GLSA-201204-03 : Chromium: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201204-03 Chromium: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium. Please review the CVE identifiers and release notes referenced below for details. Impact : A remote attacker could entice a us...

Adobe Flash Player Multiple Vulnerabilities (Jun 2012) - Windows

Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...

Adobe Flash Player Multiple Vulnerabilities June-2012 (Linux)

This host is installed with Adobe Flash Player and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeflashplayermultvulnjun12lin.nasl 5988 2017-04-20 09:02:29Z teissa $ Adobe Flash Player Multiple Vulnerabilities June-2012 Linux Authors: Rachana Shetty Copyright:...

[CAL-2012-0026] Microsfot IE Same ID Property Remote Code Execution Vulnerability

CAL-2012-0026 Microsfot IE Same ID Property Remote Code Execution Vulnerability CVE ID: CVE-2012-1875 http://technet.microsoft.com/en-us/security/bulletin/ms12-037 http://blog.vulnhunt.com/index.php/2012/06/13/cal-2012-0026-microsfot-ie-same-id-property-remote-code-execution-vulnerability/ 1...

MS12-037 Microsoft Internet Explorer Same ID Property Deleted Object Handling Memory Corruption

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka “Same ID Property Remote Code Execution Vulnerability.” Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: A...

Flash Player issue in implementations of the Same Origin Policy

Overview Flash Player contains an issue in implementations of the Same Origin Policy. SoundMixer.computeSpectrum method, included in Flash Player, contains an issue in implementations of the Same Origin Policy. Mitsuaki Shiraishi of Symantec Japan, Inc. reported this vulnerability to IPA. JPCERT/...

JVN#38163638: Flash Player issue in implementations of the Same Origin Policy

SoundMixer.computeSpectrum method, included in Flash Player, contains an issue in implementations of the Same Origin Policy. Impact An attacker may obtain sound spectrum data that user playing in violation of the same-origin policy. Solution Update the Software Update to the latest version...

CVE-2011-5093

Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging access to a privileged account, a different vulnerability than...

Browser Navigation Download Trick (Chrome / IE / Firefox)

Exploit for multiple platform in category local exploits Another moderately interesting tidbit, I guess... It is an important and little-known property of web browsers that one document can always navigate other, non-same-origin windows to arbitrary URLs. Perhaps more interestingly, you can also...

Mozilla Products Security Bypass Vulnerability - May12 (Windows)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to security bypass vulnerability OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnmay12win.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Security Bypass Vulnerability - May12 Windows Authors: Rachan...

Mozilla Products Security Bypass Vulnerability - May12 (Mac OS X)

This host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to security bypass vulnerability OpenVAS Vulnerability Test $Id: gbmozillaprdtssecbypassvulnmay12macosx.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Security Bypass Vulnerability - May12 Mac OS X Authors:...

Mozilla Products Security Bypass Vulnerability (May 2012) - Windows

Mozilla Firefox/Thunderbird/Seamonkey is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 380e8c56-8e32-11e1-9580-4061862b8c22 OpenVAS Vulnerability Test $ Description: Auto generated from VID 380e8c56-8e32-11e1-9580-4061862b8c22 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 057130e6-7f61-11e1-8a43-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 057130e6-7f61-11e1-8a43-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 330106da-7406-11e1-a1d7-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 330106da-7406-11e1-a1d7-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2012-2401

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...

CVE-2012-2401

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...

DEBIAN-CVE-2012-2401

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...

CVE-2012-2401

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...

Design/Logic Flaw

Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows remote attackers to bypass the Same Origin Policy via crafted content...