Mozilla Firefox 3.6.x < 3.6.14 Multiple Vulnerabilities

Binary data 5808.prm...

Symantec IM Manager 'eval()' Code Injection Vulnerability

This host is installed with Symantec IM Manager and is prone to code injection vulnerability. OpenVAS Vulnerability Test $Id: secpodsymantecimmanagercodeinjvuln.nasl 7573 2017-10-26 09:18:50Z cfischer $ Symantec IM Manager 'eval' Code Injection Vulnerability Authors: Sooraj KS Copyright: Copyrigh...

VLC Media Player '.mkv' Code Execution Vulnerability (Windows)

The host is installed with VLC Media Player and is prone to arbitrary code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodvlcmediaplayercodeexecvulnwin.nasl 8174 2017-12-19 12:23:25Z cfischer $ VLC Media Player '.mkv' Code Execution Vulnerability Windows Authors: Madhuri D...

Adobe Reader Image Texture Malformed IFF File Memory Corruption (APSB11-03; CVE-2011-0590)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. Adobe Acrobat and Reader products include a plugin to parse the 3D image files inside PDF documents. PDF files can include 3D images in Universal 3D format that can link to external image files, such as an Interchange...

Domino Sametime Multiple Reflected Cross-Site Scripting

Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...

Domino Sametime 8.0.1 Cross Site Scripting

Class Input Validation Error CVE CVE-2011-1038 Remote Yes Local No Published Feb 16 2011 09:33AM Credit Dave Daly Vulnerable Domino Sametime 8.0.1 Domino Sametime is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverag...

VideoLAN VLC Media Player 1.1.6 - &#039;MKV&#039; Memory Corruption (Metasploit)

$Id: vlcwebm.rb 11725 2011-02-08 18:22:36Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

WordPress RSS Feed Reader Plugin 'rss_url' Parameter Cross Site Scripting Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

VideoLAN VLC MKV Memory Corruption

$Id: vlcwebm.rb 11692 2011-02-01 18:54:24Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities

This host is installed with Fax Cover Page Editor and is prone to buffer overflow vulnerabilities. This NVT has been replaced by NVT secpodms11-024.nasl OID:1.3.6.1.4.1.25623.1.0.902408. OpenVAS Vulnerability Test $Id: gbmswindowsfscpebofvuln.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft...

Microsoft Windows Fax Cover Page Editor BOF Vulnerabilities

Fax Cover Page Editor is prone to multiple buffer overflow vulnerabilities. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902408. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrig...

IO::Socket::SSL: Certificate validation error

Background IO::Socket::SSL is a Perl class implementing an object oriented interface to SSL sockets. Description The vendor reported that IO::Socket::SSL does not properly handle Common Name CN fields. Impact A remote attacker might employ a specially crafted certificate to conduct...

Cross-site Request Forgery (CSRF) in KaiBB

High-Tech Bridge SA Security Research Lab has discovered vulnerability in KaiBB which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in KaiBB The vulnerability exists due to insufficient validation of the request origin in admin/core/account.ph...

Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability (941693)

This host is missing a critical security update according to Microsoft Bulletin MS08-025. OpenVAS Vulnerability Test $Id: gbms08-025.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Windows Kernel Usermode Callback Local Privilege Elevation Vulnerability 941693 Authors: Madhuri D Copyright:...

[CORE-2010-0728] Symantec Intel Handler Service Remote Denial-of-Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://corelabs.coresecurity.com/ Symantec Intel Handler Service Remote DoS 1. Advisory Information Title: Symantec Intel Handler Service Remote DoS Advisory Id: CORE-2010-0728 Advisory URL:...

Mandriva Linux Security Advisory : bind (MDVSA-2010:253)

Multiple vulnerabilities were discovered and corrected in bind : named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote...

Symantec Intel Handler Service Remote DoS

Core Security - CoreLabsSymantec Intel Handler Service Remote DoS 1. Advisory Information Title: Symantec Intel Handler Service Remote DoS Advisory Id: CORE-2010-0728 Advisory URL: http://www.coresecurity.com/content/symantec-intel-handler-service-remote-dos Date published: 2010-12-13 Date of las...

Ruby on Rails Security Bypass Vulnerability (Nov 2010)

Ruby on Rails is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rubyonrails:rails";...

DEBIAN-CVE-2010-3614

named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...

EUVD-2010-3610

named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service DNSSEC validati...