A cross site scripting vulnerability has been found in Cisco Security Monitoring, Analysis and Response System. The issue is due to the input passed via several fields (eg: isnowLatency) to the /Query/NewQueryResult.jsp page are not properly sanitised before being returned to the user. Other pages could be affected by this issue.
a744cb9f4e5080fb1ab9d2c85ce572685f55379db22e423d3575ad8d31beec81
Skype for Linux versions 1.1.0.20 and below suffer from an insecure file creation vulnerability.
47b681d17011e6d565005913e8579e6115966ca07ef03bd0d957315db012ca88
Multiple problems exist on support.msn.com, permitting to a possible attacker to conduct phishing attacks against a user.
73be9442c86ee5ea2be804b72d2cf52f4441182605f16d4c1aa0138aab4795ea
Wine versions 2005021 and below are susceptible to an insecure /tmp file creation flaw.
86742930b5f70ab2a1840474db279a3dfdac3bd9bc514d58f39b9d20445df058
A problem exists in some browsers where, via Content-Type spoofing, forcing a user to open a page and bypass the security zone is possible, allowing for execution of javascript in a local context. Software affected: Firefox 1.0, Mozilla 1.7.x, Opera 7.51 through 7.54.
32c5845192482a7e04911f447281b817140ad0a684b4da5bae23f0e045f6049b
Opera for Linux has a flaw that allows remote users to execute arbitrary shell commands via the kfmclient default setting for file viewing.
6e830b38ac586e07e969fb71a81ff3acc17f353b8575b8b7d48c8adc5a1efa90
Mozilla, Firefox, and Opera appear to allow access to the content from one frame from another, allowing for disclosure of the local directory structure. Tested versions include Firefox 1.0, Mozilla 1.7, and Opera 7.51 through 7.54.
0a0393dbbab84fc2cd6e30254f4fb3548969fc925b9176a7777b5533c92e4d2a