[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1556 Download | Alert*

The host is missing a important security update according to Microsoft bulletin, MS14-034. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory while parsing specially crafted Office files. Successful exploitation allows attackers to execute arbitrary code.

The host is missing an important security update according to Microsoft security bulletin, MS14-083. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle certain objects in memory while parsing specially crafted Office files. Successful exploitation allows attackers to execute arbitrary code.

The host is missing an important security update according to Apple security advisory, APPLE-SA-2014-05-15-2. The update is required to fix information disclosure vulnerability. A flaw is present in the application, which fails to properly handle Set-Cookie HTTP headers. Successful exploitation could allow attackers to strip security settings from the cookie by forcing the connection to close befo ...

The host is missing a critical security update according to Microsoft bulletin, MS14-022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate certain conditions. Successful exploitation allows attackers to run arbitrary code.

The host is installed with Mozilla Firefox before 24.0 and is prone to a same-origin bypass vulnerability. A flaw is present in the application, which fails to handle a symlink in conjunction with a file: URL for a local file. Successful exploitation could allow attackers to bypass the Same Origin Policy.

The host is missing a security update according to Mozilla advisory, MFSA 2013-87. The update is required to fix an untrusted search path vulnerability. A flaw is present in the application, which fails to handle Trojan horse .so file in a world-writable directory. Successful exploitation could allow attackers to execute arbitrary code.

Mozilla developer Myk Melez reported that with specifically timed page navigation, the doorhanger notification for Web App installation could persist from one site to another without being dismissed by the navigation. This could be used by a malicious site to trick a user into installing an application from one site while making it appear to come from another.

Yazan Tommalieh discovered a flaw that once users have viewed the default Firefox start page (about:home), subsequent pages they navigate to in that same tab could use script to activate the buttons that were on the about:home page. Most of these simply open Firefox dialogs such as Settings or History, which might alarm users. In some cases a malicious page could trigger session restore and cause ...

Security researcher Alex Infuhr reported that on Firefox for Android it is possible to open links to local files from web content by selecting Open Link in New Tab from the context menu using the file: protocol. The web content would have to know the precise location of a malicious local file in order to exploit this issue. This issue does not affect Firefox on non-Android systems.

Firefox for Android includes a Crash Reporter which sends crash data to Mozilla for analysis. Security researcher Roee Hay reported that third party Android applications could launch the crash reporter with their own arguments. Normally applications cannot read the private files of another application, but this vulnerability allowed a malicious application to specify a local file in the Firefox p ...


Pages:      Start    138    139    140    141    142    143    144    145    146    147    148    149    150    151    ..   155

© 2013 SecPod Technologies