Microsoft Internet Explorer Multiple Vulnerabilities (2360131)

This host is missing a critical security update according to Microsoft Bulletin MS10-071. OpenVAS Vulnerability Test $Id: secpodms10-071.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft Internet Explorer Multiple Vulnerabilities 2360131 Authors: Sooraj KS Copyright: Copyright c 2010 SecPod,...

PT-2010-2537 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 6 through 7 Description: The issue allows remote attackers to obtain sensitive form information via a crafted web site by simulating user interaction with the AutoComplete feature. An attacker could exploi...

CVE-2010-3256

Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors...

Design/Logic Flaw

Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors...

CVE-2010-3256

Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors...

CVE-2010-3256

CVE-2010-3256 corresponds to a Google Chrome issue described as: Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries. The provided sources confirm this vulnerability entry and cite Chrome

CVE-2010-3256

Removed by vendor...

CVE-2010-3256

Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, which has unspecified impact and attack vectors...

Google Chrome < 6.0.472.53 Multiple Vulnerabilities

Binary data 800892.prm...

CVE-2010-2353

The Node Reference module in Content Construction Kit CCK module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and IDs of controlled nodes...

Design/Logic Flaw

The Node Reference module in Content Construction Kit CCK module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, which allows remote attackers to discover titles and IDs of controlled nodes...

SA-CONTRIB-2010-045 - Auto Assign Role - Access bypass

The Auto Assign Role serves three primary purposes. The first is to provide an automatic assignment of roles when a new account is created. The second is to allow the end user the option of choosing their own role or roles when they create their account. The third is to provide paths that will...

autocomplete box in page restrictions finds deleted users, wrong usernames

We recently migrated our user management from JIRA to Crowd, our Confluence instance used to link to JIRA for authentication, and now links to Crowd. We now found that, when editing the restrictions on individual pages, the autocomplete feature in that dialog acts strange: Users that have been...

autocomplete box in page restrictions finds deleted users, wrong usernames

We recently migrated our user management from JIRA to Crowd, our Confluence instance used to link to JIRA for authentication, and now links to Crowd. We now found that, when editing the restrictions on individual pages, the autocomplete feature in that dialog acts strange: Users that have been...

autocomplete box in page restrictions finds deleted users, wrong usernames

We recently migrated our user management from JIRA to Crowd, our Confluence instance used to link to JIRA for authentication, and now links to Crowd. We now found that, when editing the restrictions on individual pages, the autocomplete feature in that dialog acts strange: Users that have been...

CVE-2009-4520

The CCK Comment Reference module 5.x before 5.x-1.2 and 6.x before 6.x-1.3, a module for Drupal, allows remote attackers to bypass intended access restrictions and read comments by using the autocomplete path...

Default credentials

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...

CVE-2009-4197

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...

CVE-2009-4197

rpwizPppoe.htm in Huawei MT882 V100R002B020 ARG-T running firmware 3.7.9.98 contains a form that does not disable the autocomplete setting for the password parameter, which makes it easier for local users or physically proximate attackers to obtain the password from web browsers that support...

CVE-2009-4197

Vulnerability CVE-2009-4197 affects Huawei MT882 devices (ARG-T, firmware 3.7.9.98; V100R002B020). The issue is a web form (rpwizPppoe.htm) that does not disable the password field autocomplete, enabling local or physically proximate attackers to obtain passwords via browsers that support autocom...