4377 matches found
CVE-2009-4135
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp...
Novell ZENworks Desktop Management Installation Service Remote Information Disclosure Vulnerability
This vulnerability allows remote attackers to impersonate valid users in vulnerable installations of Novell ZENworks Desktop Management. Authentication is not required to exploit this vulnerability. The specific flaw exists due to an information leak when querying the AWSI service which listens b...
CVE-2009-4052
Multiple cross-site scripting XSS vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 th...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 th...
CVE-2009-4052
Multiple cross-site scripting XSS vulnerabilities in the JSF Widget Library Runtime in IBM Rational Application Developer for WebSphere Software before 7.0.0.10 and Rational Software Architect before 7.0.0.10 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 th...
Autodesk SoftImage Scene TOC Arbitrary Command Execution
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ Autodesk SoftImage Scene TOC Arbitrary Command Execution 1. Advisory Information Title: Autodesk SoftImage Scene TOC Arbitrary...
SMB Tree Connect Request Fuzzer
This module sends a series of SMB tree connect requests using malicious strings. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Tree Connect Request Fuzzer', 'Description' = %q This module...
openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-6495)
This update brings the Mozilla Firefox browser to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-30 / CVE-2009-3075: Mozilla developers and community members identified and...
SuSE 11 Security Update : Firefox (SAT Patch Number 1340)
This update brings Mozilla Firefox from the 3.0 stable branch to the current stable branch version 3.5.3. It also fixes various security issues : - / / CVE-2009-3075: Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and oth...
Mozilla Firefox XUL Frame Tree Memory Corruption (CVE-2008-5016)
Mozilla Firefox is a very popular web browser developed by the Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions HTML, XML, XUL, JavaScript, various graphics formats, and so on. The browser runs on...
Authentication flaw
Open Source Security Information Management OSSIM before 2.1.2 allows remote attackers to bypass authentication, and read graphs or infrastructure information, via a direct request to 1 graphs/alarmsevents.php or 2 host/drawtree.php...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312)
This update brings Mozilla Firefox to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-3074 / CVE-2009-3075: Mozilla developers and community members identified and fixed sever...
openSUSE Security Update : MozillaFirefox (MozillaFirefox-1312)
This update brings Mozilla Firefox to the 3.0.14 stable release. It also fixes various security issues: MFSA 2009-47 / CVE-2009-3069 / CVE-2009-3070 / CVE-2009-3071 / CVE-2009-3072 / CVE-2009-3073 / CVE-2009-3074 / CVE-2009-3075: Mozilla developers and community members identified and fixed sever...
Mandriva Linux Security Advisory : firefox (MDVSA-2009:236)
Security issues were identified and fixed in firefox 3.0.x : Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vecto...
Mozilla Firefox Multiple Vulnerabilities - Sep09 (Windows)
The host is installed with Firefox browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnsep09win.nasl 5055 2017-01-20 14:08:39Z teissa $ Mozilla Firefox Multiple Vulnerabilities - Sep09 Windows Authors: Sharath S Copyright: Copyright c 2009 SecPod...
Mozilla Firefox Multiple Vulnerabilities - Sep09 (Linux)
The host is installed with Firefox browser and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfirefoxmultvulnsep09lin.nasl 5055 2017-01-20 14:08:39Z teissa $ Mozilla Firefox Multiple Vulnerabilities - Sep09 Linux Authors: Sharath S Copyright: Copyright c 2009 SecPod,...
CVE-2009-3077
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...
CVE-2009-3077
CVE-2009-3077 affects Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3. The issue is a dangling-pointer vulnerability in TreeColumns of a XUL tree, caused by improper pointer management, enabling remote attackers to execute arbitrary code via a crafted HTML document. Affected products: Firefo...
Mozilla Firefox < 3.0.14 / 3.5.3 Multiple Vulnerabilities
Binary data 801311.prm...
CVE-2009-3077
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns aka TreeColumns of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangling pointer vulnerability."...