[SECURITY] Fedora 8 Update: gtkmozembedmm-1.4.2.cvs20060817-19.fc8

This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...

[SECURITY] Fedora 8 Update: epiphany-2.20.3-2.fc8

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

[SECURITY] Fedora 7 Update: kazehakase-0.5.3-5.fc7

Kazehakase is a Web browser which aims to provide a user interface that is truly user-friendly & fully customizable. This package uses Gecko for HTML rendering engine. If you want to use WebKit for HTML rendering engine, install "kazehakase-webkit" rpm instead...

[SECURITY] Fedora 7 Update: gtkmozembedmm-1.4.2.cvs20060817-16.fc7

This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...

[SECURITY] Fedora 7 Update: epiphany-2.18.3-8.fc7

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

Alkacon OpenCMS 7.0.3 - 'logfileViewSettings.jsp?filePath' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28152/info Alkacon OpenCms is prone to multiple input-validation vulnerabilities, including one cross-site scripting issue and a file-disclosure issue, because the application fails to properly sanitize user-supplied input. Attackers can exploit these...

Power Phlogger 2.2.x - Cross-Site Scripting

source: https://www.securityfocus.com/bid/37150/info Power Phlogger is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. Attackers can exploit this issue to steal cookie-based authentication credentials or to control how the site...

[SECURITY] Fedora 8 Update: epiphany-2.20.2-3.fc8

epiphany is a simple GNOME web browser based on the Mozilla rendering engine...

[SECURITY] Fedora 8 Update: gtkmozembedmm-1.4.2.cvs20060817-18.fc8

This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...

[SECURITY] Fedora 7 Update: gtkmozembedmm-1.4.2.cvs20060817-15.fc7

This package provides a C++/gtkmm wrapper for GtkMozEmbed from Mozilla 1.4.x to 1.7.x. The wrapper provides a convenient interface for C++ programmers to use the Gtkmozembed HTML-rendering widget inside their software...

Memory corruption

Unspecified vulnerability in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via crafted HTML layout combinations, aka "HTML Rendering Memory Corruption Vulnerability."...

Internet Explorer HTML Rendering Memory Corruption (MS08-010; CVE-2008-0076)

Microsoft Internet Explorer is the most widely used Internet browser. The vulnerability is due to a memory corruption error in Microsoft Internet Explorer when rendering HTML documents with certain layout combinations. A remote attacker could exploit this issue by convincing a user to visit a...

CVE-2008-0592

Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Firefox from rendering future plain text files...

Cross site scripting

Cross-site scripting XSS vulnerability in the font rendering functionality in Novemberborn sIFR 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the txt parameter to a Flash SWF file, as demonstrated by fonts/FuturaLt.swf...

CVE-2008-0438

Cross-site scripting XSS vulnerability in the font rendering functionality in Novemberborn sIFR 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the txt parameter to a Flash SWF file, as demonstrated by fonts/FuturaLt.swf...

Fedora 7 : cairo-1.4.14-1.fc7 (2007-3818)

The latest stable upstream release of cairo fixes a number of memory handling errors, rendering errors, and contains some optimizations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Debian Security Advisory DSA 1085-1 (lynx-ssl)

The remote host is missing an update to lynx-ssl announced via advisory DSA 1085-1. Several vulnerabilities have been discoverd in lynx, the popular text-mode WWW browser. The Common Vulnerabilities and Exposures Project identifies the following vulnerabilities: CVE-2004-1617 Michal Zalewski...

SuSE 10 Security Update : Intel i810 chips (ZYPP Patch Number 4728)

The drm i915 component in the kernel before 2.6.22.2, when used with i965G and later chips ets, allows local users with access to an X11 session and Direct Rendering Manager DRM t o write to arbitrary memory locations and gain privileges via a crafted batchbuffer. This update also provides the...

Sun Java System Identity Manager 6.07.07.1 - idmusermain.jsp?activeControl Cross-Site Scripting

Sun Java System Identity Manager 6.07.07.1 - idmusermain.jsp?activeControl Cross-Site Scripting source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting...

Sun Java System Identity Manager 6.0/7.0/7.1 - '/idm/login.jsp' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/27214/info Sun Java System Identity Manager is prone to multiple input-validation vulnerabilities, including an HTML-injection issue and cross-site scripting issues, because it fails to adequately sanitize user-supplied input. Attackers can exploit these...