Sharath S Copyright:...
Google Chrome 'javascript: URI' XSS Vulnerability (Sep 2009)
Google Chrome Web Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
This host is installed with Apple Safari Web Browser and is prone to Cross-Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafarijsurixssvulnsep09.nasl 4865 2016-12-28 16:16:43Z teissa $ Apple Safari 'javascript: URI' XSS Vulnerability - Sep09 Authors: Sharath S Copyright:...
Apple Safari 'javascript: URI' XSS Vulnerability (Sep 2009)
Apple Safari Web Browser is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...