93 matches found
Firefox表单历史信息泄露漏洞
BUGTRAQ ID: 36853 CVECAN ID: CVE-2009-3370 Firefox是一款流行的开源WEB浏览器。 Firefox处理表单历史的方式存在漏洞,恶意网页可以通过合成鼠标焦点、键盘敲击等输入事件窃取保存的表单数据,导致浏览器自动完成表单字段,之后被攻击者读取。 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1922-1)以及相应补丁: DSA-1922-1:New xulrunner packages fix several...
Mozilla Firefox Multiple Vulnerabilities (Nov 2009) - Linux
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
CVE-2009-3370
CVE-2009-3370 affects Mozilla Firefox before 3.0.15 and, for 3.5.x, before 3.5.4. The flaw lets remote attackers read form history by forging mouse/keyboard events that trigger auto-fill and populate fields with history entries. Impact is attacker-readable form history data via an attacker-contro...
Mozilla Foundation Security Advisory 2009-52
Mozilla Foundation Security Advisory 2009-52 Title: Form history vulnerable to stealing Impact: Moderate Announced: October 27, 2009 Reporter: Paul Stone Products: Firefox Fixed in: Firefox 3.5.4 Firefox 3.0.15 Description Security researcher Paul Stone reported that a user's form history, both...
RHEL 4 / 5 : firefox (RHSA-2009:1530)
The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1530 advisory. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the...
CVE-2008-3370
The CVE-2008-3370 entry documents a SQL injection vulnerability in the EMC Centera Universal Access (CUA) 4.0_4735.p4, specifically in the CUA Login Module. The vulnerability allows remote attackers to execute arbitrary SQL commands through the user name field in the login form. According to NVD,...
Immunity Canvas: SUNBOARD_INCLUDE
Name| sunboardinclude ---|--- CVE| CVE-2007-3370 Exploit Pack| CANVAS Description| SunBoard Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: SunBoard CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3370 CVE Name: CVE-2007-3370...
CVE-2007-3370
Sun Board 1.00.00 Alpha is affected by multiple PHP remote file inclusion vulnerabilities. An attacker can trigger arbitrary PHP code execution by supplying a URL via either (1) sunPath to include.php or (2) dir to skin/board/default/doctype.php. The NVD/CVE records consistently describe these ve...
CVE-2006-3370
Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, enabling remote attackers to read sensitive information including the database configuration. Affected software: Blueboy 1.0.3. Root cause: inadequate access control on web-root files exposing bb...
CVE-2005-3370
The CVE-2005-3370 entry concerns ArcaVir 2005 package (vulnerable as of 2005-06-21). It describes a body of code that mishandles file type interpretation when encountering a file containing an MZ magic byte sequence in content such as BAT, HTML, or EML, causing the file to be treated as a safe ty...
CVE-2026-3370
CVE-2026-3370 entry is rejected and not used; this CVE ID does not represent an active vulnerability.
CVE-2023-3370
CVE-2023-3370 is rejected/not used; this CVE ID does not represent an active vulnerability entry.
CVE-2026-3370
...