CVE-2009-1413

Google Chrome 1.0.x does not cancel timeouts upon a page transition, which makes it easier for attackers to conduct Universal XSS attacks by calling setTimeout to trigger future execution of JavaScript code, and then modifying document.location to arrange for JavaScript execution in the context o...

CVE-2009-1413

CVE-2009-1413 concerns Google Chrome 1.x, where timeouts are not canceled during a page transition, enabling Universal XSS by scheduling code with setTimeout and then redirecting with document.location. The issue can be leveraged through a chromehtml: argument-injection path for remote execution ...

CVE-2009-1413

Removed by vendor...

Mandriva Update for php MDKSA-2007:048 (php)

Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDKSA-2007:048 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

kernel security and bug fix update

2.6.18-128.1.6.0.1.el5 - NET Add entropy support to e1000 and bnx2 John Sobecki,Guru Anbalagane orabug 6045759 - MM shrink zone patch John Sobecki,Chris Mason orabug 6086839 - NET Add xen pv/bonding netconsole support Tina yang orabug 6993043 bz 7258 - nfs convert ENETUNREACH to ENOTCONN Guru...

kernel security and bug fix update

2.6.9-78.0.17.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon wit...

IBM TXSeries for Multiplatforms CICS Listener Crafted CICSAS eci Response Timeout DoS

The version of IBM TXSeries installed on the remote host reportedly waits for a 'forcepurge' acknowledgement from a CICS Application Server after an 'eci' response timeout. A remote, authenticated attacker may be able to leverage this issue to cause a denial of service or have some other...

CVE-2009-0505

The CICS listener in IBM TXSeries for Multiplatforms 6.2 GA waits for a forcepurge acknowledgement from the CICS Application Server CICSAS after an eci response timeout, which might allow remote authenticated users to cause a denial of service forcepurge handling delay, or have unspecified other...

[SECURITY] Fedora 10 Update: sudo-1.6.9p17-5.fc10

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

kernel: enforce a minimum SG_IO timeout

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

Wardialer

Scan for dial-up systems that are connected to modems and answer telephony indials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' Extend Object class to include savetofile and loadfromfile methods cla...

Code injection

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

CVE-2008-5700

libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SGIO requests, which allows local users to cause a denial of service Programmed I/O mode on drives via multiple simultaneous invocations of an unspecified test program...

Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit

No description provided by source. Clean CMS 1.5 fulltxt.php id Blind SQL Injection Exploit url: http://www.4yoursite.nl/scriptcleancms.php Author: JosS mail: sys-projectathotmaildotcom site: http://hack0wn.com && spanish-hackers.com team: Spanish Hackers Team - SHT This was written for education...

kernel security and bug fix update

2.6.9-78.0.8.0.1.EL - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon with...

banner NSE Script

A simple banner grabber which connects to an open TCP port and prints out anything sent by the listening service within five seconds. The banner will be truncated to fit into a single line, but an extra line may be printed for every increase in the level of verbosity requested on the command line...

Fedora 9 : phpMyAdmin-3.0.1.1-1.fc9 (2008-9316)

This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...

Fedora 8 : phpMyAdmin-3.0.1.1-1.fc8 (2008-9336)

This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...

Calendars for the Web 4.02 Admin Auth Bypass Vulnerability

No description provided by source. Exploit discovered by SecVuln from http://secvuln.com Come join our clan! contact [email protected] Author == SecVuln Version == 4.02 Software == Calendars for the web by great hill corporation Calendars for the web has a vulnerability in the administration...

Calendars for the Web 4.02 - Admin Authentication Bypass

Calendars for the Web 4.02 - Admin Authentication Bypass Exploit discovered by SecVuln from http://secvuln.com Come join our clan! contact [email protected] Author == SecVuln Version == 4.02 Software == Calendars for the web by great hill corporation Calendars for the web has a vulnerability in...