Lucene search
K

745 matches found

RedHat Linux
RedHat Linux
added 2012/09/13 4:54 p.m.4 views

libxslt: Heap-double-free in xmlFreeNodeList

Double free vulnerability in libxslt, as used in Google Chrome before 22.0.1229.79, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XSL transforms...

6.8CVSS6AI score0.01478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2012/08/29 4:38 a.m.8 views

Mozilla: Out-of-bounds read in format-number in XSLT (MFSA 2012-65)

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that...

5CVSS7.5AI score0.03957EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2012/08/29 4:19 a.m.5 views

Mozilla: Out-of-bounds read in format-number in XSLT (MFSA 2012-65)

The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to obtain sensitive information via unspecified vectors that...

5CVSS7.5AI score0.03957EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.24 views

Scientific Linux Security Update : libxslt on SL3.x, SL4.x, SL5.x i386/x86_64

Anthony de Almeida Lopes reported the libxslt library did not properly process long 'transformation match' conditions in the XSL stylesheet files. An attacker could create a malicious XSL file that would cause a crash, or, possibly, execute and arbitrary code with the privileges of the applicatio...

7.5CVSS8.7AI score0.1279EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2012/06/27 3:44 p.m.6 views

php: XSLT file writing vulnerability

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...

6.4CVSS7.5AI score0.0315EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2012/06/27 3:44 p.m.2 views

php: XSLT file writing vulnerability

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...

6.4CVSS7.5AI score0.0315EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2012/02/10 12:0 a.m.276 views

Debian DSA-2406-1 : icedove - several vulnerabilities

Several vulnerabilities have been discovered in Icedove, Debian's variant of the Mozilla Thunderbird code base. - CVE-2011-3670 Icedove does not not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls throu...

10CVSS8.9AI score0.07936EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2012/02/09 12:0 a.m.93 views

Ubuntu 10.04 LTS / 10.10 : xulrunner-1.9.2 vulnerabilities (USN-1353-1)

Jesse Ruderman and Bob Clary discovered memory safety issues affecting the Gecko Browser engine. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of t...

10CVSS8.6AI score0.36511EPSS
Exploits11References6
OSV
OSV
added 2012/02/09 12:0 a.m.43 views

DSA-2406-1 icedove - several

Bulletin has no description...

10CVSS8.7AI score0.07936EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/02/08 4:2 p.m.90 views

USN-1350-1: Thunderbird vulnerabilities

Jesse Ruderman and Bob Clary discovered memory safety issues affecting Thunderbird. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of the user...

10CVSS8.6AI score0.36511EPSS
Exploits11
Ubuntu
Ubuntu
added 2012/02/08 3:42 p.m.103 views

USN-1353-1: Xulrunnner vulnerabilities

Jesse Ruderman and Bob Clary discovered memory safety issues affecting the Gecko Browser engine. If the user were tricked into opening a specially crafted page, an attacker could exploit these to cause a denial of service via application crash, or potentially execute code with the privileges of t...

10CVSS8.6AI score0.36511EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2012/02/08 12:0 a.m.35 views

SuSE 10 Security Update : Mozilla Firefox (ZYPP Patch Number 7949)

Mozilla Firefox was updated to 3.6.26 fixing bugs and security issues. The following security issues have been fixed by this update : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs...

10CVSS8.7AI score0.36511EPSS
Exploits11References15
OpenVAS
OpenVAS
added 2012/02/06 12:0 a.m.46 views

Ubuntu Update for ubufox USN-1355-3

Ubuntu Update for Linux kernel vulnerabilities USN-1355-3 OpenVAS Vulnerability Test $Id: gbubuntuUSN13553.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for ubufox USN-1355-3 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

10CVSS0.9AI score0.36511EPSS
Exploits11References2
OpenVAS
OpenVAS
added 2012/02/06 12:0 a.m.40 views

Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 (MAC OS X)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnmacosxfeb12.nasl 6445 2017-06-27 12:31:06Z santu $ Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 MAC OS X Authors: Madhu...

10CVSS0.8AI score0.36511EPSS
Exploits11References3
Tenable Nessus
Tenable Nessus
added 2012/02/06 12:0 a.m.40 views

SuSE 11.1 Security Update : MozillaFirefox (SAT Patch Number 5754)

This update provides Mozilla Firefox 10, which provides many fixes, security and feature enhancements. For a detailed list, please have a look at http://www.mozilla.org/en-US/firefox/10.0/releasenotes/ and http://www.mozilla.org/de/firefox/features/ The following security issues have been fixed i...

10CVSS8.8AI score0.36511EPSS
Exploits11References27
OpenVAS
OpenVAS
added 2012/02/06 12:0 a.m.76 views

Mozilla Products Multiple Unspecified Vulnerabilities (Feb 2012) - Mac OS X

Mozilla Firefox/Thunderbird/Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9AI score0.36511EPSS
Exploits11References7
OpenVAS
OpenVAS
added 2012/02/03 12:0 a.m.31 views

Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 (Windows)

The host is installed with Mozilla firefox/thunderbird/seamonkey and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultvulnwinfeb12.nasl 6444 2017-06-27 11:24:02Z santu $ Mozilla Products Multiple Unspecified Vulnerabilities - Feb12 Windows Authors: Madhuri D...

10CVSS0.6AI score0.36511EPSS
Exploits11References3
Prion
Prion
added 2012/02/02 12:55 a.m.26 views

Code injection

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...

6.4CVSS7.1AI score0.0315EPSS
Exploits2References21Affected Software1
CVE
CVE
added 2012/02/02 12:0 a.m.229 views

CVE-2012-0057

CVE-2012-0057 affects PHP up to version 5.3.8 (prior to 5.3.9), where improper libxslt security settings allow remote attackers to create arbitrary files via a crafted XSLT stylesheet using the libxslt output extension. The connected advisories confirm this vulnerability across multiple distribut...

6.4CVSS6.4AI score0.0315EPSS
Exploits2References21Affected Software1
Cvelist
Cvelist
added 2012/02/02 12:0 a.m.23 views

CVE-2012-0057

PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...

6.4AI score0.0315EPSS
Exploits2References21
Rows per page
Query Builder