DEBIAN-CVE-2013-0335

OpenStack Compute Nova Grizzly, Folsom 2012.2, and Essex 2012.1 allows remote authenticated users to gain access to a VM in opportunistic circumstances by using the VNC token for a deleted VM that was bound to the same VNC port...

Ubuntu 7.10 : firefox vulnerabilities (USN-728-2)

Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. CVE-2009-0772, CVE-2009-0774...

Ubuntu 6.06 LTS : mozilla-thunderbird vulnerabilities (USN-701-2)

Several flaws were discovered in the browser engine. If a user had JavaScript enabled, these problems could allow an attacker to crash Thunderbird and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Thunderbird could be...

Ubuntu 6.06 LTS : firefox vulnerabilities (USN-690-3)

Several flaws were discovered in the browser engine. These problems could allow an attacker to crash the browser and possibly execute arbitrary code with user privileges. CVE-2008-5500 Boris Zbarsky discovered that the same-origin check in Firefox could be bypassed by utilizing XBL-bindings. An...

Mastery OA contents of the log stored XSS can get the cookie-vulnerability warning-the black bar safety net

Mastery OA2013 and 2 0 1 0 version, Office Anywhere 2 0 1 3 work log edit page there is the storage typeXSS, and their superiors view the log after you can steal the cookie 1, the work log edit page source code to bypass the bypass a character can be constructedXSS! ! ! 1, the interception to giv...

Sun Java JRE Multiple Vulnerabilities (233321-233327) (Unix)

The version of Sun Java Runtime Environment JRE installed on the remote host is affected by one or more security issues : - Two vulnerabilities in the JRE VM may independently allow an untrusted application or applet downloaded from a website to elevate its privileges 233321. - When processing XS...

CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

Cross site scripting

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2012-2292

The Silverlight cross-domain policy in EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x before 5.2SP1 does not restrict access to the Archer application, which allows remote attackers to bypass the Same Origin Policy via unspecified vectors...

CVE-2012-2292

The CVE-2012-2292 issue affects RSA Archer products: EMC RSA Archer SmartSuite Framework 4.x and RSA Archer GRC 5.x prior to 5.2SP1. Root cause: a misconfigured Silverlight cross-domain policy that does not restrict access to the Archer application, allowing remote attackers to bypass the Same Or...

easyXDM Library Cross Site Scripting

Affected products ================= easyXDM library 2.4.19 - http://easyxdm.net/wp/ easyXDM is a Javascript library that enables you as a developer to easily work around the limitation set in place by the Same Origin Policy, in turn making it easy to communicate and expose javascript API's across...

RHEL 5 : java-1.6.0-ibm (RHSA-2008:0267)

Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.6.0 Java release includes the IBM Java 2 Runtime Environmen...

RHEL 5 : thunderbird (RHSA-2010:0545)

An updated thunderbird package that fixes several security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

CVE-2012-5146

Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL...

CVE-2012-5146

Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL...

Design/Logic Flaw

Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL...

CVE-2012-5146

Google Chrome before 24.0.1312.52 allows remote attackers to bypass the Same Origin Policy via a malformed URL...

CVE-2012-5146

CVE-2012-5146 affects Google Chrome/ Chromium. Description: remote attackers could bypass the Same Origin Policy via a malformed URL. Impact: SOP bypass (highly sensitive security policy). Affected versions: Chrome prior to 24.0.1312.52. Mitigation: upgrade to Chrome 24.0.1312.52 or newer (as ind...

CVE-2012-5146

Removed by vendor...

SeaMonkey 2.14.x < 2.15 Multiple Vulnerabilities

Binary data 6670.prm...