Mandriva Update for freetype2 MDVSA-2011:157 (freetype2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Linux Security Advisory : freetype2 (MDVSA-2011:157)

A vulnerability has been discovered and corrected in freetype2 : FreeType allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted font CVE-2011-3256. A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font...

kdelibs: input validation failure in KSSL

The KDE SSL Wrapper KSSL API in KDE SC 4.6.0 through 4.7.1, and possibly earlier versions, does not use a certain font when rendering certificate fields in a security dialog, which allows remote attackers to spoof the common name CN of a certificate via rich text...

Apple Safari Webkit libxslt Arbitrary File Creation

This module exploits a file creation vulnerability in the Webkit rendering engine. It is possible to redirect the output of a XSLT transformation to an arbitrary file. The content of the created file must be ASCII or UTF-8. The destination path can be relative or absolute. This module has been...

Apple Safari Webkit - libxslt Arbitrary File Creation (Metasploit)

$Id: safarixsltoutput.rb 13987 2011-10-18 07:39:50Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

GoAhead Web Server 2.18 - 'addgroup.asp?group' Cross-Site Scripting

source: https://www.securityfocus.com/bid/50039/info GoAhead WebServer is prone to multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser...

Fedora Update for galeon FEDORA-2011-13467

Check for the Version of galeon OpenVAS Vulnerability Test Fedora Update for galeon FEDORA-2011-13467 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Ubuntu: Security Advisory (USN-1213-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Update for thunderbird USN-1213-1

Ubuntu Update for Linux kernel vulnerabilities USN-1213-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12131.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1213-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

DSA-2313-1 iceweasel - several

Bulletin has no description...

Debian DSA-2307-1 : chromium-browser - several vulnerabilities

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-2818 Use-after-free vulnerability in Google Chrome allows remote attackers to cause a denial of service or possibly have unspecified oth...

Fedora Update for freetype FEDORA-2011-9525

Check for the Version of freetype OpenVAS Vulnerability Test Fedora Update for freetype FEDORA-2011-9525 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Emerson.com Cross Site Scripting

One of the pages in Emerson site are rendering the query string parameter without any inspection. This makes it possible to inject malicious content as shown below:...

[SECURITY] Fedora 14 Update: freetype-2.4.2-5.fc14

The FreeType engine is a free and portable font rendering engine, developed to provide advanced font support for a variety of platforms and environments. FreeType is a library which can open and manages font files as well as efficiently load, hint and render individual glyphs. FreeType is not a...

Ubuntu Update for thunderbird USN-1185-1

Ubuntu Update for Linux kernel vulnerabilities USN-1185-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11851.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for thunderbird USN-1185-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net...

Fedora Update for galeon FEDORA-2011-11084

Check for the Version of galeon OpenVAS Vulnerability Test Fedora Update for galeon FEDORA-2011-11084 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Ubuntu: Security Advisory (USN-1185-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1185-1: Thunderbird vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2982 It was discovered that a vulnerability in event...

CommodityRentals Real Estate Script - txtsearch HTML Injection

CommodityRentals Real Estate Script - txtsearch HTML Injection source: https://www.securityfocus.com/bid/49296/info Real Estate Script is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML and script code would run in the...

Tourismscripts Hotel Portal - hotel_city HTML Injection

Tourismscripts Hotel Portal - hotelcity HTML Injection source: https://www.securityfocus.com/bid/49297/info Hotel Portal is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML and script code would run in the context of the...