25 matches found
Cross-site Scripting
plotly-js is vulnerable to cross-site scripting XSS attacks. The vulnerability exists due the lack of URI encoding in the href field that defines the special popup attribute...
apache tomcat < 6.0.18 utf8 - Directory Traversal vulnerability
No description provided by source. Title: Apache Tomcat Directory Traversal Vulnerability Author: Simon Ryeobar4mi at gmail.com, barami at ahnlab.com Severity: High Impact: Remote File Disclosure Vulnerable Version: prior to 6.0.18 Solution: - Best Choice: Upgrade to 6.0.18 http://tomcat.apache.o...
Quotation Mark Parsing Flaw Makes IE Users Vulnerable to Attack
A bug in Microsoft’s Internet Explorer has left users of the popular browser vulnerable to cross-site scripting attacks, according to researchers at the security firm Imperva Data Security. The flaw stems from an error in the way double quotes are encoded by IE. According to Imperva’s Rob Rachwal...
DEBIAN-CVE-2011-0495
Stack-based buffer overflow in the asturiencode function in main/utils.c in Asterisk Open Source before 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, 1.8.2.; and Business Edition before C.3.6.2; when running in pedantic mode allows remote authenticated users to execute arbitrary...
cnn-xss.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear CNN, I recently discovered a security vulnerability on the www.cnn.com website. I believe the vulnerability can be used by a remote user to alter content on www.cnn.com. On 10 Nov 2008, I wrote to...