» 2016 » 10월

CVE-2016-1592 (identity_manager)

Posted on 2016년 10월 28일2016년 10월 29일 by admin

CVE-2016-1592 (identity_manager)

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.

Source: CVE-2016-1592 (identity_manager)

CVE-2016-1592

Posted on 2016년 10월 28일2016년 10월 28일 by admin

CVE-2016-1592

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI.

Source: CVE-2016-1592

CVE-2015-0787 (identity_manager)

Posted on 2016년 10월 28일2016년 10월 29일 by admin

CVE-2015-0787 (identity_manager)

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.

Source: CVE-2015-0787 (identity_manager)

CVE-2015-0787

Posted on 2016년 10월 28일2016년 10월 28일 by admin

CVE-2015-0787

XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.

Source: CVE-2015-0787

CVE-2016-8506 (yandex_browser)

Posted on 2016년 10월 27일2016년 10월 29일 by admin

CVE-2016-8506 (yandex_browser)

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Source: CVE-2016-8506 (yandex_browser)

CVE-2016-8506

Posted on 2016년 10월 27일2016년 10월 27일 by admin

CVE-2016-8506

XSS in Yandex Browser Translator in Yandex browser for desktop for versions from 15.12 to 16.2 could be used by remote attacker for evaluation arbitrary javascript code.

Source: CVE-2016-8506

CVE-2016-8505 (yandex.browser)

Posted on 2016년 10월 27일2016년 10월 29일 by admin

CVE-2016-8505 (yandex.browser)

XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code.

Source: CVE-2016-8505 (yandex.browser)

CVE-2016-8505

Posted on 2016년 10월 27일2016년 10월 27일 by admin

CVE-2016-8505

XSS in Yandex Browser BookReader in Yandex browser for desktop for versions before 16.6. could be used by remote attacker for evaluation arbitrary javascript code.

Source: CVE-2016-8505

CVE-2016-8504 (yandex_browser)

Posted on 2016년 10월 27일2016년 10월 29일 by admin

CVE-2016-8504 (yandex_browser)

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

Source: CVE-2016-8504 (yandex_browser)

CVE-2016-8504

Posted on 2016년 10월 27일2016년 10월 27일 by admin

CVE-2016-8504

CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile.

Source: CVE-2016-8504