|
294731
|
- |
|
apple
|
safari
|
Apple Safari 4.0.3 does not properly block javascript: and data: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors rel…
|
CWE-79
Cross-site Scripting
|
CVE-2009-3016
|
2017-09-19 10:29 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294732
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 6 on Windows XP SP2 and SP3, and Internet Explorer 7 on Vista, allows remote attackers to cause a denial of service (application crash) via JavaScript code that calls crea…
|
CWE-94
Code Injection
|
CVE-2009-3019
|
2017-09-19 10:29 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294733
|
- |
|
pidgin
|
pidgin
|
Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM.
|
NVD-CWE-noinfo
|
CVE-2009-3025
|
2017-09-19 10:29 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294734
|
- |
|
pidgin
|
pidgin
|
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3026
|
2017-09-19 10:29 |
2009-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294735
|
- |
|
ibm
|
lotus_notes_connector
|
A certain ActiveX control in lnresobject.dll 7.1.1.119 in the Research In Motion (RIM) Lotus Notes connector for BlackBerry Desktop Manager 5.0.0.11 allows remote attackers to cause a denial of servi…
|
NVD-CWE-noinfo
|
CVE-2009-3038
|
2017-09-19 10:29 |
2009-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294736
|
- |
|
opera
|
opera_browser
|
Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-i…
|
CWE-310
Cryptographic Issues
|
CVE-2009-3044
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294737
|
- |
|
opera
|
opera_browser
|
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via …
|
CWE-20
Improper Input Validation
|
CVE-2009-3048
|
2017-09-19 10:29 |
2009-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294738
|
- |
|
absoluteanime
|
prime_quick_style
|
SQL injection vulnerability in root/includes/prime_quick_style.php in the Prime Quick Style addon before 1.2.3 for phpBB 3 allows remote authenticated users to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2009-3052
|
2017-09-19 10:29 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294739
|
- |
|
jvitals
|
com_agora
|
Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the a…
|
CWE-22
Path Traversal
|
CVE-2009-3053
|
2017-09-19 10:29 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294740
|
- |
|
artetics
|
com_artportal
|
SQL injection vulnerability in the Artetics.com Art Portal (com_artportal) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the portalid parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2009-3054
|
2017-09-19 10:29 |
2009-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
