350 matches found
PT-2009-1042 · Linux +2 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31-git11 Red Hat Enterprise Linux kernel versions 2.4.21 Description: The issue concerns multiple vulnerabilities in the Linux kernel and Red Hat Enterprise Linux kernel, which can lead to a disruption of...
openSUSE 10 Security Update : MozillaThunderbird (MozillaThunderbird-5900)
The Mozilla Thunderbird E-Mail client was updated to version 2.0.0.19. The following security issues were fixed : MFSA 2008-68 / CVE-2008-5512 / CVE-2008-5511: Mozilla security researcher mozbugra4 reported that an XBL binding, when attached to an unloaded document, can be used to violate the...
Sun and Blackdown Java: Applet privilege escalation
Background Sun and Blackdown both provide implementations of Java Development Kits JDK and Java Runtime Environments JRE. All these implementations provide a Java plug-in that can be used to execute Java applets in a restricted environment for web browsers. Description All Java plug-ins are subje...
NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NSFOCUS Security AdvisorySA2003-02 Topic: Solaris lpq Stack Buffer Overflow Vulnerability Release Date: 2003-3-31 CVE CAN ID: CAN-2003-0091 Affected system: =================== Sun Solaris 2.5.1 SPARC/x86 Sun Solaris 2.6 SPARC/x86 Sun Solaris 7...
Cached malformed SIG record buffer overflow
Overview A vulnerability in BIND allows remote attackers to execute code with the privileges of the process running named. This vulnerability is resolved in BIND versions 4.9.11, 8.2.7, 8.3.4, and BIND 9. Description A remotely exploitable buffer overflow exists in named. An attacker using...
IE GetObject() problems
Georgi Guninski security advisory 52, 2001 IE GetObject problems Systems affected: Patched IE 6.0, somewhat patched 5.5 Win2K Risk: High Date: 1 January 2002 Legal Notice: This Advisory is Copyright c 2001 Georgi Guninski. You may distribute it unmodified. You may not modify it and distribute it ...
PT-2001-1156 · Ibm · Lotus Notes Client
Name of the Vulnerable Software and Affected Versions: Lotus Notes Client R5 Description: The issue concerns the Extended Control List ECL feature of the Java Virtual Machine JVM in the affected software. It allows malicious web site operators to determine the existence of files on the client by...
FreeBSD-SA-00:34.dhclient
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:34 Security Advisory FreeBSD, Inc. Topic: dhclient vulnerable to malicious dhcp server Category: core, ports Module: dhclient, isc-dhcp2 ports, isc-dhcp3 ports Announced:...
netscape.4.x-javascript.txt
Date: Wed, 28 Oct 1998 10:22:02 PST From: Georgi Guninski Subject: Javascript bug in Netscape Communicator 4.5 There is a bug in Netscape Communicator 4.5, 4.07, 3.04 under Windows 95 probably others which allows reading user's cache the urls the user has visited, including the info in GET forms...
msie4.01-jscript-security.txt
Date: Thu, 28 Jan 1999 04:53:31 PST From: Georgi Guninski To: [email protected] Subject: Javascript %01 bug in Internet Explorer There is a Javascript security bug in Internet Explorer 4.x patched, which circumvents "Cross-frame security" and opens several security holes. The probl...