KLA10182 SUI vulnerability in Google Toolbar

Lack of domain name verification was found in Google Toolbar. By exploiting this vulnerability malicious users can spoof domain names. This vulnerability can be exploited remotely via custom button manipulations. Original advisories - Related products Google-Toolbar CVE list CVE-2007-6536 high...

Moderate: Red Hat Security Advisory: conga security, bug fix, and enhancement update

Updated conga packages that correct a security flaw and provide bug fixes and add enhancements are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Conga package is a web-based administration tool for remote cluster and storag...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attribute...

[SECURITY] Fedora Core 6 Update: wireshark-0.99.6-1.fc6

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

Microsoft Excel Workspace Designation Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers may exploit this issue by enticing victims into opening a maliciously crafted Excel file .xls. Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the...

thunderbird security update

CentOS Errata and Security Advisory CESA-2007:0401 Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Mozilla Thunderbird is a...

Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: this issue can be leveraged for phishing and other...

thunderbird security update

CentOS Errata and Security Advisory CESA-2007:0078 Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 06 March 2007 Updated text...

Critical: Red Hat Security Advisory: thunderbird security update

Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. Updated 06 March 2007 Updated text description to add CVE-2007-1282 and remove...

DSA-1256-1 gtk+2.0

Bulletin has no description...

Multiple mobile phones bluetooth DoS

Flood with ussp-push messages causes user interface blocking by multiple download prompt messages...

DEBIAN-CVE-2007-0254

Format string vulnerability in the errorscreatewindow function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors...

[SECURITY] Fedora Core 6 Update: openoffice.org-2.0.4-5.5.10

OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office...

CVE-2006-6473

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to 1 an Immediate Image Overwrite IIO error message at the Local User Interface LUI if overwri...

CentOS 3 / 4 : gtk2 (CESA-2005:344)

Updated gtk2 packages that fix a double free vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The gtk2 package contains the GIMP ToolKit GTK+, a library for creating graphical user interfaces for the X Window...

[Full-disclosure] Internet Explorer User Interface Races, Redeux

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Microsoft Internet Explorer User Interface Race Condition I. SYNOPSIS Affected Systems: Windows 98 Windows 98 Second Edition Windows Millennium Edition Windows 2000 Windows XP Windows Server 2003 Risk: Medium Impact: Remote code execution some...

openmotif, openmotif21 security update

CentOS Errata and Security Advisory CESA-2006:0272 Updated openmotif packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenMotif provides libraries which implement the Motif industry standard...

[Full-disclosure] DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'

DMA2006-0321a - 'Motorola P2K Platform setpath overflow and Blueline attack' Author: Kevin Finisterre Vendor: http://www.motorola.com Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?' References: http://www.digitalmunition.com/DMA2006-0321a.txt...

[SA19223] BorderWare MXtreme Web Administration Unspecified Vulnerability

TITLE: BorderWare MXtreme Web Administration Unspecified Vulnerability SECUNIA ADVISORY ID: SA19223 VERIFY ADVISORY: http://secunia.com/advisories/19223/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote OPERATING SYSTEM: Borderware MXtreme http://secunia.com/product/1842/...

Microsoft Security Bulletin MS06-003 Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution (902412)

Microsoft Security Bulletin MS06-003 Vulnerability in TNEF Decoding in Microsoft Outlook and Microsoft Exchange Could Allow Remote Code Execution 902412 Published: January 10, 2006 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Outlook, Microsoft Exchange, or...