Showing 1 - 3 of 3

Files Date: 2007-11-10

Debian Linux Security Advisory 1406-1: Posted Nov 10, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1406-1 - Several remote vulnerabilities have been discovered in the Horde web application framework. Moritz Naumann discovered that Horde allows remote attackers to inject arbitrary web script or HTML in the context of a logged in user (cross site scripting). Moritz Naumann discovered that Horde does not properly restrict its image proxy, allowing remote attackers to use the server as a proxy. Marc Ruef discovered that Horde allows remote attackers to include web pages from other sites, which could be useful for phishing attacks. iDefense discovered that the cleanup cron script in Horde allows local users to delete arbitrary files.; tags | advisory, remote, web, arbitrary, local, vulnerability, xss; systems | linux, debian; advisories | CVE-2006-3548, CVE-2006-3549, CVE-2006-4256, CVE-2007-1473, CVE-2007-1474; SHA-256 | a8b2426df5dfc5c5fced97b3a1b4d36d91eefef3c7fb03377def712c4ec26d17; Download | Favorite | View

Debian Linux Security Advisory 1405-1: Posted Nov 10, 2007; Authored by Debian | Site debian.org; Debian Security Advisory 1405-1 - It was discovered that Plone, a web content management system, allows remote attackers to execute arbitrary code via specially crafted web browser cookies.; tags | advisory, remote, web, arbitrary; systems | linux, debian; advisories | CVE-2007-5741; SHA-256 | 1936591490d4ba176fbd6f30549f59a2e90f8563ff20ca2609dfd1e68267d95b; Download | Favorite | View

adobe-cdpfr.txt: Posted Nov 10, 2007; Authored by Antonio Parata | Site ictsc.it; Canonicalization issues in Adobe Macromedia Flash Player version 9.0 r31 allow for the manipulation of the cross domain policy file source.; tags | advisory; SHA-256 | 87de7baafc1ba6b87ba85639942cf7f8fa75ef6b7d153a6b96995dfb7d594a4a; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days