A cross site scripting vulnerability has been found in Cisco Security Monitoring, Analysis and Response System. The issue is due to the input passed via several fields (eg: isnowLatency) to the /Query/NewQueryResult.jsp page are not properly sanitised before being returned to the user. Other pages could be affected by this issue.
a744cb9f4e5080fb1ab9d2c85ce572685f55379db22e423d3575ad8d31beec81Skype for Linux versions 1.1.0.20 and below suffer from an insecure file creation vulnerability.
47b681d17011e6d565005913e8579e6115966ca07ef03bd0d957315db012ca88Multiple problems exist on support.msn.com, permitting to a possible attacker to conduct phishing attacks against a user.
73be9442c86ee5ea2be804b72d2cf52f4441182605f16d4c1aa0138aab4795eaWine versions 2005021 and below are susceptible to an insecure /tmp file creation flaw.
86742930b5f70ab2a1840474db279a3dfdac3bd9bc514d58f39b9d20445df058A problem exists in some browsers where, via Content-Type spoofing, forcing a user to open a page and bypass the security zone is possible, allowing for execution of javascript in a local context. Software affected: Firefox 1.0, Mozilla 1.7.x, Opera 7.51 through 7.54.
32c5845192482a7e04911f447281b817140ad0a684b4da5bae23f0e045f6049bOpera for Linux has a flaw that allows remote users to execute arbitrary shell commands via the kfmclient default setting for file viewing.
6e830b38ac586e07e969fb71a81ff3acc17f353b8575b8b7d48c8adc5a1efa90Mozilla, Firefox, and Opera appear to allow access to the content from one frame from another, allowing for disclosure of the local directory structure. Tested versions include Firefox 1.0, Mozilla 1.7, and Opera 7.51 through 7.54.
0a0393dbbab84fc2cd6e30254f4fb3548969fc925b9176a7777b5533c92e4d2a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed