Google Chrome Multiple Vulnerabilities - Sep12 (Linux-01)

This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvulnsep12lin01.nasl 5888 2017-04-07 09:01:53Z teissa $ Google Chrome Multiple Vulnerabilities - Sep12 Linux-01 Authors: Madhuri D Copyright: Copyright c 2012...

Mozilla Thunderbird 14.x <= 14 Multiple Vulnerabilities

Binary data 801365.prm...

Mandriva Update for mozilla-thunderbird MDVSA-2012:147 (mozilla-thunderbird)

Check for the Version of mozilla-thunderbird OpenVAS Vulnerability Test Mandriva Update for mozilla-thunderbird MDVSA-2012:147 mozilla-thunderbird Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

CVE-2009-5120

The default configuration of Apache Tomcat in Websense Manager in Websense Web Security 7.0 and Web Filter 7.0 allows connections to TCP port 1812 from arbitrary source IP addresses, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via UTF-7 text to the 404...

CVE-2012-2751

ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform...

SeaMonkey < 2.11.0 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.11.0. Such versions are potentially affected by the following security issues : - Several memory safety issues exist, some of which could potentially allow arbitrary code execution. CVE-2012-1948, CVE-2012-1949 - Several memory safety issues...

Firefox < 10.0.4 Multiple Vulnerabilities (Mac OS X)

The installed version of Firefox is earlier than 10.0.4 and thus, is potentially affected by the following security issues : - An off-by-one error exists in the 'OpenType Sanitizer' which can lead to out-bounds-reads and possible code execution. CVE-2011-3062 - Memory safety issues exist that cou...

Mozilla Thunderbird < 12.0 Multiple Vulnerabilities

The installed version of Thunderbird is earlier than 12.0 and thus, is potentially affected by the following security issues : - An error exists with handling JavaScript errors that could lead to information disclosure. CVE-2011-1187 - An off-by-one error exists in the 'OpenType Sanitizer' that...

CVE-2012-2404

wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting XSS attacks via unspecified vectors...

Microsoft ASP.NET ValidateRequest Filters Bypass

According to the HTTP headers received from the remote host, the web server is configured to use the ASP.NET framework. This framework includes the ValidateRequest feature, which is used by ASP.NET web applications to filter user input in an attempt to prevent cross-site scripting attacks. Howeve...

Google Chrome < 18.0.1025.142 Multiple Vulnerabilities

Binary data 6402.pasl...

Debian Security Advisory DSA 2414-1 (fex)

The remote host is missing an update to fex announced via advisory DSA 2414-1. OpenVAS Vulnerability Test $Id: deb24141.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2414-1 fex Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

IBSng all version Cross-Site Scripting Vulnerability

================= APA-IUTcert ================= Title: IBSng all version Cross-Site Scripting Vulnerability Vendor: www.parspooyesh.com Type: Cross-Site Scripting Vulnerability Fix: N/A ================== nsec.ir ================= Description: Input passed via the "str" parameter to...

[USN-1110-1] KDE-Libs vulnerabilities

========================================================================== Ubuntu Security Notice USN-1110-1 April 14, 2011 kde4libs vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

CGI Generic XSS (persistent, 3rd Pass)

The remote web server hosts one or more CGI scripts that fail to adequately sanitize request strings containing malicious JavaScript. By leveraging this issue, an attacker may be able to cause arbitrary HTML and script code to be executed in a user's browser within the security context of the...

N-13 News Cross-Site Request Forgery Vulnerability

This host is running N-13 News and is prone to Cross-Site Request Forgery vulnerability. OpenVAS Vulnerability Test $Id: gbn13newscsrfvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ N-13 News Cross-Site Request Forgery Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks...

Microsoft Internet Explorer Multiple Vulnerabilities (2183461)

This host is missing a critical security update according to Microsoft Bulletin MS10-053. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Google Releases Chrome 5.0.375.70

Google has released Chrome 5.0.375.70 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, bypass security restrictions, or obtain sensitive information. US-CERT encourages use...

Multiple Vendor Clientless SSL VPN Products Same Origin Policy Bypass Vulnerability

Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in...

Microsoft Internet Explorer 'XSS Filter' XSS Vulnerabilities (Nov 2009)

Internet Explorer is prone to a cross-site scripting XSS vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.901097. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C...