Lucene search
K

54 matches found

Positive Technologies
Positive Technologies
added 2013/01/09 12:0 a.m.7 views

PT-2013-2058 · Microsoft · Xml Core Services +2

Name of the Vulnerable Software and Affected Versions: Microsoft XML Core Services versions 4.0 through 6.0 Description: A remote code execution issue exists due to improper parsing of XML content, allowing attackers to execute arbitrary code via a crafted web page. This may corrupt memory,...

9.3CVSS7.5AI score0.31574EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2012/09/10 12:0 a.m.26 views

Slackware: Security Advisory (SSA:2008-324-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.5AI score0.04051EPSS
Exploits1References2
Microsoft KB
Microsoft KB
added 2012/05/08 10:34 p.m.569 views

MS10-041: Vulnerabilities in the Microsoft .NET Framework that could allow tampering

Resolves a vulnerability in the Microsoft .NET Framework that could allow tampering in signed XML content without being detected.Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with...

5CVSS0.2AI score0.06348EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/05/13 12:0 a.m.87 views

Adobe Flash Media Server < 3.5.6 / 4.0.2 Multiple Vulnerabilities (APSB11-11)

The version of Adobe Flash Media Server running on the remote host is earlier than version 3.5.6 or 4.0.2. Such versions are potentially affected by the following vulnerabilities : - The server is affected by a memory corruption issue due to a race condition in the TLS extension code provided by...

7.6CVSS8.2AI score0.22145EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2010/06/09 12:0 a.m.61 views

MS10-041: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)

A data tampering vulnerability exists in the Microsoft .NET Framework that could allow an attacker to tamper with signed XML content without being detected. In custom applications, the security impact depends on the specific usage scenario. Scenarios in which signed XML messages are transmitted...

5CVSS7.5AI score0.06348EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2010/04/12 12:0 a.m.40 views

Ubuntu 9.10 : firefox-3.5, xulrunner-1.9.1 vulnerabilities (USN-921-1)

Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking...

10CVSS8.9AI score0.07054EPSS
Exploits4References10
Ubuntu
Ubuntu
added 2010/04/09 9:22 p.m.65 views

USN-921-1: Firefox 3.5 and Xulrunner vulnerabilities

Martijn Wargers, Josh Soref, Jesse Ruderman, and Ehsan Akhgari discovered flaws in the browser engine of Firefox. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking...

10CVSS8.9AI score0.07054EPSS
Exploits4
Prion
Prion
added 2009/06/10 6:0 p.m.20 views

Design/Logic Flaw

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

4.3CVSS6.5AI score0.02619EPSS
Exploits2References12Affected Software2
NVD
NVD
added 2009/06/10 6:0 p.m.22 views

CVE-2009-1700

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

4.3CVSS7AI score0.02619EPSS
Exploits2References12
OSV
OSV
added 2009/06/10 6:0 p.m.6 views

CVE-2009-1700

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

6.4AI score
Exploits0References12
Cvelist
Cvelist
added 2009/06/10 5:37 p.m.33 views

CVE-2009-1700

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

7.4AI score0.02619EPSS
Exploits2References12
CVE
CVE
added 2009/06/10 5:37 p.m.68 views

CVE-2009-1700

The CVE-2009-1700 entry describes a vulnerability in WebKit’s XSLT handling that affects Apple Safari before 4.0, iPhone OS 1.0–2.2.1, and iPhone OS for iPod touch 1.1–2.2.1. The issue is improper processing of redirects, enabling remote attackers to read XML content from arbitrary pages via a cr...

4.3CVSS7.6AI score0.02619EPSS
Exploits2References12Affected Software1
securityvulns
securityvulns
added 2006/05/25 12:0 a.m.25 views

OpenCms version 6.0.x Xml Content Demo search engine Cross site scripting

Version: Tested on: - 6.0.0 - 6.0.2 - 6.0.3 Discovered by: jaime.blascoateazeldot.es http://www.eazel.es Description: Input passed to the search query in the Xml Content Demo search engine isn't properly sanitised. This can be exploited to conduct cross-site scripting attacks. Example:...

1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/01/28 12:0 a.m.16 views

Ximian Evolution < 2.3.8 Inline XML Content-parsing Overflow

Binary data 3388.prm...

5CVSS7AI score0.10765EPSS
Exploits1References4
Rows per page
Query Builder