Fedora Update for libkipi FEDORA-2013-13112

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Dell PacketTrap PSA 7.1 Cross Site Scripting

Title: ====== Dell PacketTrap PSA 7.1 - Multiple Persistent Vulnerabilities Date: ===== 2013-07-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=790 VL-ID: ===== 790 Common Vulnerability Scoring System: ==================================== 5.6 Introduction:...

Saurus CMS 4.7.1 - Multiple Vulnerabilities

Saurus CMS 4.7.1 - Multiple Vulnerabilities waraxe-2013-SA106 - Multiple Vulnerabilities in Saurus CMS 4.7.1 ================================================================================ Author: Janek Vind "waraxe" Date: 14. July 2013 Location: Estonia, Tartu Web:...

JDK: unspecified vulnerability fixed in 6u51 and 5u51 (AWT)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT...

Oracle Linux 6 : thunderbird (ELSA-2012-0080)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2012-0080 advisory. 3.1.18-1.0.1.el62 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Replace clean.gif in tarball 3.1.18-1 -...

Oracle Linux 5 / 6 : firefox (ELSA-2012-0515)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0515 advisory. firefox: 10.0.4-1.0.1.el62 - Replace firefox-redhat-default-prefs.js with firefox-oracle-default-prefs.js 10.0.4-1 - Update to 10.0.4 ESR xulrunner...

[SECURITY] Fedora 19 Update: autotrace-0.31.1-34.fc19

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

[SECURITY] Fedora 18 Update: autotrace-0.31.1-34.fc18

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

Fedora Update for autotrace FEDORA-2013-12032

Check for the Version of autotrace OpenVAS Vulnerability Test Fedora Update for autotrace FEDORA-2013-12032 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mobile Atlas Creator 1.9.12 - Persistent Command Injection

Title: ====== Mobile Atlas Creator 1.9.12 - Persistent Command Injection Vulnerability Date: ===== 2013-06-11 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=970 VL-ID: ===== 970 Common Vulnerability Scoring System: ==================================== 3.5 Introduction:...

Mozilla: SVG filters can lead to information disclosure (MFSA 2013-55)

The SVG filter implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to read pixel values, and possibly bypass the Same Origin Policy and read text from a different domain, by...

Elemata CMS RC3.0 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Elemata CMS RC3.0 SQL Injection Date : 23 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://www.elemata.com/ Software Link :...

OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information...

OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information...

Mod_Security Cross Site Scripting Bypass

Product: Modsecurity Author: Rafay Baloch Status: Fixed Details: The ModSecurity firewall is one of the most known WAF around, It has an online smoke test where we can check if a vector bypassed the regular expressions. Payload: It was though detecting null bytes, but it was generating a false...

Fedora Update for klickety FEDORA-2013-10130

Check for the Version of klickety OpenVAS Vulnerability Test Fedora Update for klickety FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Cisco Iframe Injection

Dear Support, I have found iframe injection on newsroom.cisco.com. Affected URL: http://newsroom.cisco.com/blair-christie?articleId=%27%22%3E%3Ciframe%20src=%22http://www.avsecurity.in%22%20width=%221000%22%20height=%221000%22%3E/ Below are the description for the same. IFrame Injection: Using...

Internet Explorer VML Dashstyle Attributes Integer Overflow

Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...

Internet Explorer VML Dashstyle Attributes Integer Overflow

Added: 06/03/2013 CVE: CVE-2013-2551 BID: 58570 OSVDB: 91197 Background Vector Markup Language VML is an XML-based format for vector graphics. Problem An integer overflow vulnerability in vml.dll when processing dashstyle attributes of certain VML elements in a web page allows arbitrary command...

[SET v5.1] The Social-Engineer Toolkit codename “Name of the Doctor”

The Social-Engineer Toolkit SET version 5.1 codename “ Name of the Doctor ” has been released. This version adds a complete rewrite of the MSSQL Bruter as well as a new attack vector utilizing the PSExec functionality within Metasploit. The MSSQL Bruter now incorporates UDP port 1434 quick...