Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)

The System Only Wrapper SOW implementation in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, and SeaMonkey before 2.17 does not prevent use of the cloneNode method for cloning a protected node, which allows remote...

stunnel Detection

stunnel, an encryption wrapper application that provides TLS encryption functionality to existing clients and servers, is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65689; scriptversion"1.8";...

openSUSE: Security Advisory for Mozilla (openSUSE-SU-2013:0323-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Nmap NSE 6.01: irc-info

Gathers information from an IRC server. It uses STATS, LUSERS, and other queries to obtain this information. OpenVAS Vulnerability Test $Id: gbnmap6ircinfo.nasl 7148 2017-09-15 13:01:14Z cfischer $ Autogenerated NSE wrapper Authors: NSE-Script: Doug Hoyte NASL-Wrapper: autogenerated Copyright:...

Nmap NSE 6.01: upnp-info

Attempts to extract system information from the UPnP service. SYNTAX: upnp-info.override: Controls whether we override the IP address information returned by the UPNP service for the location of the XML file that describes the device. Defaults to true for unicast hosts. OpenVAS Vulnerability Test...

CVE-2013-0773

The Chrome Object Wrapper COW and System Only Wrapper SOW implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote...

CVE-2013-0773

The Chrome Object Wrapper COW and System Only Wrapper SOW implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote...

CVE-2013-0773

CVE-2013-0773 corresponds to a vulnerability in the Chrome Object Wrapper (COW) and System Only Wrapper (SOW) security wrappers in Mozilla-based products. The issue allowed modifications to a prototype, enabling a non-specified remote site to access chrome objects or potentially execute JavaScrip...

CVE-2013-0773

The Chrome Object Wrapper COW and System Only Wrapper SOW implementations in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 do not prevent modifications to a prototype, which allows remote...

CVE-2013-0265

The redirectstderr function in xnbdcommon.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log...

Design/Logic Flaw

The redirectstderr function in xnbdcommon.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log...

UBUNTU-CVE-2013-0265

The redirectstderr function in xnbdcommon.c in xnbd-server and xndb-wrapper in xNBD 0.1.0 allow local users to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log...

CVE-2013-0265

The CVE concerns xNBD 0.1.0 (xnbd-server and xNBD wrapper); the redirect_stderr function in xnbd_common.c allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/xnbd.log. Affected components are the xnbd-server/xndb-wrapper with the cited version. Impact is defined as l...

CVE-2013-0265

Removed by vendor...

SuSE 11.1 Security Update : PHP5 (SAT Patch Number 6316)

PHP5 was updated with incremental fixes to the previous update : - Additional unsafe cgi wrapper scripts are also fixed now. CVE-2012-2335 - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. CVE-2012-2336 %NASLMINLEVEL 70300 C Tenable Network...

SuSE 11.1 / 11.2 Security Update : zypper (SAT Patch Numbers 6527 / 6528)

The following issue has been fixed : - The zypper setuid wrapper linked against libzypp. This is not needed and added unnecessary attack vectors. CVE-2012-0420 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)

PHP5 was updated with incremental fixes to the previous update. - Additional unsafe cgi wrapper scripts are also fixed now. CVE-2012-2335 - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. CVE-2012-2336 - heap-based buffer overflow in php's ph...

CVE-2013-0757

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to...

Design/Logic Flaw

The Chrome Object Wrapper COW implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an object, which allows remote attackers to...