|
263161
|
- |
|
activecollab
|
activecollab
|
Cross-site scripting (XSS) vulnerability in A51 D.O.O. activeCollab 0.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-20…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2041
|
2017-08-17 10:30 |
2009-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263162
|
- |
|
libpng
|
libpng
|
libpng before 1.2.37 does not properly parse 1-bit interlaced images with width values that are not divisible by 8, which causes libpng to include uninitialized bits in certain rows of a PNG file and…
|
CWE-200
Information Exposure
|
CVE-2009-2042
|
2017-08-17 10:30 |
2009-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263163
|
- |
|
mozilla
|
firefox
|
nsViewManager.cpp in Mozilla Firefox 3.0.2 through 3.0.10 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to interaction with…
|
CWE-20
Improper Input Validation
|
CVE-2009-2043
|
2017-08-17 10:30 |
2009-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263164
|
- |
|
cisco
|
crs
customer_response_applications
ip_qm
unified_ccx
unified_ip_contact_center_express
unified_ip_ivr
|
Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote a…
|
CWE-22
Path Traversal
|
CVE-2009-2047
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263165
|
- |
|
cisco
|
crs
customer_response_applications
ip_qm
unified_ccx
unified_ip_contact_center_express
unified_ip_ivr
|
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows r…
|
CWE-79
Cross-site Scripting
|
CVE-2009-2048
|
2017-08-17 10:30 |
2009-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263166
|
- |
|
apple
|
safari
|
Apple Safari before 3.2.2 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attack…
|
CWE-287
Improper Authentication
|
CVE-2009-2058
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263167
|
- |
|
google
|
chrome
|
src/net/http/http_transaction_winhttp.cc in Google Chrome before 1.0.154.53 uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a p…
|
CWE-287
Improper Authentication
|
CVE-2009-2060
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263168
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's con…
|
CWE-310
Cryptographic Issues
|
CVE-2009-2061
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263169
|
- |
|
apple
|
safari
|
Apple Safari before 3.2.2 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context…
|
CWE-287
Improper Authentication
|
CVE-2009-2062
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263170
|
- |
|
opera
|
opera_browser
|
Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's cont…
|
CWE-287
Improper Authentication
|
CVE-2009-2063
|
2017-08-17 10:30 |
2009-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
