9591 matches found
SeaMonkey < 2.1 CSS Browser History Disclosure Vulnerability
The installed version of SeaMonkey is earlier than 2.1.0 and is affected by an information disclosure vulnerability. The JavaScript function 'getComputedStyle', and functions like it, can be used in a timing attack to determine if a browser has visited links on the page. C Tenable Network Securit...
Firefox < 4 CSS Browser History Disclosure Vulnerability
The installed version of Firefox 3 is potentially affected by an information disclosure vulnerability. The JavaScript function 'getComputedStyle', and functions like it, can be used in a timing attack to determine if a browser has visited links on the page. C Tenable Network Security, Inc...
SuSE 10 Security Update : OpenSSL (ZYPP Patch Number 7550)
This update of openssl fixes a timing attack. This attack can be used to obtain the private key of a TLS server whenever ECDSA signatures are used. CVE-2011-1945: CVSS v2 Base Score: 4.3 important AV:N/AC:M/Au:N/C:P/I:N/A:N: Cryptographic Issues. CWE-310 %NASLMINLEVEL 70300 C Tenable Network...
Mozilla Firefox Cache Objects History Enumeration Weakness Vulnerability (Windows)
The host is installed with Mozilla Firefox and is prone to cache objects history enumeration weakness vulnerability. OpenVAS Vulnerability Test $Id: gbmozillafirefoxcacheobjenumweaknessvulnwin.nasl 7019 2017-08-29 11:51:27Z teissa $ Mozilla Firefox Cache Objects History Enumeration Weakness...
Mozilla Firefox Cache Objects History Enumeration Weakness Vulnerability - Mac OS X
Mozilla Firefox is prone to cache objects history enumeration weakness vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Mozilla Firefox Cache Objects History Enumeration Weakness Vulnerability - Windows
Mozilla Firefox is prone to cache objects history enumeration weakness vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2010-5074
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...
Code injection
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...
CVE-2010-5074
The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...
CVE-2010-5074
CVE-2010-5074 affects Mozilla Firefox (before 4.0), Thunderbird (before 3.3), and SeaMonkey (before 2.1). The vulnerability stems from the layout engine comparing visited vs. unvisited links while processing CSS token sequences, causing a timing-based information disclosure. An attacker could rem...
[BSA-060] Security Update for openssl
Andres Salomon uploaded new packages for openssl which fixed the following security problems: CVE-2011-3210 Unsafe thread handling in ECDH ciphersuite allow denial of service attack. CVE-2011-1945 Timing attacks against ECDHEECDSA private keys. CVE-2011-0014 Remote denial of service attacks...
Google Chrome < 15.0.874.102 Multiple Vulnerabilities
Binary data 800887.prm...
CVE-2011-3884
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...
Design/Logic Flaw
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...
CVE-2011-3884
Google Chrome before 15.0.874.102 does not properly address timing issues during DOM traversal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted document...
CVE-2011-3884
CVE-2011-3884 affects Google Chrome up to version before 15.0.874.102. The vulnerability stems from timing issues during DOM traversal, allowing a remote attacker to cause a denial of service or potentially invoke unspecified other impact via a crafted document. The connected documents do not pro...
CVE-2011-3884
Removed by vendor...
Mandriva Update for openssl MDVSA-2011:137 (openssl)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Linux Security Advisory : openssl (MDVSA-2011:136)
A vulnerability was discovered and corrected in openssl : The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary fields, which...
Mandriva Linux Security Advisory : openssl (MDVSA-2011:137)
Multiple vulnerabilities has been discovered and corrected in openssl : The elliptic curve cryptography ECC subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm ECDSA is used for the ECDHEECDSA cipher suite, does not properly implement curves over binary...