|
261861
|
- |
|
apple
|
safari
|
Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context…
|
CWE-287
Improper Authentication
|
CVE-2009-2062
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261862
|
- |
|
opera
|
opera_browser
|
Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's cont…
|
CWE-287
Improper Authentication
|
CVE-2009-2063
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261863
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox 3.0.10, and possibly other versions, detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary we…
|
CWE-287
Improper Authentication
|
CVE-2009-2065
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261864
|
- |
|
apple
|
safari
|
Apple Safari detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by…
|
CWE-287
Improper Authentication
|
CVE-2009-2066
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261865
|
- |
|
opera
|
opera
|
Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, b…
|
CWE-287
Improper Authentication
|
CVE-2009-2068
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261866
|
- |
|
cisco
|
wrt160n
|
Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and firmware 1.02.2 allows remote attackers to hijack the authentication of other users for unspecified r…
|
CWE-352
Origin Validation Error
|
CVE-2009-2073
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261867
|
- |
|
llnl
|
slurm
|
Simple Linux Utility for Resource Management (SLURM) 1.2 and 1.3 before 1.3.14 does not properly set supplementary groups before invoking (1) sbcast from the slurmd daemon or (2) strigger from the sl…
|
CWE-255
Credentials Management
|
CVE-2009-2084
|
2017-08-17 10:30 |
2009-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261868
|
- |
|
ibm
|
websphere_application_server
|
The Security component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5 does not properly handle use of Identity Assertion with CSIv2 Security, which allows remote…
|
CWE-287
Improper Authentication
|
CVE-2009-2085
|
2017-08-17 10:30 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261869
|
- |
|
ibm
|
websphere_application_server
|
The Web Services functionality in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, in certain circumstances involving the ibm-webservicesclient-bind.xmi file and cus…
|
CWE-255
Credentials Management
|
CVE-2009-2087
|
2017-08-17 10:30 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
261870
|
- |
|
ibm
|
websphere_application_server
|
The Servlet Engine/Web Container component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.25 and 7.0 before 7.0.0.5, when SPNEGO Single Sign-on (SSO) and disableSecurityPreInvokeOnFilters…
|
CWE-287
Improper Authentication
|
CVE-2009-2088
|
2017-08-17 10:30 |
2009-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
