Lucene search
K

93 matches found

seebug.org
seebug.org
added 2009/11/03 12:0 a.m.35 views

Firefox表单历史信息泄露漏洞

BUGTRAQ ID: 36853 CVECAN ID: CVE-2009-3370 Firefox是一款流行的开源WEB浏览器。 Firefox处理表单历史的方式存在漏洞,恶意网页可以通过合成鼠标焦点、键盘敲击等输入事件窃取保存的表单数据,导致浏览器自动完成表单字段,之后被攻击者读取。 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1922-1)以及相应补丁: DSA-1922-1:New xulrunner packages fix several...

5CVSS0.1AI score0.01983EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/11/02 12:0 a.m.29 views

Mozilla Firefox Multiple Vulnerabilities (Nov 2009) - Linux

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

10CVSS7.2AI score0.28167EPSS
Exploits50References16
CVE
CVE
added 2009/10/29 2:0 p.m.120 views

CVE-2009-3370

CVE-2009-3370 affects Mozilla Firefox before 3.0.15 and, for 3.5.x, before 3.5.4. The flaw lets remote attackers read form history by forging mouse/keyboard events that trigger auto-fill and populate fields with history entries. Impact is attacker-readable form history data via an attacker-contro...

5CVSS5.7AI score0.01983EPSS
Exploits1References7Affected Software1
securityvulns
securityvulns
added 2009/10/28 12:0 a.m.67 views

Mozilla Foundation Security Advisory 2009-52

Mozilla Foundation Security Advisory 2009-52 Title: Form history vulnerable to stealing Impact: Moderate Announced: October 27, 2009 Reporter: Paul Stone Products: Firefox Fixed in: Firefox 3.5.4 Firefox 3.0.15 Description Security researcher Paul Stone reported that a user's form history, both...

5CVSS5.9AI score0.01983EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/10/28 12:0 a.m.22 views

RHEL 4 / 5 : firefox (RHSA-2009:1530)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1530 advisory. Mozilla Firefox is an open source Web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. nspr provides the...

10CVSS8AI score0.28167EPSS
Exploits55References25
CVE
CVE
added 2008/07/30 5:0 p.m.39 views

CVE-2008-3370

The CVE-2008-3370 entry documents a SQL injection vulnerability in the EMC Centera Universal Access (CUA) 4.0_4735.p4, specifically in the CUA Login Module. The vulnerability allows remote attackers to execute arbitrary SQL commands through the user name field in the login form. According to NVD,...

7.5CVSS8.4AI score0.01175EPSS
Exploits0References7Affected Software1
canvas
canvas
added 2007/06/22 6:30 p.m.42 views

Immunity Canvas: SUNBOARD_INCLUDE

Name| sunboardinclude ---|--- CVE| CVE-2007-3370 Exploit Pack| CANVAS Description| SunBoard Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: SunBoard CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3370 CVE Name: CVE-2007-3370...

7.5CVSS0.9AI score0.74528EPSS
Exploits1
CVE
CVE
added 2007/06/22 6:0 p.m.40 views

CVE-2007-3370

Sun Board 1.00.00 Alpha is affected by multiple PHP remote file inclusion vulnerabilities. An attacker can trigger arbitrary PHP code execution by supplying a URL via either (1) sunPath to include.php or (2) dir to skin/board/default/doctype.php. The NVD/CVE records consistently describe these ve...

7.5CVSS7.7AI score0.74528EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2006/07/06 8:0 p.m.35 views

CVE-2006-3370

Blueboy 1.0.3 stores bb_news_config.inc under the web document root with insufficient access control, enabling remote attackers to read sensitive information including the database configuration. Affected software: Blueboy 1.0.3. Root cause: inadequate access control on web-root files exposing bb...

5CVSS6.9AI score0.01351EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2005/10/29 7:0 p.m.61 views

CVE-2005-3370

The CVE-2005-3370 entry concerns ArcaVir 2005 package (vulnerable as of 2005-06-21). It describes a body of code that mishandles file type interpretation when encountering a file containing an MZ magic byte sequence in content such as BAT, HTML, or EML, causing the file to be treated as a safe ty...

5.1CVSS6.8AI score0.01352EPSS
Exploits0References5Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.6 views

CVE-2026-3370

CVE-2026-3370 entry is rejected and not used; this CVE ID does not represent an active vulnerability.

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.29 views

CVE-2023-3370

CVE-2023-3370 is rejected/not used; this CVE ID does not represent an active vulnerability entry.

6.8AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.26 views

CVE-2026-3370

...

Exploits0
Rows per page
Query Builder